Major Cryptocurrency-Related Cybercrime Prosecutions and Asset Seizures
Law enforcement agencies in multiple countries have made significant progress in prosecuting individuals and groups involved in large-scale cryptocurrency-related cybercrimes. In the United States, a California man pleaded guilty to laundering at least $25 million as part of a group that stole $230 million in cryptocurrency through social engineering and account takeovers. The group, composed of young adults from several states and abroad, used various tactics to compromise victims' crypto accounts and launder the proceeds, with several members facing charges including wire fraud, racketeering, and money laundering.
In the United Kingdom, prosecutors secured a civil recovery order to seize over £4.11 million ($5.39 million) in crypto assets from Joseph James O'Connor, who was convicted for his role in the 2020 Twitter mega-hack. O'Connor and his associates used SIM-swapping and social engineering to hijack high-profile Twitter accounts, soliciting Bitcoin from followers and amassing illicit gains. These actions demonstrate the increasing effectiveness of international law enforcement in tracing, prosecuting, and recovering assets from cybercriminals who exploit cryptocurrency for large-scale fraud and theft.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
4 events from the most recent confirmed update back to the earliest known activity.
California man pleads guilty in laundering of $230 million in stolen crypto
A California man admitted guilt to laundering cryptocurrency linked to a $230 million theft, according to multiple reports. The plea marked a significant law-enforcement development in the case and confirmed his role in moving the stolen assets.
UK prosecutors seize £4.11 million in crypto tied to Twitter hack culprit
UK prosecutors announced the seizure of £4.11 million in cryptocurrency connected to a person involved in the 2020 Twitter mega-hack. The seizure was reported as part of efforts to recover criminal proceeds from the scheme.
$230 million cryptocurrency theft is carried out
A separate large-scale cryptocurrency heist resulted in roughly $230 million being stolen from a victim. Later court reporting said a California man helped launder the stolen funds.
Twitter mega-hack compromises high-profile accounts
Attackers hijacked prominent Twitter accounts in the 2020 'mega-hack' and used them to promote a cryptocurrency scam. The incident later became tied to proceeds that UK prosecutors said they seized from one of the culprits.
Sources
3 references tracked. Mallory keeps watching after this page renders.
Cryptocurrency launderer admits guilt in $230 million scheme
scworld.com
Open sourceCalifornia man admits to laundering crypto stolen in $230M heist
bleepingcomputer.com
Open sourceUK prosecutors seize £4.11M in crypto from Twitter mega-hack culprit
go.theregister.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Major International Law Enforcement Actions Against Cybercrime and Financial Fraud Networks
Law enforcement agencies across multiple countries have conducted significant operations targeting cybercriminal groups responsible for large-scale financial fraud, data breaches, and cryptocurrency theft. In Spain, police arrested a 19-year-old hacker accused of stealing and attempting to sell 64 million personal data records from nine companies, while Ukrainian authorities apprehended a separate data broker who used custom malware to compromise accounts and sell access on hacker forums. In California, a member of the so-called "Social Engineering Enterprise" pleaded guilty to laundering millions in cryptocurrency stolen through sophisticated social engineering attacks, with the group responsible for a $263 million heist and extravagant spending of the proceeds. Meanwhile, Russian police dismantled a gang that used NFCGate-based malware to steal millions from bank customers by tricking victims into installing fake banking apps and harvesting card credentials for remote theft. A major international operation led by Europol and Eurojust dismantled a €700 million cryptocurrency scam network in Europe that used deepfake videos and aggressive marketing to lure victims into fake investment schemes. The network operated numerous fraudulent platforms, laundered funds through complex channels, and was taken down in coordinated raids across several countries, resulting in arrests and the seizure of cash, cryptocurrencies, and luxury items. These actions highlight the growing sophistication of cyber-enabled financial crime and the increasing collaboration between law enforcement agencies to disrupt such operations on a global scale.
Mar 21, 2026
Social Engineering Enterprise Cryptocurrency Theft and Prosecution
A criminal group known as the Social Engineering Enterprise orchestrated large-scale cryptocurrency thefts using social engineering tactics and physical attacks to gain access to victims' digital assets. The group targeted individuals with significant cryptocurrency holdings, either deceiving them into revealing access credentials or physically breaking into their homes to steal devices containing private keys. Law enforcement efforts have led to multiple arrests and guilty pleas, including a California man who admitted to laundering millions in stolen cryptocurrency and facilitating the group's operations by renting luxury properties for their activities. In related developments, a key participant in a $263 million social engineering ring pleaded guilty, and additional members have been indicted and arrested in various locations, including Miami and Dubai. The group's operations began in late 2023 and involved members from the United States and abroad, who coordinated attacks and laundered proceeds through real estate and other means. The ongoing investigation highlights the growing threat of organized cybercrime targeting cryptocurrency holders through both digital and physical means.
Mar 21, 2026
US Law Enforcement Actions Targeting Crypto-Enabled Crime and Illicit Marketplaces
US authorities reported multiple enforcement actions tied to **crypto-enabled crime**. In the Empire Market case, prosecutors said co-creators **Raheim Hamilton** and **Thomas Pavey** designed the dark web marketplace to help users evade law enforcement and launder proceeds; the market allegedly facilitated about **$430M** in transactions (drugs, stolen payment data, counterfeit currency) before disappearing in 2020 in what investigators described as an exit scam that stole an estimated **$30M** in bitcoin. Hamilton pleaded guilty to federal drug conspiracy charges and agreed to forfeit roughly **1,230 BTC** plus **24.4 ETH** and real estate; Pavey previously pleaded guilty and agreed to forfeit about **1,584 BTC** and other assets. Separately, reporting highlighted alleged misuse and laundering of digital assets in other contexts. On-chain investigator **ZachXBT** traced movements from wallets associated with **US-seized crypto** (held under U.S. Marshals Service custodianship) to wallets allegedly linked to **John Daghita**, the son of a federal contractor executive, with claims of roughly **$23M** in diverted cryptocurrency and another wallet holding about **$36M** in Ethereum; ZachXBT said he alerted the **U.S. Marshals Service**. In another DOJ case, **Jingliang Su** (a Chinese national) was sentenced to **46 months** for laundering proceeds from a cryptocurrency investment fraud that authorities said victimized **174** people for **$36.9M**, using social engineering via social media/dating platforms and counterfeit trading sites, with **$26.9M** restitution ordered and multiple US agencies involved in tracing funds and dismantling the network.
Mar 21, 2026