U.S. Authorities Arrest Two Involved in $230M Bitcoin Theft
Two Arrested in $230 Million Bitcoin Theft: Social Engineering Used in Heist, Blockchain Investigator ZachXBT Helps Trace Stolen Funds.
Key Takeaways:
- Two men were arrested by U.S. federal agents for their involvement in a $230 million Bitcoin theft.
- Social engineering tactics were reportedly employed to steal 4,100 Bitcoin from a Genesis creditor.
- Blockchain investigator ZachXBT played a crucial role in tracing the allegedly misappropriated funds.
U.S. federal agents arrested two young men, Malone Lam and Jeandiel Serrano, for orchestrating a sophisticated scheme that involved the theft of 4,100 Bitcoin, valued at approximately $230 million.
The victim, a Washington D.C. resident, was reportedly a creditor of the now-bankrupt cryptocurrency lender Genesis.
The case, filed under number 24-CR-417 by the U.S. Attorney’s Office for the District of Columbia, showcases how the attackers employed advanced social engineering tactics and exploited vulnerabilities in the victim’s security settings.
How the Bitcoin Theft Unfolded: From Spoofing to Swapping
Lam and Serrano devised an elaborate plan to gain access to the victim's Bitcoin wallet by impersonating representatives from Google and Gemini.
They used spoofed phone numbers to convince the victim that their accounts had been compromised, eventually persuading them to reset their two-factor authentication (2FA) settings.
Once the 2FA was disabled, the duo installed screen-sharing software, which gave them access to the victim’s private Bitcoin keys.
Once in control, the duo swiftly transferred the stolen Bitcoin across multiple exchanges, frequently swapping between cryptocurrencies to obfuscate their trail.
Blockchain analysis revealed that about $243 million in stolen crypto was split between several parties and quickly transferred across more than 15 exchanges.
The funds were frequently swapped between various cryptocurrencies, including Litecoin, Ethereum, and Monero.
ZachXBT’s Role in the Investigation
ZachXBT was instrumental in unraveling the complex web of transactions that followed the theft.
In a series of X posts, ZachXBT outlined how they traced the laundering process, noting critical mistakes the suspects made, such as linking stolen funds to purchases of luxury goods.
The investigation, in collaboration with crypto forensic teams like zeroShadow and Binance’s security unit, led to the freezing of $9 million in stolen funds and the recovery of over $500,000 for the victim.
ZachXBT also revealed that the suspects were apprehended after making large transfers during the final stages of laundering.
Law enforcement also linked them to a cluster of Ethereum addresses that had received over $41 million in recent weeks. The suspects' extravagant lifestyle following the heist ultimately contributed to their downfall. Lam and Serrano indulged in high-end cars, watches, and designer clothes.
The duo rented luxurious homes in Miami and Los Angeles while evading authorities.
Despite their efforts to conceal their activities, blockchain investigators and federal agents were able to track their movements, leading to their eventual arrest.
The case remains active, with ZachXBT continuing to provide updates as more funds are traced.
Notably, this arrest occurred when investigators and analysts from five countries met in Brisbane, Australia, to share best practices for combating cybercrime.
The global collaboration underscores the growing sophistication of cryptocurrency-related investigations as law enforcement agencies aim to stay ahead of criminal actors rapidly adopting new technologies.