As an experienced cybersecurity analyst with years of digging into the underbelly of the digital world, I have seen my fair share of scammers, from petty fraudsters to large-scale masterminds. The case of Ronald Spektor, or Ronaldd as he was known online, is yet another example of how the crypto space remains a breeding ground for such nefarious activities.
After being accused by ZachXBT of helping with the theft of $6.5 million from a Coinbase user, a person identified as Ronald Spektor chose to remove or disable his social media accounts.
Based on reports from an internet investigator known as Ronaldd, it’s said that he was involved in a scheme using social engineering tactics around the month of October. A person claimed to have fallen victim when they were contacted under the guise of being a Coinbase customer service representative and subsequently lost their savings after clicking on a harmful link.
6/ Upon examining the TON address linked to Ronald’s Telegram number, you’ll notice it was funded from several cryptocurrency exchanges.
— ZachXBT (@zachxbt) November 20, 2024
Threat actors shuffled the ill-gotten gains to trading venue eXch on Bitcoin (BTC) and Ethereum (ETH). Following the attempt to cover track, Ronald allegedly flexed his Ledger Live wallet balance showing $3.1 on Discord days later and doxxed an address tied to the theft.
A now-deleted Telegram channel exposed one of Spektor’s on-chain wallets connected to several Coinbase withdrawals. ZachXBT said the data traced back to multiple potential impersonation scam victims.
It is probable that Spektor was just one of several fraudsters implicated in the phishing operations. The size of his wallet balance implies that others were also involved and received a portion, while information disclosed on November 20th indicates that he resides in New York based on leaked data.
Spektor quickly removed his Telegram profile approximately two hours following the publication of the blockchain researcher’s findings. Meanwhile, the affected individual also disabled their X site, but the reason for this action remained uncertain.
Update: Ronald just deleted his Telegram account.
— ZachXBT (@zachxbt) November 20, 2024
The increasing number of social engineering attacks serves as a constant reminder to industry players about the escalating security concerns, even with the progress and implementation of blockchain technology.
Recently, posing as Coinbase support has become a common tactic for scammers. In August, a single Genesis creditor reportedly lost $238 million in Bitcoin to individuals pretending to be exchange employees, as exposed by ZachXBT. Shortly following this revelation, Miami police apprehended suspects identified by ZachXBT and other crypto analysts.
Read More
- Ludus promo codes (April 2025)
- Cookie Run Kingdom: Shadow Milk Cookie Toppings and Beascuits guide
- ZEREBRO PREDICTION. ZEREBRO cryptocurrency
- Grimguard Tactics tier list – Ranking the main classes
- DEEP PREDICTION. DEEP cryptocurrency
- Seven Deadly Sins Idle tier list and a reroll guide
- Maiden Academy tier list
- The Entire Hazbin Hotel Season 2 Leaks Explained
- Shai Gilgeous-Alexander and Converse Introduce the SHAI 001
- Why ‘The Old Guard 2’ Release Date Keeps Being Postponed
2024-11-20 21:14