The case involves a $230 million cryptocurrency theft orchestrated by Malone Lam (age 20) and Jeandiel Serrano (age 21), who were arrested by the FBI after an investigation that spanned multiple jurisdictions. The duo allegedly used social engineering techniques to defraud a victim in Washington, D.C., and laundered the stolen Bitcoin through complex financial schemes.
Malone Lam and Jeandiel Serrano were arrested for a $230 million investment based cryptocurrency scam, where they used social engineering tactics to steal 4,100 Bitcoin. The FBI conducted raids in Miami and Los Angeles, uncovering how the stolen funds were laundered and spent on luxury items and properties. The duo now faces charges of wire fraud and money laundering.
Malone Lam (aka "Anne Hathaway" and "$$$"), a Singaporean who splits time between Miami and Los Angeles.
Jeandiel Serrano (aka "VersaceGod" and "@SkidStar"), from Los Angeles.
Theft and laundering of 4,100 Bitcoin, valued at over $230 million.
Victim targeted in Washington, D.C..
The criminals used social engineering tactics, including spoofing calls from Google support and cryptocurrency exchange Gemini, to convince the victim to reset two-factor authentication, thereby gaining access to the Bitcoin.
They employed “peel chains”, a technique where large sums of cryptocurrency are broken into smaller transactions, making them difficult to trace.
Use of VPNs, pass-through wallets, and mixing services to obscure the movement of stolen funds.
Lavish lifestyles, including luxury cars (Maseratis and Lamborghinis), designer jewelry, handbags, and high-end rental properties in Miami and Los Angeles.
Visits to exclusive nightclubs and expensive travel destinations.
Lam and Serrano were charged with conspiracy to commit wire fraud and money laundering.
They made their initial appearances in U.S. District Courts in Miami and Los Angeles.
The case is ongoing, with further legal proceedings expected.
August 2024:
The scheme began, with Lam and Serrano contacting the victim in Washington, D.C., and using fraudulent methods to steal 4,100 Bitcoin.
The fraud was executed through social engineering and spoofing tactics to bypass security measures.
September 2024:
The stolen cryptocurrency was laundered through various exchanges and mixing services to obscure its origins.
The pair started spending the proceeds on high-end items and travel, drawing attention from law enforcement.
September 18-20, 2024:
The FBI conducted a coordinated raid on luxury properties in Miami and Los Angeles, arresting Lam and Serrano.
Their extravagant spending, including luxury rentals and high-end purchases, led to their capture.
September 20, 2024:
Federal indictments were unsealed, charging the pair with wire fraud and money laundering.
Two individuals, Malone Lam and Jeandiel Serrano, were arrested for orchestrating a sophisticated cryptocurrency scam that defrauded a victim in Washington, D.C., of 4,100 Bitcoin—worth over $230 million. They employed social engineering techniques, including spoofing phone calls from Google and Gemini support, to gain access to the victim’s funds. The stolen cryptocurrency was laundered through mixers, peel chains, and VPNs to obscure its origins. The proceeds were spent on luxury items, including high-end cars, jewelry, and lavish rental properties in Miami and Los Angeles. The FBI conducted a raid, arresting both individuals. They now face charges of conspiracy to commit wire fraud and money laundering, with the investigation still ongoing.
Social Engineering:
Lam and Serrano used spoofed phone numbers to impersonate tech support from companies like Google and Gemini.
They convinced the victim to reset two-factor authentication, allowing the attackers to transfer the cryptocurrency to their own wallets.
Laundering Techniques:
Peel Chains: The stolen Bitcoin was broken into smaller transactions and laundered through several cryptocurrency exchanges.
Mixing Services: These services helped obscure the origins of the funds by mixing the stolen assets with legitimate ones.
VPNs & Pass-Through Wallets: These tools were used to further hide their digital footprint, making the stolen cryptocurrency harder to trace.
Entity Related Search Terms
Malone Lam Anne Hathaway, $$$, Miami
Jeandiel Serrano VersaceGod, @SkidStar, Los Angeles
FBI Miami raid, Los Angeles raid
Genesis Defunct trading firm, creditor fraud
Google Spoofed calls, two-factor bypass
Gemini Account hacked, crypto exchange
ZachXBT Blockchain investigator
Peel Chains Crypto laundering technique
Washington D.C. Victim location, $230 million fraud
Miami Shores, Florida FBI raid, luxury mansion
How Hardware Wallets Could Have Helped:
If the victim had used a hardware wallet to store their Bitcoin, the attackers would not have been able to access the funds remotely via social engineering tactics like spoofed support calls or bypassing two-factor authentication. Hardware wallets provide offline storage, making it significantly harder for hackers to exploit through online attacks.
Top 3 Wallets:
Ledger Nano X:
Why: Provides robust offline storage with multiple layers of security, including PIN and passphrase protection, which would have mitigated the risk of remote hacks. - you can read our review here!
Trezor Model T:
Why: Offers cutting-edge protection features, including encryption for private keys, making it nearly impossible for hackers to access funds without physical possession of the device.
Coldcard Wallet:
Why: Specialized in Bitcoin, Coldcard offers full air-gapped signing, which would have prevented any external access to the victim’s Bitcoin.
Additional Preventative Steps:
Avoid using SMS-based two-factor authentication: Use hardware-based solutions like Yubikey.
Regularly monitor account access logs for suspicious activities.
Educate on social engineering attacks to be aware of phishing attempts like spoofed support calls.
