Ronald Spektor, hailing from Sheepshead Bay, was formally charged with first-degree grand larceny and money laundering. The illicit operation reportedly ran from April 2023 to December 2024. Prosecutors allege that Spektor contacted victims while impersonating a Coinbase representative, warning them of potential hacking threats to their accounts.

How the Coinbase Phishing Scheme Unfolded

Spektor allegedly convinced victims to transfer their crypto assets to wallets he controlled under the guise of protecting their funds. These assets were then laundered through various crypto mixers, exchange services, and even gambling platforms. Operating under the moniker “Ronaldd,” Spektor also managed a Telegram channel called “Blockchain enemies,” where he reportedly boasted about his exploits and acknowledged losing $6 million through gambling.

The victims of this elaborate scheme included individuals from California and Virginia, who lost over $1 million and $900,000, respectively. In the course of the investigation, authorities have so far recovered around $105,000 in cash and $400,000 in cryptocurrency. They have interviewed more than 70 victims, ultimately identifying approximately 100 affected individuals.

Role of Coinbase and Investigators

Coinbase played a pivotal role in the investigation, collaborating with the Brooklyn District Attorney’s Virtual Currency Unit to identify the suspect and trace the stolen funds. The company’s CEO, Brian Armstrong, publicly commended the indictment, assuring that those who target Coinbase users will face justice.

Prominent blockchain investigator ZachXBT also contributed significantly to unmasking the suspect. After a victim who lost $6 million sought his help, ZachXBT published an investigation in November 2024 that was instrumental in identifying Spektor. Coinbase’s official X account expressed gratitude for his efforts.

This case comes after a tough year for Coinbase security. Earlier in the year, ZachXBT reported that users suffered losses exceeding $65 million due to social engineering scams over just two months. Additionally, a data breach in May affected nearly 70,000 users, with damages estimated between $180 million and $400 million.

Spektor’s attorney has stated that his client pleads not guilty, labeling the accusations as “speculative.” However, reports reveal that Spektor was allegedly planning to flee the country before his arrest, with his father now considered an “active suspect.”

This incident serves as a stark reminder of the persistent threats in the crypto space, emphasizing the importance of robust security practices and awareness to safeguard digital assets.

The post Coinbase Phishing Alert: 31 Charges in $16M Crypto Theft Scandal appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

Changpeng “CZ” Zhao, the founder of Binance, confirmed the breach, urging his followers to be cautious. “The hacker posted a bunch of links to phishing websites that ask for Wallet Connect. Do NOT connect your wallet,” CZ warned.

Phishing Links: A Growing Threat

The phishing links shared by the attackers were cleverly disguised as Wallet Connect prompts. SlowMist’s Chief Information Security Officer, known online as 23pds, highlighted that attackers used a common trick of swapping letters in the phishing domain to make it appear legitimate. “BNB Chain’s English official X account has been hacked! The phishing website changed the letter i into l,” 23pds cautioned, advising users to remain vigilant.

Understanding the Inferno Drainer

The malicious domain is reportedly linked to the notorious Inferno phishing group. The Inferno Drainer is a software and phishing-as-a-service platform that surfaced around 2022 and gained significant notoriety in 2023. This platform allows affiliates to deploy pre-made phishing sites that convincingly mimic authentic crypto project interfaces.

Such incidents highlight the ongoing challenges of safeguarding official crypto project accounts from unauthorized takeovers. The CISO from SlowMist pointed out that this breach raises questions about the BNB Chain team’s security practices. “The BNB Chain team’s security awareness shouldn’t be this poor,” 23pds commented.

BNB Chain Hack: CZ’s Important Warnings

CZ took to X to advise the community on best practices for avoiding these traps. “Always check the domains very carefully, even from official X handles. Stay SAFU!” he wrote. At the time of writing, the phishing posts were no longer visible, yet it remains uncertain whether any users were affected or suffered financial losses.

BNB Chain’s security team is actively working with X to suspend the compromised account and restore access. Takedown requests for the phishing sites have already been issued.

This incident serves as a stark reminder of the vigilance required in the rapidly evolving crypto landscape. As users navigate this digital realm, understanding and recognizing the signs of a phishing attempt can safeguard their assets.

The post BNB Chain Hack: 5 Powerful Warnings to Avoid Phishing Links appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

The Swiss Financial Market Supervisory Authority (FINMA) identified the Yuh platform, inclusive of crypto trading, as a primary target for fraudulent schemes conducted by scammers. Marc Buerki, Swissquote’s CEO, acknowledged the surge in fraudulent activities to AI technologies, which simplify the initiation of malicious campaigns. He also assured that their internal systems remained unaffected by the counterfeit websites.

Despite attempts to reach out, Cointelegraph had not received a response from the company at the time of publishing. Fraudulent activities continue to plague the crypto sector, leading to billions of dollars in annual collective losses for users and deterring potential market entrants from acquiring digital assets.

So far in 2025, onchain incidents have resulted in losses approximating $2.1 billion. A significant portion of these losses can be attributed to wallet compromises and phishing attacks. With an increase in data leaks, it is crucial for users to stay alert,” stated cybersecurity firm CertiK in May.

Phishing attacks, social engineering strategies, deceptive websites, online impersonation, and address poisoning scams consistently rank among the most prevalent tactics used by threat actors to trick users and misappropriate funds. In April, a senior citizen was targeted in a $330 million heist through a social engineering scam, as per onchain investigator ZachXBT. This theft was categorized as the fifth-largest crypto loss in history.

Even experienced industry experts are falling victim to intricate social engineering scams. In June, crypto venture capitalist Mehdi Farooq, an investment associate at Hypersphere, revealed that a phishing attack had depleted the majority of his life savings.

The post Swissquote Pressured by Regulators to Combat Crypto Fraud and Impersonation Efforts appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

CertiK has detected a significant exploit on Binance Smart Chain (BSC), where a perpetrator siphoned nearly $2 million by misusing a smart contract function known as printMoney(). Exploiter Manipulates Authorized Contract to Loot Funds Twitter Link A recognized attacker carried out the exploit from address 0xd5c6f3…122c. This person repeatedly activated the printMoney() function on their authorized attack contract. The unauthorized intrusion originated from a compromised victim contract associated with address 0xb5cb0, which had unknowingly authorized the malicious contract approximately eight hours before the attack.

CertiK suspects the victim contract deployer’s private key was either phished or compromised in some other way, leading to the unauthorized approval transaction. This allowed the attacker to fully transfer the victim’s tokens. Hacker Transforms Funds and Possesses Nearly $2M Twitter Link Once the attacker had access, they quickly transformed the stolen derivative tokens into BNB and stablecoins. Currently, the exploiter holds about $1.96 million worth of assets at their address.

The crypto community is urged to remain vigilant as several major crypto hacks have been reported this year. Coinbase lost $400 million, Cetus on the Sui network was hit for $220 million, and other platforms like Phemex and UPCX have also suffered significant losses. These incidents demonstrate the high risk involved in the crypto space if not properly managed. According to CertiK, trusting unverified smart contracts or having weak security for private keys are among the biggest blunders. In a recent BSC hack, these were the exact issues that led to the theft of millions.

CertiK is actively monitoring the hacker’s wallet and is on the lookout for suspicious activity. They’ve also reminded users and developers to consistently verify contract approvals, use thoroughly audited code, and avoid rushing transactions. CertiK’s advice is straightforward – be cautious, stay vigilant, and don’t rush decisions.

The post Binance Smart Chain Faces $2M Crypto Exploit: CertiK Monitors Attack appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

The group has set its sights on various exchanges, including Phemex and Bybit, and they even attempted to deceive a BitMEX staff member by proposing a bogus project as a disguise for a phishing attempt to implant harmful software on the staff member’s device. However, BitMEX is now retaliating by delving into the malevolent code deployed by the hacker group.

BitMEX has unearthed serious loopholes that exchanges can leverage to safeguard their assets. This includes revealing the group’s tracking databases and originating IP addresses, which allows BitMEX to monitor its functioning hours and single out key players crucial to the group’s operations.

The BitMEX team has distinguished different levels for the hackers, ranging from novice hackers performing phishing tasks to experts assigned to conduct post-exploitation procedures. The BitMEX blog post proposes various real-time security breach detection measures, including an internal monitoring system for identifying infections.

BitMEX’s sudden interest in cybersecurity stems from a Lazarus Group member reaching out to a BitMEX employee on LinkedIn with a proposition to participate in a counterfeit NFT project. This audacious phishing attempt prompted BitMEX to probe deeper into the matter, which resulted in a chance to analyze live Lazarus code.

BitMEX researchers uncovered a Lazarus Supabase, which contained data related to the malware, such as username, hostname, operating system, geolocation, timestamp, and IP address. With this data, BitMEX identified various devices as either a developer or test machine based on their operational frequency.

While most of the developers utilized VPNs to conceal their location, one developer made an error revealing the actual IP address of the machine, which is located in Jiaxing, China. BitMEX considers this a significant lapse that could potentially unveil the hacker’s identity.

BitMEX has now developed a script to automatically analyze the Supabase and search for operational errors. After all, even hackers are prone to mistakes, which can prove to be their downfall. BitMEX’s astute analysis of Lazarus Group’s operations will continue to enhance their cybersecurity measures and protect their platform.

The post Unveiling Lazarus Group’s Secrets: BitMEX Developers Dive Deep into Hackers’ Database appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

Philip Martin, the Chief Security Officer of Coinbase, reported that the company had identified customer support contractors who inadvertently provided scammers with access to user data. He hinted that these individuals might be Indian nationals. This revelation followed a series of phishing attempts using Coinbase user data, which the exchange estimates could potentially result in a loss of $180 to $400 million in terms of remediation and compensation.

Qiao Wang, a key member of Alliance DAO, expressed in a May 15 post that he could have been a target of such an attack. He narrated how a scammer informed him about a potential security breach in his Coinbase account. The scammer then asked Wang to confirm his personal details, which the fraudsters may have procured through the compromised agents, and urged him to transfer all his assets to a “Coinbase self-custodial wallet”.

Wang expressed his dissatisfaction with the scammer’s tactics, stating, “I told them they needed to up their game […] They claimed they had made $7m that day.”

As of now, both Martin and Coinbase have not responded to requests for comments. This is an ongoing story, and updates will be provided as more information becomes available.

The post Coinbase Takes Action Against Allegedly Compromised Agents in India: Details Inside appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

“This is an unending game of cat and mouse,” states Ian Rogers, the Chief Experience Officer at Ledger, when discussing the relentless pursuit between crypto wallet companies introducing new security measures and hackers devising more sophisticated methods to breach victims’ wallets.

Rogers laments that the simplest scams often yield the best results, as they exploit users’ common mistakes. “Every day, people give away their 24-word phrases. As long as that continues, scammers will opt for the least expensive attack,” he warns, stressing, “If someone asks for your 24 words, they’re a criminal.”

Rogers points out a frequent crypto scam where unsuspecting victims are lured into responding to replies under any crypto-related Twitter post. These messages typically read, “Direct message me, I can assist you.”

He warns, “You must remember, scammers are always attempting to get your 24 words.” Jason Jiang, CertiK’s Chief Business Officer, recently shared with Cointelegraph that a heightened awareness of phishing attacks on social media can significantly boost a user’s crypto security.

In a more sinister turn, scammers sometimes compromise the accounts of influential industry figures to post malicious links, making it increasingly difficult for users to identify the scam. In September 2023, a fraudulent NFT giveaway was conducted through the compromised account of Ethereum co-founder Vitalik Buterin, resulting in over $691,000 drained from followers’ wallets.

Rogers underscores that such threats will persist, just as scams are not exclusive to the crypto world. He recalls the infamous “Nigerian president” email scams that have been around for years. “The cost of the attack always matches the potential reward,” Rogers notes. In 2024, crypto-related hacks surged by 15% from the previous year, totaling over $3 billion in stolen assets.

Meanwhile, a new threat known as ‘pig butchering’ scams has surfaced as a major concern for crypto investors. This complex phishing ploy has tricked investors into voluntarily transferring their assets to scam crypto addresses, resulting in a staggering loss of $5.5 billion across 200,000 identified cases on the Ethereum network in 2024 alone.

The post The Eternal Struggle for Crypto Security: Insights from a Wallet Executive appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

The team at BYDFi has disclosed that they have recently unearthed several phishing platforms and deceitful activities aimed at their users. As a globally acknowledged cryptocurrency exchange, BYDFi finds itself as a prime target for cybercriminals seeking to mimic the platform.

Africa
Crypto
GlobeNewswire
© GlobeNewswire, Inc. 2025

Click here to sign in or create a free account to access this news.

The post BYDFi Alerts Users: Stay Vigilant against Phishing Platforms and Online Fraud appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

At 1:00 am UTC, LEGO enthusiasts like “ZTBricks” noticed the fraudulent message: “Our new LEGO Coin is officially out! Buy the LEGO Coin today and unlock secret rewards!” Users who clicked the “Buy Now” button were directed to a phishing site.

LEGO swiftly removed the scam from its homepage within 75 minutes. A representative from LEGO reportedly informed tech platform Engadget that no user accounts were compromised, and the issue has since been resolved:
“No user accounts have been compromised, and customers can continue shopping as usual. The cause has been identified, and we are implementing measures to prevent this from happening again.”

The hack occurred at 3:00 am in Billund, Denmark, home of LEGO’s headquarters. The company hasn’t made a public statement yet, but the phishing attempt has sparked concern about increasing cryptocurrency scams targeting major brands.

LEGO’s brief venture into the crypto space occurred back in March 2021 when they hinted at NFT involvement, but the post was quickly deleted. However, their investment in Epic Games to explore the Metaverse space in 2022 shows the company’s broader interest in digital expansion.

According to blockchain security firm Scam Sniffer, cryptocurrency scams cost victims over $127 million in Q3 2024, with $46 million lost in September alone.

The post LEGO Removes Cryptocurrency Scam After Homepage Hack Incident appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

According to Blockaid, a leading Web3 security firm, the number of DApps leveraging Inferno Drainer reached 40,000 by the end of July 2024. Oz Tamir, Blockaid’s research and development lead, shared with Cointelegraph that the weekly count of new malicious DApps employing this tool has skyrocketed from 800 to 2,400.

“At the beginning of the year, we saw about 800 new malicious DApps per week. Now, that number has tripled to 2,400 per week,” Tamir revealed.

Inferno Drainer Resurfaces Amid Growing Crypto Scams

Crypto drainers like Inferno Drainer are phishing tools tailored specifically for the crypto world. These tools allow scammers to gain access to victims’ wallets by tricking them into signing token approvals, which in turn enables the theft of funds.

Although Inferno Drainer reportedly helped steal $70 million before supposedly shutting down in 2023, it has resurfaced, becoming even more active in 2024.

While Inferno Drainer seems sophisticated, Tamir argues it’s simply another tool in the scammers’ arsenal. “Scammers often choose their drainer based on what is available at the moment and what commission is taken by the drainer,” he added.

Bull Market Fuels Rise in Scammers

The sharp increase in scammers is closely linked to the current bull market in the crypto space. As more users and capital flow into the ecosystem, scammers are more motivated to invest in innovative, new attacks. Additionally, the emergence of new chains, which often lack robust security measures, presents scammers with fresh opportunities.

“As more users and money are entering the ecosystem, attackers are increasingly motivated to invest in new, novel attacks,” Tamir explained.

The post Surge in Crypto Scams: Inferno Drainer Tool Usage Triples in 2024 appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.