CyberSecurity

On Wednesday night, a mysterious message appeared on the Ethereum blockchain — a direct mockery aimed at one of the most prominent crypto investigators. The sender? A hacker linked to the recent massive data breach at Coinbase, which compromised the accounts of over 69,000 users and may cost the exchange hundreds of millions of dollars.
The taunt, simply reading "L bozo", was embedded in a transaction and meant to ridicule the investigator. The hacker even included a link to a viral meme video featuring NBA Hall of Famer James Worthy smoking a cigar, escalating the provocation.

💰 $44.9 Million Laundered Through THORChain
But the trolling wasn’t all. On Tuesday, the attacker began liquidating stolen assets, converting 17,800 ETH into DAI stablecoins — worth roughly $44.9 million — using THORChain, a decentralized cross-chain trading protocol.
📉 The swaps occurred at an average ETH price of $2,528.

💼 One major swap involved 9,080 ETH for $22.8 million in DAI.
Using THORChain allowed the hacker to bypass centralized exchanges, complicating tracking efforts and signaling a new level of sophistication in crypto laundering tactics.

🔓 What Happened at Coinbase?
Coinbase confirmed that the breach took place in December 2024, but it wasn’t disclosed publicly until May 2025. The hackers gained access to sensitive personal data of around 69,000 users.
Soon after, they allegedly demanded $20 million in Bitcoin as ransom, threatening to leak the stolen data on the dark web. Coinbase refused to pay and instead offered the same amount as a reward for information leading to the attackers.

📉 Financial Fallout: Coinbase in Crisis
The breach has severely damaged Coinbase’s reputation. On Wednesday, its stock (COIN) closed down 0.92% at $258.97, continuing a 36% monthly decline.
Security experts claim the exchange ignored prior warnings of suspicious activity as early as December, a failure that now haunts its image and user trust.

🛡️ Binance and Kraken Also Targeted
Coinbase wasn’t the only target. Binance and Kraken also faced recent social engineering attempts, where attackers posed as users and tried to bribe support agents.
Binance’s AI systems successfully flagged and blocked the suspicious messages. Kraken reported no customer data losses either, thanks to strong internal protocols.

🔚 A Glimpse Into the Future of Crypto Crime?
This case is more than a breach — it's a bold show of power by a cybercriminal who’s fluent in DeFi and unafraid to mock those chasing him. With advanced laundering tactics and an open taunt of blockchain sleuths, we may be witnessing the next evolution in crypto-based crime.
Coinbase may recover financially — but the reputational scars will be harder to erase.

#HackerAlert , #CryptoSecurity , #CryptoCrime , #CyberSecurity , #CryptoNewss

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

In a major blow against digital crime, Microsoft joined forces with international partners to dismantle a vast cybercriminal network that used over 2,300 malicious websites to spread the notorious Lumma Stealer malware. These sites were responsible for stealing login credentials, credit card data, and access to cryptocurrency wallets.
The operation, led by Microsoft’s Digital Crimes Unit, was authorized by a federal court in Georgia to disable and seize critical components of Lumma’s infrastructure. Authorities also took control of Lumma’s command system and shut down its marketplace where the malware was being sold to other cybercriminals.
🔹 The international coalition included Cloudflare, BitSight, and Lumen, as well as Europol and Japanese law enforcement agencies, who worked together to shut down Lumma’s local server infrastructure.

Lumma: The Silent Data Thief
Lumma Stealer first emerged on underground forums in 2022 and quickly became a favorite tool among hackers for automated data theft. Between March and May 2025, Microsoft detected over 394,000 infected Windows machines. Criminals used it in phishing schemes—such as fake Booking.com pages—and attacks on gaming platforms, healthcare, logistics, and more.
The malware spreads through malicious emails, browser extensions, and infected files, and once installed, immediately starts collecting and transmitting sensitive data.

Crypto Crime in Numbers: Millions Vanished
🔹 In March, Lumma was used to target educational systems and online gaming communities.

🔹 Chinese printer company Procolored was recently accused of distributing crypto-stealing malware through its official drivers—leading to $953,000 in stolen assets.
Crypto attacks are also becoming commercialized, with ready-to-use tools available via SaaS models for as little as $100, opening the doors to amateur hackers.
According to the FBI, Americans lost over $9 billion to crypto scams in 2024 alone, with seniors over 60 being the most vulnerable. Chainalysis reported global losses of $51 billion, citing the rise of professional criminal rings, cartels, state-sponsored hacking, and AI-powered fraud.

Microsoft Issues a Warning: The Threat Grows
Microsoft warns that crypto theft and data breaches are accelerating, with hackers using increasingly sophisticated tactics—including artificial intelligence and decentralized swapping protocols like THORChain.
But the operation also proves that collaboration between tech firms and global authorities can deliver real results. By dismantling Lumma, Microsoft sends a clear message to the cyber underworld: justice in the digital world is real—and it's swift.

#CyberSecurity , #Malwareattack , #cybercrime , #CryptoSecurity , #CryptoNewss

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

Coinbase data breach impacted 69,461 users’ personal information. Insiders bribed to leak names, addresses, and bank details. No funds or passwords stolen; Prime accounts unaffected. Coinbase offers $20M reward to catch attackers.Enhanced security and user reimbursements promised.
#Coinbase #DataTheftAlert #cybersecurity #insider threat
On December 26, 2024, Coinbase, a leading cryptocurrency exchange, suffered a significant data breach. Cybercriminals bribed rogue overseas support agents to access sensitive customer information. The breach, detailed in a Maine Attorney General filing, impacted 69,461 users, exposing names, addresses, and phone numbers.
The incident remained undetected until May 11, 2025. Coinbase confirmed that less than 1% of its monthly transacting users were affected. No passwords, private keys, or funds were compromised. Prime accounts remained secure.
How the Breach Occurred
Cybercriminals targeted Coinbase’s outsourced support team. They recruited agents through bribes, gaining unauthorized access to customer data. The stolen information was used to facilitate social engineering attacks. Attackers demanded $20 million in Bitcoin to withhold the data.
Coinbase refused the ransom. Instead, the company offered a $20 million reward for information leading to the attackers’ arrest and conviction. The breached data included sensitive details like government-issued IDs and bank information for some users.
The company identified and terminated the rogue employees. Legal consequences for those involved remain uncertain due to their overseas locations. Coinbase is working with authorities to investigate further.
Coinbase’s Response and User Impact
Coinbase acted swiftly upon discovering the breach. The company notified affected users and promised full reimbursement for any losses. Enhanced security measures are being implemented to prevent future incidents.
The Maine Attorney General’s filing highlighted the scale of the breach. It emphasized the risks of outsourcing sensitive operations. Coinbase assured users that no financial assets were stolen. The company is providing credit monitoring services to affected customers.
The breach raises concerns about data security in the cryptocurrency industry. Users are urged to remain vigilant against phishing attempts and social engineering scams. Coinbase has pledged to strengthen its internal controls.

Coinbase, the largest cryptocurrency exchange in the United States, has confirmed a major data breach from December 2024 that exposed sensitive personal information of 69,461 users. Hackers demanded a $20 million ransom to prevent the leaked data from being published on the dark web.
The scale of the attack was disclosed in a filing with the Maine Attorney General. Although Coinbase stated that less than 1% of its global user base was impacted, the breach has triggered multiple federal investigations and potential lawsuits regarding the company’s handling of the incident.

💼 Hackers Bribed Foreign Support Agents to Gain Access
According to Coinbase and sources familiar with the matter, the breach was made possible through social engineering, not through technical vulnerabilities. Attackers targeted customer support agents working overseas — specifically in India — and bribed them with cash in exchange for access to internal systems.
This gave hackers access to personal information, including names, addresses, dates of birth, nationalities, government-issued IDs, banking details, account balances, and KYC-related data. While passwords, private keys, and crypto funds were not compromised, cybersecurity experts warn that such information can still be used for identity theft, impersonation, and fraud.

🕵️‍♂️ Ransom Demands and Delayed Disclosure
Coinbase revealed it received an anonymous ransom email on May 11, several months after the breach took place on December 26. The attackers threatened to leak the stolen information online unless the company paid a $20 million ransom — a demand that Coinbase ultimately refused.
The company stated that it had already identified and dismissed the employees involved in the incident and is fully cooperating with U.S. authorities, including the Department of Justice, which has launched a criminal investigation.

📢 Public Backlash Over Coinbase’s Silence
The company’s delayed disclosure has sparked widespread criticism. Tech investor and TechCrunch founder Michael Arrington condemned Coinbase’s timing, arguing that real people could already be suffering consequences from the breach.
“This has likely already caused harm,” Arrington wrote on X. “The damage can’t just be measured in dollars — it’s measured in human suffering.”

He also criticized existing KYC (Know Your Customer) rules, claiming they provide a false sense of security while exposing users to unnecessary risk. Arrington called for stronger data protection laws and corporate accountability.
“Governments and corporations need to act. The cost of inaction is human suffering,” he added.

💸 Potential Losses Could Top $400 Million
Coinbase estimates the fallout from the breach could cost between $180 million and $400 million, including customer reimbursements, legal expenses, and increased security measures.
Mike Dudas, managing partner at Web3 venture firm 6MV, believes he may be among those affected. He called the breach “a staggering leak of personal data,” warning that the consequences may extend beyond identity theft and include intimidation or blackmail of high-profile figures in the crypto industry.

💬 As crypto companies scale globally, are they doing enough to protect sensitive user data from insider threats?

#CyberSecurity , #CryptoNewss , #Cryptoscam , #CryptoFraud , #coinbase

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

The U.S. Department of Justice (DOJ) has launched a criminal investigation into a major data breach at crypto exchange Coinbase, which occurred last week. According to early findings, the attack involved bribed insiders in India, who helped steal sensitive customer data and delivered a $20 million ransom demand.

High-Profile Data Compromised — Even Sequoia’s Roelof Botha Targeted
Among the affected individuals was Roelof Botha, managing partner at Sequoia Capital and a well-known member of the “PayPal mafia,” alongside Elon Musk and Peter Thiel. Hackers reportedly accessed personal information tied to his Coinbase account, including his phone number, residential address, and other confidential data.
Bloomberg reports that attackers relied on social engineering tactics, deceiving people rather than hacking computer code. Support staff based outside the U.S. downloaded data from Coinbase's internal systems. These individuals have since been terminated.

Coinbase: Damages Could Reach $400 Million
Coinbase said it received the ransom demand via email on May 11. The company estimates that the fallout from the breach could cost as much as $400 million, including system recovery and new security measures.
Coinbase’s Chief Legal Officer Paul Grewal stated that the firm has notified the DOJ and other U.S. and international authorities:
“We are fully cooperating and welcome efforts to bring the perpetrators to justice.”

Coinbase Faces Crisis on the Brink of Major Milestone
Ironically, the breach occurred just days before Coinbase is set to be added to the S&P 500 index, a historic milestone for the crypto industry. Despite the breach, analyst optimism and the inclusion announcement sent Coinbase shares up by 20%.
The incident underscores how the rising profile of crypto exchanges attracts increasing attention from cybercriminals, even as Wall Street embraces digital asset firms. Officials say the investigation is still ongoing and could take several more months.

#coinbase , #CryptoSecurity , #CyberSecurity , #CryptoNewss , #CryptoScamAlert

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

Something big just happened in the U.S. – a potential game changer in the fight against AI abuse and online exploitation. President Donald Trump has signed a new federal law that makes it a crime to share intimate images without consent – including deepfake po*rnography. Even more importantly, tech platforms are now required to remove such content within 48 hours of being reported.
The Take It Down Act is now officially in effect and provides long-awaited legal protection for victims whose images (real or AI-generated) were posted online with the intent to harm, harass, or exploit.

🔹 A Law Championed by Melania Trump
The signing was a powerful moment – President Trump was joined by First Lady Melania Trump, who had been actively promoting this legislation as part of her campaign to protect children in the digital age.
“This legislation is a big step forward in protecting every American – especially our youth – from abuse of their image or identity,” Melania said.
In an emotional speech, she compared AI and social media to digital candy – tempting, addictive, but potentially dangerous. She stressed that it’s time to set clear boundaries.

🔹 What Exactly Does the Law Prohibit?
The Take It Down Act classifies it as a federal crime to post or even threaten to post intimate images (including deepfakes) without the person’s consent, especially if the goal is to cause harm, harass, or sexually exploit.
📌 For adults, this includes both real and altered images obtained in private or without their knowledge.

📌 For minors, it covers any image published to abuse, harass, or sexually arouse the offender – whether real or AI-generated.

🔹 Tech Platforms Now Have a Legal Obligation
The law doesn't just target offenders – it also places new responsibilities on tech companies. Websites, apps, and platforms that host user-generated content (such as social media) must now have a working takedown system in place and remove harmful content within 48 hours of it being reported. They must also prevent reuploads of the same content.

🔹 Strong Bipartisan Support in Congress
The bill passed through Congress with near-unanimous support – the House of Representatives approved it 409–2. Both Democrats and Republicans backed the initiative.
Melania Trump personally lobbied lawmakers, hosted roundtable discussions with victims, and even invited one of them – Elliston Berry – as her guest at the President’s State of the Union address in March.

✳️ Why This Matters
In an age where AI tools are becoming widely accessible, the abuse of deepfake technology and revenge po*rn is a growing threat. Celebrities like Taylor Swift and Jamie Lee Curtis have already fallen victim – as have countless ordinary people, including minors.
The Take It Down Act stands as one of the first major federal responses to these threats, sending a strong message: the digital world also needs clear rules and protections.

#TRUMP , #Melania , #CyberSecurity , #CryptoNewss , #USPolitics

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

Ethereum aimed to make user experience smoother with its latest update… but instead, it opened the door to scammers. 🔓
The newly released EIP-7702, launched on May 7 as part of the Pectra upgrade, was designed to give regular users a smarter way to interact with Ethereum. But now it’s becoming clear: fraudsters have already figured out how to exploit it – and they’re wasting no time.

🧠 What Is EIP-7702, and Why Does It Matter?
EIP-7702 allows regular Ethereum wallets (externally owned accounts, or EOAs) to temporarily act like smart contract wallets by delegating control through a signed message.
Sounds great, right? In theory, yes – it makes transactions more flexible and user-friendly. But in practice, it has opened up a brand-new attack vector for phishing scams.

🚨 The Threat: Fake Delegators Stealing Your ETH
According to cybersecurity firm GoPlus Security, attackers are already posing as trusted “delegators.” Once a user grants them permission, any ETH sent to the user’s wallet is instantly redirected to the scammer.

One example is address 0x930f...fd0b – once authorized, it forwards all funds to another scam address like 0x000085bad (yes, even the name screams “don’t trust me”).
These scams are exploiting users’ trust in the Ethereum upgrade. And unless you're careful, you could fall into the same trap.

🛡️ How to Stay Safe
GoPlus and other experts strongly recommend:
🔹 Never trust email links or unknown URLs that ask you to upgrade to EIP-7702

🔹 Only use official wallet interfaces (like MetaMask) to interact with 7702 features

🔹 Double-check delegation addresses

🔹 And most importantly – never sign messages you don’t understand

🔐 Hardware Wallets? No Longer Invincible
It used to be that hardware wallets were the gold standard in security. But that’s no longer guaranteed. According to Yehor Rudytsia from Hacken, even hardware wallets can sign malicious messages, just like hot wallets.
And EIP-7702 has another vulnerability: it allows signatures with chain_id = 0, meaning your signed message can be replayed across any EVM-compatible chain. That’s a huge red flag.

🔑 Multisig Wallets Still Hold Strong
While single-signature wallets (even hardware-based) are now at risk, multisig wallets remain more secure. They require approval from multiple signers – making unauthorized transactions much harder.

✅ The Bottom Line: EIP-7702 Has Promise – But Watch Your Step
There’s no doubt that EIP-7702 could revolutionize Ethereum user experience. But right now, it’s like giving someone a sports car… without brakes.
👉 If someone tells you to “upgrade” via a link or email – it’s 100% a scam.

👉 Stay alert. Think before you sign.
In crypto, one wrong click can cost you everything. 🧠💸

#Ethereum , #Cryptoscam , #CryptoSecurity , #phishing , #CyberSecurity

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

The Australian Federal Police (AFP) has confiscated over $4.5 million worth of assets from a Queensland man suspected of involvement in the 2013 theft of 950 Bitcoin from a French cryptocurrency exchange. The operation marks a major milestone in an ongoing investigation into cybercrime and illicit crypto proceeds.

Waterfront Property, Luxury Car, and Nearly 25 BTC Seized
According to the Criminal Assets Confiscation Taskforce (CACT) led by the AFP, the seized assets include:
🔹 a waterfront property in Beachmere, Queensland

🔹 a black 2019 Mercedes-Benz sedan

🔹 24.99 BTC
The assets were forfeited to the Commonwealth under civil asset forfeiture laws, which allow for seizure without a criminal conviction.

Suspicious BTC Transactions Sparked the Investigation
Codenamed Operation Gouldian, the case began in September 2018 after Luxembourg authorities tipped off AUSTRAC, Australia's financial intelligence agency, about suspicious Bitcoin movements.
Further investigations revealed the suspect was living lavishly without legitimate income. He had previously been convicted of hacking a U.S. gaming company. No criminal charges have been filed specifically in relation to the 2013 crypto theft—yet authorities proceeded under proceeds of crime legislation.

AFP: Crime Profits Fuel More Crime
“Criminals are driven by greed at the expense of honest Australians and businesses,” said AFP Commander Jason Kennedy.

“Illicit profits often fund further criminal activity, which is why we work closely with our CACT partners to strip offenders of those proceeds and redirect them to benefit the community.”

Confiscated Funds to Be Reinvested
The seized assets are being handled by the Australian Financial Security Authority, and proceeds will be transferred to the Commonwealth Confiscated Assets Account. From there, the Attorney-General can allocate them to:
🔹 crime prevention programs

🔹 law enforcement efforts

🔹 initiatives combating drug trafficking and related social harm

Another Case of Crypto Crime Funding Luxury
This case joins a growing list of incidents where crypto theft profits were used to fund lavish lifestyles. Just last week, the U.S. Department of Justice charged 12 individuals in a $263 million crypto fraud scheme, revealing that illegal gains had been spent on luxury vehicles, jewelry, and designer goods.

#CryptoCrime , #bitcoin , #CyberSecurity , #CryptoFraud , #DigitalAssets

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

Despite a global slowdown in cryptocurrency transactions on darknet markets, Russia’s crypto underground is thriving. According to the latest findings from blockchain analytics firm Chainalysis, cryptocurrency activity on Russian darknet platforms surged by 68%, even as global darknet sales dropped by 15% year-over-year.

Kraken Surges While Others Collapse
The report highlights that Kraken, now the largest darknet marketplace focused on Russia, has quickly risen to dominance after the takedown of the infamous Hydra marketplace in April 2022.
🔹 In 2024, Kraken handled $737 million worth of cryptocurrency, marking an increase of nearly 68% year-over-year.

🔹 In contrast, rival platform Mega — once a primary drug supplier to other darknet markets — saw its inflow fall by more than 50%.

Global Darknet Crypto Activity Declines
Globally, darknet crypto activity fell by 15% in 2024, largely due to ongoing efforts by international law enforcement and the increasing transparency of blockchain transactions.
📉 These pressures have forced many darknet operators to reconsider the tools they use — particularly a shift away from Bitcoin, which is known for its traceability.

Monero Takes the Lead on the Darknet
According to Chainalysis, many darknet platforms have now switched to using Monero (XMR) exclusively.
🔐 Monero is a privacy-focused cryptocurrency designed for maximum anonymity, making it significantly more difficult to trace transactions or identify participants. This privacy feature has made it the preferred currency for those aiming to stay off the radar of global authorities.

Summary
While global darknet markets are shrinking, Russia's scene is expanding rapidly. Kraken has taken the lead, and Bitcoin is losing ground to more private coins like Monero.
The Chainalysis report serves as a reminder that, although blockchain activity is transparent, privacy is still achievable — especially when the right technologies are used. That continues to present a major challenge for international regulators and law enforcement agencies.

#CryptoCrime , #darknet , #CyberSecurity , #Monero , #CryptoSecurity

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

Coinbase, the largest cryptocurrency exchange in the U.S., has suffered a serious data breach. But this time, the attackers didn’t go after regular users — they specifically targeted high-profile executives and investors, including Roelof Botha of the well-known venture capital firm Sequoia Capital. Hackers demanded a $20 million ransom, which Coinbase firmly refused to pay.

🔍 Inside Job: Attackers Bribed Customer Support Agents
According to Bloomberg, the breach was made possible through bribery — foreign-based customer service agents were reportedly paid off to grant unauthorized access to sensitive customer data.
The stolen information included names, birthdates, phone numbers, home addresses, ID numbers, account balances, and creation dates — all linked to high-value users. Among them was Roelof Botha, a prominent investor behind early successes like YouTube, Instagram, and PayPal, and a key member of the so-called “PayPal Mafia”, which also includes Elon Musk and Peter Thiel.
In response, Coinbase rejected the ransom and instead offered a $20 million reward for information leading to the hackers' arrest, according to CEO Brian Armstrong.

📉 Breach Comes at a Pivotal Moment — Just Before Coinbase Joins S&P 500
The timing couldn't be worse. The attack occurred just days before Coinbase’s planned inclusion in the prestigious S&P 500 index — a huge milestone for the company and the broader crypto sector.
Analysts estimate that damages from the breach could reach $400 million. Coinbase has declined to comment, and neither Botha nor Sequoia Capital has issued a statement so far.

🚨 France Steps Up Protection for Crypto Executives
As threats escalate, some countries are taking action. France has introduced special security protocols for crypto executives, including home inspections and briefings for family members, in response to a rise in kidnapping attempts and physical threats.
This follows a failed kidnapping attempt targeting the daughter and grandson of the CEO of Paymium, a Paris-based crypto exchange. In another case, the father of a crypto millionaire was abducted, but was released two days later.

🌐 Crypto Sector Under Siege
According to Chainalysis, crypto-related hacks in 2024 have already caused over $2.2 billion in losses. One of the largest breaches occurred on Bybit, where alleged North Korean hackers compromised systems, leading to a $1.5 billion loss — the largest crypto security incident to date.

🛡️ Conclusion: Crypto Is Under Fire — Not Just From Hackers, But Real-World Threats
The Coinbase incident underscores a troubling reality: as crypto grows in visibility and value, it is becoming a prime target not only for digital attacks but for real-world crime. The refusal to pay the ransom is bold — but it also shows that cybercrime in crypto has entered a new, more dangerous phase.

#coinbase , #HackerAlert , #CryptoNewss , #CyberSecurity , #Cryptoscam

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“

The U.S. Department of Justice has expanded its indictment in one of the largest crypto crime cases to date. Twelve new individuals have been charged in connection with a cybercrime gang that allegedly stole 4,100 Bitcoins — worth around $263 million — primarily from a single victim.

From Online Gaming Friends to a Coordinated Cybercrime Ring
According to investigators, the group began operating in October 2023, starting as a group of friends who bonded over online games. But their hobby turned dark as they evolved into an organized extortion network. Most of the accused — aged between 18 and 22 — hail from California and used online aliases such as “Goth Ferrari” and “The Accountant.”
Several suspects have already been arrested, while two others are believed to be hiding in Dubai.

Hacks, Break-ins, and Stolen Hardware Wallets
The DOJ describes a wide range of criminal tactics:
🔹 Hacking databases and stealing credentials

🔹 Impersonating customer support agents

🔹 Calling victims to carry out social engineering attacks

🔹 Breaking into homes to steal hardware wallets
One of the most striking incidents occurred on August 18, 2024, when lead defendant Malone Lam allegedly tricked a victim into handing over more than 4,100 Bitcoins.
In another case, Lam reportedly hacked into a victim’s iCloud account to track their location, while accomplice Marlon Ferro broke into the victim’s home to steal physical wallets.

Sophisticated Laundering with Peel Chains and Mixers
To cover their tracks, the group used advanced money laundering methods:
🔹 VPNs and crypto mixing services

🔹 “Peel chains” — where stolen crypto is moved through dozens or hundreds of wallets, peeling off small amounts at each step
The defendants are now facing charges under the RICO Act, as well as wire fraud and money laundering charges.

Flashy Lifestyles: From Crypto to Clubs, Cars, and Private Jets
The group didn’t hold back when spending the stolen funds. According to the DOJ:
🔹 They ran up nightclub tabs as high as $500,000 in a single night

🔹 Bought 28 luxury cars worth $3.8 million

🔹 Splurged on designer handbags, watches, and high-end fashion

🔹 Rented luxury villas and private jets using fake identities
The gang operated like a well-oiled machine — knowing how to launder money, hide digital footprints, and live like celebrities while doing it.

#CryptoCrime , #CryptoNewss , #BlockchainSecurity , #CyberSecurity , #DigitalAssets

Stay one step ahead – follow our profile and stay informed about everything important in the world of cryptocurrencies!
Notice:
,,The information and views presented in this article are intended solely for educational purposes and should not be taken as investment advice in any situation. The content of these pages should not be regarded as financial, investment, or any other form of advice. We caution that investing in cryptocurrencies can be risky and may lead to financial losses.“