TronWeekly

Crypto World News

You are here: Home / Archives for social engineering

social engineering

From Bitcoin Scam to Real-World Kidnapping: The $243M Crypto Heist and Its Deadly Aftermath

by

  • Teen Hackers Steal 4,100 Bitcoin worth $243M Using Social Engineering Method
  • A week after pulling the heist, the hackers kidnapped Veer Chetal’s parents in an attempt to extort a larger share of the stolen funds.
  • By March 2025, five suspects had pleaded guilty and could face up to 1l5 years in prison.

The Bitcoin scam that started as an online theft, with a group of teenage hackers stealing $243 million worth of Bitcoin, has turned into something much more serious, like a real-life kidnapping in Connecticut.

The theft started on August 19, 2024, and was executed by three individuals: Greavys (Malone Iam), Wiz (Veer Chetal), and Box (Jeandiel Serrano). The trio targeted a single Genesis creditor, a cryptocurrency investor based in Washington, D.C. They carried out the heist using a complex social engineering scheme.

The attack started when one of the criminals placed a fake call and pretended to be someone from Google support. The criminal used a disguised number to gain the victim’s trust and access personal accounts. Shortly after, another call came from someone claiming to be from Gemini, one of the major crypto exchanges, warning the victim of a ‘supposed’ security breach.

Using this scare tactic, the criminals convinced the victim to reset two-factor authentication (2FA) and unknowingly transferred funds from their Gemini account to a wallet controlled by the hacker. After all of this, the hacker made a loss of 4,100 Bitcoin, worth $243 million at the time.

From Bitcoin Scam to Real-World Extortion

A week after the crypto theft, Veer Chetal’s parents, Sushil and Radhika, were forced into a van by armed men, tied up with duct tape, and driven off. Thankfully, there were nearby witnesses, including an off-duty FBI agent who helped the police track the van.

The couples were quickly released, and four out of the six kidnappers were caught within hours. The reason behind the attack was disturbing, as it is believed that Veer’s partners in the heist pressured him into giving up more of the stolen funds by using his parents as leverage.

That same evening, Greavys and Box were arrested, one during a SWAT raid in Miami and the other at LAX wearing a $500,000 watch. Veer was also taken in quietly and now faces federal charges. By March 2025, five of the six people involved in the kidnapping had admitted guilt, and there is a possibility that they could spend 15 years behind bars.

Authorities are still looking into others connected to the crypto scam, while a federal wallet now holds the recovered Bitcoin.

Read More: HBAR Price Faces Crucial Breakdown Risk, Will $0.15 Hold?

Kraken Blocks North Korean Hacker’s Access Attempt: Details

by

  • Kraken exposed a North Korean hacker posing as a software engineer, uncovering discrepancies like fake identities, voice changes during interviews, and suspicious technical setups.
  • The exchange allowed the candidate to advance in interviews to gather intel on Lazarus Group’s hiring infiltration tactics.
  • Lazarus Group has stolen $650M+ from crypto firms and is now shifting focus to European targets after U.S. scrutiny following the ByBit hack.

Leading cryptocurrency exchange Kraken has announced that it recently discovered an attempt to infiltrate its platform. The official statement revealed that a North Korean hacker claimed to be a software engineer and applied for a job with the exchange.

Initially, the hiring process appeared normal, but various technical issues and irregular behaviors led to various suspicions. First, the name the intended employee used on their resume was different from they used to join the interview call.

Also, there were occasions during the interview call when the voices were changing. This suggested that the someone else was coaching them through the interview call.

Kraken further revealed that the individual method of accessing the system included a mix of mac desktops and virtual private servers (VPS), a common setup for hiding one’s physical location. Based on these suspicious behaviors, Kraken’s hiring team cross-checked the applicant’s details.

The check made them discover that the applicant’s email address was the same as one industry partners had previously identified as belonging to the North Korean hacker group (Lazarus). Using a combination of breach data, email patterns, and other open-source intelligence techniques, the Kraken red team made an in-depth probe.

Kraken Reveals Broader Plot Targeting Crypto Firms

The team discovered that the candidate was one of many fake identities on the web and had even gained employment at some other cryptocurrency firms. Despite the discovery, Kraken allowed the candidate to move to the next interview rounds.

Their aim was to gather more information on the tactics this group used in applying for jobs at crypto companies. Kraken’s chief security officer, Nick Percoco, led the final interview. Percoco asked simple questions for the candidate to verify their identity.

Such questions included knowledge about their local environment. They were also asked to provide a proper identity verification live on the interview.

However, the applicant’s responses weren’t convincing at all, which made the team confirm its previous suspicions that the application was an attempt to infiltrate the company. Data shows that the North Korean hacker group stole more than $650 million from crypto companies last year alone.

Lately, there have been reports that the group is now targeting Europe-based crypto companies since their methods have now been cast in the U.S. following the ByBit hack.

Related Reading |