12 Charged in $263M Theft Case

Every week, Information Security Media Group rounds up cybersecurity incidents in digital assets. This week, charges in $263 million theft and Unicoin cases, a jury convicted the ex-CEO of SafeMoon, U.S. Securities and Exchange Commission X account hacker sentenced, Hong Kong police arrested dozens for money laundering, Russian police arrested the Blum co-founder. Israeli police arrested an alleged Nomad Bridge money launderer.

See Also: OnDemand | NSM-8 Deadline July 2022:Keys for Quantum-Resistant Algorithms Implementation

U.S. federal prosecutors unsealed a superseding indictment charging a dozen individuals in a racketeering scam that allegedly stole more than $263 million in cryptocurrency. The defendants – some arrested this week in California, others likely in Dubai – face charges that include racketeering conspiracy, wire fraud, money laundering and obstruction of justice, said the U.S. Department of Justice.

The case expands on charges filed in September against Malone Lam, who stands accused of stealing over 4,100 bitcoins from an early crypto investor linked to the defunct firm Genesis. The group allegedly evolved from gaming platform acquaintances into a cybercrime ring, using phishing, impersonation and physical break-ins to steal digital assets. Prosecutors say the stolen funds financed lavish spending and Lam continued orchestrating activity from detention.

The U.S. Securities and Exchange Commission has sued New York-based crypto firm Unicoin and four of its executives for defrauding investors through false claims about its cryptocurrency and associated investment products. The allegations stem from what the SEC describes as a widespread effort to mislead the public about the nature and value of Unicoin’s offerings, particularly the “rights certificates” that were marketed alongside its crypto tokens.

The complaint says Unicoin falsely claimed that its tokens were backed by billions of dollars in real estate and equity holdings in pre-IPO companies. In reality, the assets held only a fraction of the promised value. The company also claimed to have sold more than $3 billion worth of rights certificates, when investigators found that it had raised no more than $110 million. Unicoin also misled investors by falsely stating that its rights certificates and tokens were registered with the SEC. Executives charged in the complaint include CEO and Chairman Alex Konanykhin, former President and Chairwoman Silvina Moschini and former Chief Investment Officer Alex Dominguez.

All three are accused of violating federal antifraud laws. Richard Devlin, the company’s general counsel, was also charged for making similar false statements in private disclosures. Devlin has agreed to a permanent injunction and a civil penalty of $37,500, without admitting or denying the charges.

A Brooklyn jury found Braden John Karony, former CEO of cryptocurrency firm SafeMoon, guilty of conspiracy to commit securities fraud, wire fraud and money laundering. The verdict came after less than a day of deliberation in the U.S. District Court for the Eastern District of New York. Authorities charged Karony in 2023 alongside former SafeMoon CTO Thomas Smith and platform creator Kyle Nagy for misappropriating millions of dollars in SafeMoon’s SFM tokens. Smith testified against Karony during the two-week trial, which began with jury selection earlier this month. Nagy remains at large and is believed to have fled to Russia.

A U.S. federal judge sentenced Eric Council Jr., 26, from Alabama, to two years and two months in prison for his role in hacking the U.S. Securities and Exchange Commission’s X account and posting a false statement about bitcoin ETF approvals. An unauthorized message on the regulator’s social media account posted in January 2024 falsely claimed the SEC approved spot bitcoin ETFs, causing bitcoin’s price to surge by over $1,000 before the post was debunked. Council pleaded guilty in February to conspiracy to commit aggravated identity theft and access device fraud. Prosecutors said he and others used a SIM swap scheme to gain control of the SEC’s account. The real ETF approvals came a day after the hack.

Hong Kong police arrested 12 people in a crackdown on a cross-border money laundering syndicate accused of moving HK$118 million – about $15 million USD – through banks and cryptocurrency exchange, reported the South China Morning Post. Authorities said that two local operatives and 10 mainland Chinese nationals, aged between 20 and 42 years, were involved in the scam. The group allegedly opened around 500 shell accounts in both traditional and digital banks, using them to withdraw and convert cash into cryptocurrency at virtual asset exchange shops. Investigators tied about $1.3 million of the funds to 58 scam cases.

Russian authorities detained Vladimir Smerkis, co-founder of the Telegram-based crypto project Blum, on allegations of large-scale fraud, reproted Kremlin-owned newswire TASS. Smerkis formerly led Binance’s operations in Russia and former Soviet states under Russian political influence. Blum issued a statement distancing itself from Smerkis, stating that he had stepped down from his role as CMO and is no longer involved in the project.

Authorities in Jerusalem arrested Alexander Gurevich, an American-Israeli national, for helping to launder millions stolen in the $190 million Nomad Bridge hack in August 2022, reported the Jerusalem Post. The arrest followed an investigation involving Israeli police, the U.S. Department of Justice, FBI and Interpol, with blockchain intelligence firm TRM Labs providing evidence.

Authorities accuse Gurevich of conspiring with others to move stolen crypto through methods including chain-hopping, Tornado Cash, Monero and offshore accounts. Gurevich allegedly coordinated with early attackers and received funds shortly after the breach. The vulnerability in Nomad’s smart contract allowed nearly anyone to duplicate a transaction format and drain funds in what TRM called a “mob-style” attack. Despite extensive laundering efforts, investigators linked wallets and activity back to Gurevich. Authorities expect to extradite him to the United States following.