U.S. Justice Department Seizes $9M in Crypto from Romance Scam Ring

On November 21, 2023, the U.S. Justice Department announced a significant disruption in cybercrime activities, seizing nearly $9 million in Tether (USDT) from an international scam organization. This organization was involved in executing romance scams and cryptocurrency confidence scams, infamously known as “pig butchering.”

The scam network targeted over 70 victims across the United States, luring them with fake investment opportunities through non-existent trading platforms. Acting Assistant Attorney General Nicole M. Argentieri stated that this operation aimed at deceiving ordinary investors, leaving them with substantial financial losses. The U.S. Secret Service’s thorough analysis and tracing of cryptocurrency transactions were instrumental in identifying and seizing the fraudulent funds. These funds were quickly laundered through multiple cryptocurrency addresses and exchanged across various digital currencies, a tactic known as “chain hopping.”

The successful seizure is a result of the collaborative efforts between the Justice Department and the U.S. Secret Service. U.S. Attorney Ismail J. Ramsey emphasized the department’s commitment to justice for fraud victims, particularly in prominent cryptocurrency hubs like Silicon Valley. Special Agent in Charge Shawn Bradstreet of the USSS San Francisco Field Office reaffirmed the agency’s dedication to protecting the financial security of U.S. citizens.

The USSS San Francisco Field Office led the investigation, with Trial Attorney Georgiana MacDonald and Assistant U.S. Attorneys Chris Kaltsas and Galen Phillips managing the case and related forfeiture actions. Additionally, Tether’s cooperation in transferring the seized assets was acknowledged by the department.

Victims of cryptocurrency scams are encouraged to report incidents to the FBI’s Internet Crime Complaint Center (IC3) and the Federal Trade Commission’s (FTC) Consumer Sentinel Network.

This seizure is part of a broader effort by U.S. authorities to combat cryptocurrency-related fraud and crime. The U.S. government has previously demonstrated its capability to recover illegal funds in similar scenarios, such as the seizure of about 70,000 Bitcoins connected to the Silk Road in 2020. An October report by 21.co indicated that the U.S. government holds over $5 billion in seized cryptocurrency assets.

The Justice Department’s recent seizure of $9 million in Tether underscores the U.S. government’s ongoing commitment to combating cyber-enabled financial fraud and protecting investors. This case serves as a cautionary tale about the risks associated with cryptocurrency investments and the importance of vigilance in the digital finance landscape.

Image source: Shutterstock


Tagged : / / / / / / / /

Binance Collaborates with Royal Thai Police to Disrupt Criminal Networks

Binance has recently come into collaboration with the Royal Thai Police to aid in the disbanding of major crypto fraudulent networks in Thailand, according to Binance official blog. Through two significant operations, the collaborative efforts have led to the arrest of key culprits and substantial asset seizures. These efforts are reflective of Binance’s proactive stance against cybercrimes and its commitment towards enhancing the security within the digital asset ecosystem.

The Binance Investigations team worked closely with Thai law enforcement, responding to requests for assistance in cybercrime investigations, prosecutions, and asset seizures. In a notable instance, a joint effort between the Cyber Crime Investigation Bureau (CCIB) of the Royal Thai Police, Binance, and the U.S. Homeland Security Investigation (HSI) successfully dismantled a criminal ring involved in a significant pig butchering scam affecting thousands in Thailand. Leveraging intelligence from Binance and HSI, the CCIB arrested five principal members of the criminal group and seized assets valued at around THB 10 billion ($277M), encompassing luxury cars, homes, land, and other high-value items. Since the crackdown, over 3,200 victims have come forward seeking compensation for their losses.

In another operation, Binance played a critical role in the takedown of a large-scale crypto scam operated by transnational criminal networks. The probe led to the apprehension of suspects across 30 locations in Bangkok, Samut Prakan, and Udon Thani provinces, with more than 200 officers from the Central Investigation Bureau (CIB) involved. Binance not only provided vital intelligence to the police but also sent an investigator to Thailand to aid in the acquisition of an arrest warrant. This mission led to the seizure of illicit assets, including 16 luxury residences, 12 top-tier vehicles, and THB 16M ($440,000) in cash.

The collaborative law enforcement initiatives underscore Binance’s drive to combat cybercrime, bolster the Web3 ecosystem’s security, and ensure global regulatory compliance. Over the last three years, Binance has significantly ramped up its investments in compliance, boasting a global compliance and investigations team comprised of industry veterans. The concerted efforts with the Royal Thai Police reiterate the importance of cross-border collaboration in the fight against cybercrime, emphasizing the mutual commitment towards user protection and cybersecurity advancement.

Image source: Shutterstock


Tagged : / / / / / /

Man Sentenced to Prison for Stealing Bitcoin from Silk Road

The United States Attorney’s Office for the Southern District of New York has announced the sentencing of James Zhong, an individual who pleaded guilty to wire fraud charges connected to unlawfully obtained Bitcoin from the Silk Road marketplace in 2012. Zhong was sentenced to one year and one day in prison for charges related to executing a scheme to steal more than 51,680 Bitcoin.

According to U.S. Attorney Damian Williams, cyber-criminals should heed this message: we will follow the money and hold you accountable, no matter how sophisticated your scheme and no matter how long it takes. Zhong managed to conceal his crime for roughly 10 years before facing charges, but U.S. authorities were able to seize the Bitcoin holdings from his home in the state of Georgia in November 2021. The bulk of the crypto was found in a floor safe and a computer concealed in a popcorn tin. The coins were worth roughly $3.4 billion at the time.

The Silk Road marketplace, defunct for roughly 10 years, allowed users to buy and sell illicit goods such as weapons and stolen credit card information, drawing the attention of U.S. authorities. The creator of the platform, Ross Ulbricht, was arrested in 2013 and is currently serving two life sentences without the possibility of parole.

Cybercrime has become a growing problem in recent years, with the rise of digital currencies such as Bitcoin providing new opportunities for criminals to commit fraud and theft. Silk Road was one of the most high-profile cases of illegal activity using Bitcoin, and the U.S. government has made it clear that it will not tolerate such crimes.

The sentencing of James Zhong sends a strong message to cybercriminals that they will not be able to hide from the law forever. As technology continues to advance, law enforcement agencies are becoming increasingly sophisticated in their methods for tracking down and prosecuting those who commit cybercrime.

However, the case also highlights the challenges of dealing with digital currencies, which can be difficult to trace and recover once they have been stolen. The seizure of Zhong’s Bitcoin holdings is a rare example of a successful recovery of stolen cryptocurrency, and it remains to be seen whether similar cases will be as successful in the future.

In the meantime, the U.S. government is likely to continue to pursue cybercriminals who use digital currencies to commit fraud and theft. The case of James Zhong is a reminder that the law is catching up with those who seek to exploit new technologies for criminal purposes.


Tagged : / / / / /

FTX Officials Says the Exchange Has Been Compromised by Hackers

The collapse of the FTX exchange has been received by shock amongst crypto users and industry experts. A recent news update has revealed that the FTX exchange was compromised by hackers.


FTX Telegram admin gave the report on Telegram while warning customers not to open the FTX website because it has been hijacked by scammers. The admin initially stated that funds were removed from the website, but that statement has been retrieved. The admin, however, hinted that some funds were retrieved.

Rynes Miller, a General Counsel at FTX.US has commented following the alleged hack on the FTX exchange.

He stated on Twitter that the examination of unusual wallet movement patterns associated with the consolidation of foreign exchange accounts across exchanges is uncertain because facts as regards moves are not clear. He, however, promised to share more information if anything surfaces.

While there is not much information on the current situation of FTX, some users have commented that they can no longer log into FTX applications and websites. Others have also commented that their wallet balance is showing 0. 

The news is coming shortly after FTX promised to resume withdrawals on Ethereum (ETH) on Friday. “Matic – if you would like to withdraw Matic please cancel your withdrawal and request it as erc20 Matic”, as announced on the FTX Twitter page.

FTX Files for Bankruptcy

FTX has announced filing for bankruptcy protection in the United States following its financial situation. Around 130 additional associated businesses were listed in the bankruptcy petition, including FTX US and Alameda Research, the trading firm for the exchange. This was announced shortly after Sam Bankman-Fried resigned as the CEO of FTX.

The new CEO of FTX, John J. Ray III stated on Twitter that the file for bankruptcy in the U.S. is necessary at the moment so that FTX can assess its current situation and proffer solutions on how stakeholders can revolver their funds.

Ray also highlighted that FTX possesses important assets that can only be managed profitably through a planned, collaborative process.

Image source: Shutterstock


Tagged : / / /

DeFi Platform DFX Finance Says it Has Been Hacked for $7.5M

DFX Finance, a stablecoin trading platform that is backed by Polychain Capital and True Ventures has confirmed that it has been hacked for $7.5 million.


The trading platform said the exploit started around 7:21 PM UTC on Thursday and that it was notified of the exploits about 20 – 30 minutes after the first transaction was initiated.

DFX Finance said it took a proactive stance to halt the operations of its smart contracts in order to contain the attack. By reason of its intervention, the hacked protocol said the attacker was unable to move all of the stolen funds as an MEV bot intercepted as much as $3.2 million of the funds.

The hacker however bolted with some funds which were sent to Tornado Cash, the crypto-mixing service that was sanctioned by the United States Treasury Department. The DFX Finance attacker was able to get his hands on the funds based on a vulnerability in its flash loan protocol.

As detailed by BlockSec researchers, the attacker borrowed funds from DFX Finance on the Ethereum blockchain and immediately deposited the funds back using an “insecure callback function.” This tricked the protocol to think the funds have been paid when indeed they had not. 

“When a user borrows money, the protocol should not allow any function calls that can change the balance of the DFX protocol,” BlockSec CEO Yajin Zhou told The Block.

The attacker succeeded in carting away 2,963 ETH (worth about $3.8 million) and some $500,000. DFX Finance said its Polygon pool was not impacted, however, the protocol said once it opened withdrawals, all should try to take advantage of the allowance to get out their funds.

For the umpteenth time, a DeFi protocol has been hacked again, underscoring the call for caution amongst investors and proper security provisions across the board.

Image source: Shutterstock


Tagged : / / / /

Deribit Hackers Turns to Tornado Cash to Launder Stolen Funds

The hacker who exploited the Deribit exchange’s hot wallet has started moving the stolen funds using the sanctioned cryptocurrency mixer Tornado Cash.


According to data from Etherscan, the attacker has sent a total of 1,610 ETH since the exploit amounting to a sum of $2.54 million per the current price of Ethereum pegged at $1,577.84, according to data from CoinMarketCap.


Blockchain security outfit PeckShield was the first to spot the transfers being done as of Saturday with a total of $350,000 moved at the time. According to the Etherscan data, the balance on the hacker’s address is pegged at 7,501.37 ETH, with substantially more funds to launder.

Attempts to trace the funds have now been complicated by the involvement of Tornado Cash. The crypto mixing protocol receives funds, splits them into several units, and cryptographically sends them to unrelated addresses in a manner where the source of the funds can be obfuscated. 

The role Tornado Cash plays in the laundering of stolen funds such as this accounts for why the United States Treasury Department’s Office of Foreign Assets Control (OFAC) has banned the protocol. The regulator alleged that about $7 billion have been processed through the protocol thus far with a significant sum linked to the cybercrime syndicate Lazarus Group from North Korea.

Despite the protests from the crypto industry, the ban on Tornado Cash has been upheld, however, it has not stopped the Deribit exploiter from taking advantage of the shield it provides.

Since Blockchain.News reported the exchange’s $28 million exploit earlier this month, the protocol has taken several initiatives beyond the halting of transactions. The exchange said it has routed its transactions to Foreblocks for its robust security services, advising its users to open new Bitcoin (BTC) and supported altcoin addresses on Fireblocks to continually access its products and services.

Image source: Shutterstock


Tagged : / / /

Deribit Exchange Says its Hot Wallet Was Hacked for $28M

Deribit Exchange has announced that it suffered an exploit on its hot wallet in the late hours of Tuesday, putting the trading platform amongst the list of crypto projects that have suffered a similar fate this year.


Taking to its official Twitter account, to announce the sad event, the exchange said though the quoted loss is true, that its users will not be affected as it will cover up the loss from its deep reserve.

“Deribit hot wallet compromised, but client funds are safe and loss is covered by company reserves. Our hot wallet was hacked for USD 28m earlier this evening just before midnight UTC on 1 November 2022,” the exchange’s tweet reads.

Deribit said besides the hot wallet, no other of its controlled wallets with Fireblocks or other cold storage was impacted. It noted that it has made it a matter of policy to safeguard 99% of its user’s funds in cold storage to reduce the potential impacts of these events.

Deribit is one of the biggest players in the Derivatives world, currently ranked in the 8th position according to data from CoinMarketCap. The exchange said in a bid to perfect its security systems, it had to pause major activities on its platform including withdrawals on its “third-party custodians Copper Clearloop and Cobo until we are confident all is safe to re-open.”

The exchange detailed that it has increased the number of confirmations necessary for deposits and that already initiated deposits will be credited to all user’s accounts after the required number of confirmations.

Exchanges have been a very fertile ground for hackers this year who extend their disturbing activities beyond centralized trading platforms to their Decentralized counterparts. From the hack of Crypto.com to that of Nomad Protocol, the trend has become a menace, calling for a security-focused solution to end this current onslaught across the board

Image source: Shutterstock


Tagged : / /

FTX Users Lose Millions due to API Exploit

On Saturday, several crypto traders suffered massive losses after hackers stole millions of dollars worth of digital assets from their FTX accounts by exploiting an API linked to their trading accounts.

An FTX user was shocked when he realized that his account using the 3Commas API traded the Governance (DMG) token more than 5,000 times, resulting in a loss of about $1.6 million worth of assets, including Bitcoin, Ether, and FTX tokens.

3Commas is a crypto trading platform that allows users to build automated trading bots on FTX and many other exchanges.

The report confirmed that this was not an isolated incident, as there were three other victims who suffered the loss. The second victim of the FTX exploits disclosed that he lost $1.5 million to the incident, which occurred on October 21. While he said malicious players had traded DMG via his account on October 18th and 19th, he questioned why FTX had not put in place risk control measures to guard against illegal trading activities.

An investigation conducted by trading-bot platform 3Commas and crypto exchange FTX showed that API keys linked to 3Commas were used to carry out unauthorized trades for DMG trading pairs on FTX. Both FTX and 3Commas identified that hackers used new 3Commas accounts to perform the DMG trades, as “the API keys were not taken from 3Commas but from outside of the 3Commas platform.”

The investigation showed that fraudulent websites identifying themselves as 3Commas were used to phish API keys as users linked FTX accounts to fraudulent web interfaces. The fake websites’ API keys were then stored and later used to put the unauthorized trades on the DMG trading pairs on FTX.  3Commas further suspected that hackers used third-party browser extensions and malware to steal the API keys from users.

The duo identified suspicious accounts based on user activity and, as a result, suspended the API keys to avoid further losses. FTX users who linked their accounts with 3Commas, therefore, received a message concerning their API as being “invalid” or “requires updating” and now are expected to create new API keys.

3Commas and FTX are currently working with the victims to provide assistance and garner more information about the hacking incident.

Why Crypto Hacks Are Surging

2022 has been identified as the worst year in terms of crypto hacks, according to Chainalysis research firm. October is recognized as the worst-ever month for crypto-related crimes, with more than $718 million in overall losses. Funds were stolen from various DeFi protocols during 11 different attacks.

This year is expected to surpass 2021 as the most prolific year for hacking on record, with 125 hacks that have led to over $3 billion worth of funds stolen so far. $325 million attack on cross-chain service Wormhole, a $625 million attack on Axie Infinity’s Ronin bridge, a $200 million attack on the Nomad bridge, a $100 million hack on Binance, and many more took place this year.

Poorly protected protocols and unaudited decentralized apps are easy pickings for hackers who take advantage of their highly vulnerable locks.

Image source: Shutterstock


Tagged : / / / / /

Scammers Put Gate.io users at Risk as Exchange’s Twitter Account Gets Hacked

Gate.io hacked Twitter account appears to be promoting a fake giveaway of 500,000 USDT, putting users at risk of losing funds.


A hacker from unknown origin has taken over crypto exchange Gate.io’s Twitter account, putting the exchange users of over 1 million at risk of wallet drainage to the ongoing fraudulent 500,000 USDT giveaway. 

The hacker replaced the website URL in the exchange’s Twitter account from the initial Gate.io to a fake one, gate.com (https://xn--gte-ipa.com/), impersonating the exchange.

The fake website was seen promoting a phony giveaway of 500,000 USDT, asking users to connect their wallets (such as MetaMask) to claim the rewards. Once a user bulges and connects their wallet to the scammer’s fake website, the hacker gains access to the existing funds in their wallet and eventually drains their assets. 

PeckShield, a notable Blockchain investigator, also confirmed this hack and warned users about the fake website. 

Notably, Gate.io has now recovered its Twitter account, as it appears the original website is now back on the company’s page. 

Hacking major Twitter accounts in the industry to scam fans or users is not a new thing. Last year, Blockchain.News reported that Graham Ivan Clark, the teenage hacker who took over popular Twitter accounts in 2020 and used them to scam users out of Bitcoin, was found guilty in a Florida court.

Clark hacked into verified Twitter accounts belonging to prominent figures like US President Joe Biden, former President Barack Obama, Amazon founder Jeff Bezos, Tesla CEO Elon Musk, Uber, socialite Kim Kardashian, and other personalities. He was then able to tweet out messages asking for followers to send Bitcoin.

While hacks like this could continue to surface, the United States Federal Bureau of Investigation (FBI) has recently warned that individuals should verify the validity of any investment opportunity and be on the lookout for misspelled URLs as well as domain names impersonating financial institutions, especially cryptocurrency exchanges.

Image source: Shutterstock


Tagged : / / / /

Hacker Steals $1m from Multi-Chain Crypto Wallet BitKeep

BitKeep’s token swap service was attacked on Monday by an unknown hacker.

shutterstock_2188675373 i.jpg

The multi-chain crypto wallet was robbed of $1 million in crypto tokens. The users who were robbed had approved their tokens on BitKeep’s swap service – called a swap router – on the BNB Chain and Polygon.

Reports said that the stolen funds were later scattered through Tornado Cash’s crypto mixer to avoid being traced.

The team tweeted, “BitKeep Swap was hacked, and our development team has managed to contain the emergency and stopped the hacker. The attack was directed to the BNB Chain, causing a loss of about $1 million.”

The hacker was able to seize users’ funds by exploiting a previously contained logic error that allowed them to make a malicious call.

The exploit was exposed to the hacker as BitKeep’s swap contract lacked input validation, which further allowed the hacker to spoof input values. It reveals that the hacker was able to make illegitimate swaps from addresses that had approved to spend on BitKeep’s swap router.

Victims of the exploit shall be refunded, according to BitKeep.

“BitKeep will launch a compensation portal within 3 working days for all victims to apply for a refund,” Bitkeep said.

Other Recent Hacks

Although small in comparison to other hacks, the hack on BitKeep is another case of exploits that have hit the crypto sector this month.

According to Chainalysis, in October alone, more than $700 million has been lost across more than a dozen notable exploits.

The most recent high-profile hack was witnessed by Mango Markets, which came less than a week from Binance’s BNB blockchain’s $80 million hack.

A hacker has stolen $100 million from Mango Markets in early October.

The trading and lending platform hosted on the Solana blockchain was exploited after manipulation in the price of Mango Market’s native MANGO token via an oracle price manipulation attack.

According to Blockchain.News Mango Markets confirmed via a tweet that the company had begun investigating the matter. “We are currently investigating an incident where a hacker was able to drain funds from Mango via an oracle price manipulation. We are taking steps to have third parties freeze funds in flight,” the tweet said.

The hacker’s wallet was funded from an FTX exchange account.

According to blockchain security firm Hacken’s tweets, the hacker first opened an enormous size futures position, which resulted in MANGO token price pump. That further spiked the hacker’s account collateral value and gave access to borrowing a large debt position across multiple coins on Mango Market’s borrowing and lending platform.

According to Hacken, the hacker was then able to borrow and steal roughly $114 million across various tokens since the price of tokens and their collateral was manipulated much higher.

It is yet to understand how, exactly, the hacker was able to inflate MNGO’s value in the eyes of the Mango protocol, according to Robert Chen from blockchain auditors OtterSec.

While in Binance’s BNB blockchain hack case, $80 million worth of Binance Coins (BNB) were stolen after an exploit occurred on a bridge between blockchains.

According to Chainalysis, the total revenue for crypto crime in the first half of this year stood at $1.6 billion, less than the figure recorded in the first half of 2021. The drop in crypto crime figures has coincided with a fall in crypto values. However, some forms of crypto-crime have risen in the last year, such as the value of hacked crypto assets has increased from $1.2 billion to $1.9 billion.

While Bloomberg reported that about $2 billion had been lost in crypto hacks this year, many of those hacks were perpetrated by North Korea-linked groups, and cross-chain bridges used to transfer tokens across blockchains have been a popular target.

Image source: Shutterstock


Tagged : / / / / /
Bitcoin (BTC) $ 37,056.93 0.94%
Ethereum (ETH) $ 2,015.27 1.63%
Litecoin (LTC) $ 68.90 1.17%
Bitcoin Cash (BCH) $ 221.70 1.29%