In a big development related to cryptocurrency crimes, two accused were taken into custody from Miami on charges of allegedly stealing and laundering over $230M Bitcoin Theft. The suspects, 20-year-old Malone Lam, aka “Greavys” and “Anne Hathaway,” along with 21-year-old Jeandiel Serrano, aka “Box” and “VersaceGod,” have been charged with conspiracy for stealing from and laundering cryptocurrency assets using exchanges and mixing services.
The August hack initially stole more than 4,100 Bitcoins from a victim in Washington D.C., with valuations of the affected stolen digital assets well in excess of $230 million at the time. This incident is among the most high-profile cryptocurrency thefts to have occurred in recent years and speaks volumes about how cunningly and elaborately some crypto-crime operations occur.
The Heist: Stealing Over $230 Million in Bitcoin
According to the court document, Lam and Serrano, with the help of their co-conspirators, accessed the cryptocurrency accounts and promptly transferred the funds into crypto wallets controlled by them. In an effort to launder the ill-gotten digital currency, the defendants employed crypto mixers, peel chains, and virtual private networks-VPNs-for concealing their tracks.
Crypto mixers are services that scramble cryptocurrency between users, making it more difficult for any entity to trace the funds back to their origins. Such utilities have already turned into some kind of panacea for cybercriminals looking for ways to mask the sources of stolen funds 【Kaspersky: Crypto Mixers Guide】.
Aside from mixers, the duo utilized crypto exchanges to move the stolen Bitcoin and convert it into other digital assets like Litecoin, Ethereum, and Monero, known as a supposedly untraceable cryptocurrency. Finally, despite the suspects’ attempts to mask their identities and their transactions, detectives discovered the operation using blockchain analytical software.
Mansion Living and Wild Spending: Porsches, Rolexes, and Nightclubs
After securing the embezzled Bitcoin, the suspects went on a spending spree. Still, they spent a pretty large sum of money on foreign trips, expensive watches and cars, designer handbags, and highly frequent night outs in Miami and Los Angeles. Their social media accounts and those of their friends made revealing the locations vital for law enforcement to catch them.
Geo-location information from Instagram and TikTok postings by the suspects’ friends ultimately led investigators to where the suspects were hanging out and arrested them. So, even though cryptocurrency provides anonymity for digital transactions, showing off the wealth on public platforms got them caught.
Lapses in OPSEC and Investigation
But in trying to stay hidden, they made critical operational security errors that led to their downfall. Their only known suspected conspirator went by the name “Wiz,” with whom they had identified in a screen-sharing session. Following cryptocurrency wallets identified as being used by Serrano and Wiz, investigators found over $41 million in transactions that had been moved through several exchanges.
Posing as an investigator of cryptocurrency fraud, ZachXBT-who goes by the name ZachX on Twitter-played a crucial role in assisting the FBI track the suspected individuals. “The group first impersonated the victims as customer support representatives for exchanges such as Gemini and Google to attempt to convince the victims to allow screensharing that would compromise sensitive information including private keys.
The suspects bypassed 2FA of the victims and accessed their Bitcoin Core wallets, subsequently transferring the funds to different exchanges. From the tracing in the initial report by ZachXBT, it can be evidenced that the stolen funds were divided within a short period of time among different actors flowing over the various exchanges to be swapped back and forth between Bitcoin, Litecoin, Ethereum, and Monero 【Crypto Swapping in Exchanges】.
The Arrest and Aftermath
Eventually, after a string of flashy purchases, the spending sprees of Lam and Serrano led the FBI to their doors. Using VPNs and privacy coins to keep the transactions private wasn’t enough to evade law enforcement; the complications involved in their laundering schemes did little to throw investigators off the scent.
Investigations have continued by the FBI, and as the information sets in, it may turn out that more suspects could be identified. Since this case is high-profile in nature, discussions of cryptocurrency exchange security and broader cybercrime concerning digital assets have been resumed.
More News: Crypto News