Two Cybercriminals arrested in $243 million crypto Heist

As a seasoned cybersecurity researcher with over two decades of experience under my belt, I must say that this incident is nothing short of jaw-dropping. The audacity and sophistication of these cybercriminals are truly astounding, leaving me both impressed and appalled at the same time.


As a crypto investor, I was taken aback by an unexpected turn of events when cunning cybercriminals pulled off a complex social engineering scheme. This elaborate trick resulted in a staggering loss of $243 million from a fellow investor’s account. The meticulously planned attack unfolded through a sequence of calculated steps, ultimately leading to the theft of valuable cryptocurrency funds from the victim’s digital wallet.

The events unfolded on August 19, 2024, as a gang of cybercriminals – Greavys (Malone Iam), Wiz (Veer Chetal), and Box (Jeandiel Serrano) – launched an attack against a creditor of Genesis.

ZachXBT shared a discussion on platform X where he disclosed an in-depth explanation about the recent hack. It was discovered that by employing a chain of misleading phone calls, they successfully persuaded the victim to update their two-factor authentication (2FA) settings and disclose their personal keys. This allowed them unauthorized access to the victim’s digital currency assets.

Incident Details

The perpetrators used highly coordinated tactics to deceive the victim:

  • The attackers gained access to the victim’s personal accounts by impersonating Google Support and using a fake phone number.
  • They then claimed to have hacked the victim’s account when they phoned Gemini support, which resulted in the 2FA being reset and money being transferred to a compromised wallet.
  • The attackers were able to obtain private keys from Bitcoin Core by using AnyDesk to see the victim’s screen.

Key transactions included:

    The first transaction of  59.34 BTC occurred at 1:48 AM UTC transfer with hash, “e747b963…” and the other transaction of 14.88 BTC  occurred at 2:30 AM UTC with hash, “7c7ebed7…”
    The final transaction of 4064 BTC happened at 4:05 am UTC and is identified by the hash, “4b277ba2…”

Investigation and Findings

From my perspective as an analyst, I employed a range of sophisticated techniques to unravel this mystery. These included utilizing specialized blockchain analysis tools, keeping tabs on social media activity, and leveraging Open Source Intelligence (OSINT). The fruits of this labor were quite revealing – I was able to unearth crucial insights about the identities and geographical origins of those responsible for the attack.

Known as Malone Iam, Greavys boastfully showcased his questionable fortune by living extravagantly with a $243 million windfall that was apparently obtained illegitimately. Allegedly, he splurged on more than ten high-end vehicles and routinely spent between a quarter of a million to half a million dollars per night at LA and Miami clubs, where he and his companions would gift Birkin handbags to women.

He publicly showed off his wealth on Discord, and his identity was verified through videos, chats, and social media posts on his Instagram account. Investigators traced his location using open-source information (OSINT), which included posts from his friends and acquaintances. They eventually found him in Los Angeles and Miami.

It was discovered that illicit funds were being laundered through services such as eXch and Thorswap. This revelation came about when Wiz and Light/Dark (Aakaash), inadvertently exposing their true identities, shared their screens during certain sessions.

Arrests and Recoveries:

Following the probe, Box and Greavys were taken into custody yesterday, separately in Miami and Los Angeles. It’s possible that authorities also confiscated further assets at the time of the arrests, given the noticeable money transfers happening concurrently.

Working together with crypto-investigative teams like zeroShadow and the Binance Security Squad, approximately $9 million of the stolen assets have been immobilized. Moreover, over half a million dollars have already been successfully restored to the original owner as a result of an extensive probe.

Read More

Sorry. No data so far.

2024-09-19 19:48