Summary
- A crypto investor lost 783 Bitcoin, valued at $91 million during the incident, to a social engineering scam, as reported by blockchain investigator ZachXBT.
- The perpetrator supposedly utilized a coin-mixing service to obscure their identity.
- ZachXBT claimed that three individuals employed similar methods to steal $243 million in Bitcoin last year.
On Tuesday, a crypto investor was deceived into losing 783 Bitcoin—valued at $91 million at the time—due to a social engineering scam, as revealed by the anonymous blockchain analyst ZachXBT.
The investigator stated in a Telegram message that the victim was approached by individuals posing as customer support for both a hardware wallet manufacturer and a cryptocurrency exchange, though the companies involved were not named.
Currently, the value of 783 Bitcoin stands at approximately $88 million, as the price of BTC has declined recently.
The threat actor made multiple deposits into Wasabi Wallet, a privacy-centered Bitcoin “mixer” that halted its services for U.S. users last year. According to ZachXBT, “the stolen funds started to disperse” across various digital wallets.
Social engineering attacks can yield significant profits in the cryptocurrency space. ZachXBT pointed out that this incident occurred precisely one year after he accused three individuals of stealing 4,064 BTC—valued at $243 million at the time—from another unnamed victim using similar tactics.
In Florida, two suspects were apprehended a month later after reportedly using the stolen funds to purchase luxury items such as cars and watches, along with real estate. They allegedly impersonated Google support team members to convince the victim to change their two-factor authentication settings.
The complexity of social engineering scams varies; some can be as simple as “SIM swapping,” where criminals persuade a mobile provider to transfer a victim’s phone service to a device under their control, as detailed in an annual FBI report.
Notoriously, an SEC employee became a victim of a SIM swapping attack in 2024, prior to the introduction of spot Bitcoin exchange-traded funds in the U.S. The regulator’s X account prematurely announced the approval of the ETFs, leading to a 14-month prison sentence for an Alambama for his role in the scheme.
In April of last year, the Bureau explicitly cautioned against social engineering scams, noting that impersonating employees, call forwarding to obtain victims’ phone numbers, and phishing schemes for sensitive information are common tactics.
Job seekers are not immune either. In February, cybersecurity site Bleeping Computer reported a social engineering scam where the hacking group Crazy Evil constructed a fake cryptocurrency company to lure applicants into downloading malware that drains wallets.
Daily Debrief Newsletter
Kick off each day with the latest news, original articles, podcasts, videos, and more.
