Suspects Arrested in $230 Million Crypto Theft

In September 2024, two suspects, Malone Lam and Jeandiel Serrano, were arrested in Miami and charged with conspiracy to steal over $230 million in cryptocurrency. The theft targeted a creditor of the bankrupt cryptocurrency exchange Genesis. The operation involved social engineering, spoofed support calls, and complex cryptocurrency laundering methods. The stolen funds were used to fuel luxury lifestyles, with significant amounts laundered through mixers and pass-through wallets. The FBI, with assistance from crypto investigator ZachXBT, was able to track and arrest the culprits after they made critical operational security (OPSEC) errors.

Two suspects, Malone Lam and Jeandiel Serrano, were arrested in Miami for orchestrating a $230 million cryptocurrency theft, targeting a creditor of the bankrupt Genesis exchange. Using advanced social engineering tactics and crypto mixers to launder funds, they transferred over 4,100 Bitcoin before making critical operational mistakes that led to their capture by the FBI. This is but one of the many types of investment fraud we have come across, if you are interested in learning more about investment crypto scams, feel free to have a gander at our other content.

• Defendants: Malone Lam (20, aliases: Greavys, Anne Hathaway, $$) and Jeandiel Serrano (21, aliases: Box, VersaceGod, @SkidStar).
• Crime: Cryptocurrency theft and laundering using crypto mixers, exchanges, and pass-through wallets.
• Amount Defrauded: Over 4,100 Bitcoin, valued at $230 million.
• Method: Gained unauthorized access to victims' cryptocurrency accounts through social engineering, then transferred the funds to wallets under their control. They laundered funds through a mix of peel chains, VPNs, and crypto mixers.
• Sentence: The case is ongoing, with Lam and Serrano facing charges of fraud and conspiracy.
• Investigation: FBI, IRS-CI, and blockchain investigators, including ZachXBT.
• Additional Penalties: Not yet sentenced, but potential restitution and asset forfeiture expected.
• Plea: No plea recorded as of September 2024.
• Prosecutor's Statement: Highlights of the breach of trust and sophisticated nature of the operation, with a significant impact on victims' financial stability.

In August 2024, Lam and Serrano launched an attack targeting a Genesis creditor, stealing over 4,100 Bitcoin by compromising their accounts. Using fake Google and Gemini customer support calls, they obtained control over the victim’s accounts through unauthorized 2FA resets and AnyDesk remote access software. The stolen funds were immediately laundered via peel chains across 15+ exchanges, moving between Bitcoin, Ethereum, and Monero wallets. In September 2024, after multiple spending sprees and critical OPSEC mistakes, the FBI arrested the two suspects in Miami. Their arrest followed weeks of monitoring social media posts and luxury purchases, which provided investigators with the necessary evidence to pinpoint their locations.

In September 2024, Malone Lam and Jeandiel Serrano were arrested in Miami after orchestrating a $230 million cryptocurrency heist involving over 4,100 Bitcoin. Using a blend of social engineering, fake support calls, and remote access tools, they managed to compromise a Washington D.C.-based creditor of Genesis, a bankrupt cryptocurrency exchange. After stealing the funds, they laundered the cryptocurrency through a series of sophisticated techniques, including crypto mixers and peel chains, to evade detection. Despite their best efforts, OPSEC mistakes and conspicuous spending on luxury goods led the FBI to track and apprehend them. With the assistance of crypto investigator ZachXBT and multiple federal agencies, the suspects now face fraud and money laundering charges, highlighting the growing risk and complexity of cryptocurrency-related crimes.

A hardware wallet could have prevented this theft by ensuring the private keys remained offline and inaccessible via remote access tools like AnyDesk.

Top hardware wallets that could have helped protect against this theft:

1. Ledger Nano X: With Bluetooth connectivity and secure offline storage, this hardware wallet prevents unauthorized remote access to private keys, which could have stopped the attackers from compromising the victim’s assets.
2. Trezor Model T: With its open-source firmware and physical PIN entry, it offers an added layer of security by requiring physical confirmation of transactions, blocking unauthorized software-based access like the methods used in this scam.
3. SafePal S1: This wallet's air-gapped signing mechanism, which ensures private keys never come into contact with the internet, would have made it impossible for the hackers to gain control of the victim’s funds even after breaching the victim’s online accounts.

Additional Preventative Steps:

• Enable hardware 2FA with physical keys (e.g., Yubikey).
• Regularly update and audit all access points and connected devices.
• Use multi-signature wallets for large sums of cryptocurrency to prevent unilateral access in the case of account compromise.