US Law Enforcement Actions Targeting Crypto-Enabled Crime and Illicit Marketplaces
US authorities reported multiple enforcement actions tied to crypto-enabled crime. In the Empire Market case, prosecutors said co-creators Raheim Hamilton and Thomas Pavey designed the dark web marketplace to help users evade law enforcement and launder proceeds; the market allegedly facilitated about $430M in transactions (drugs, stolen payment data, counterfeit currency) before disappearing in 2020 in what investigators described as an exit scam that stole an estimated $30M in bitcoin. Hamilton pleaded guilty to federal drug conspiracy charges and agreed to forfeit roughly 1,230 BTC plus 24.4 ETH and real estate; Pavey previously pleaded guilty and agreed to forfeit about 1,584 BTC and other assets.
Separately, reporting highlighted alleged misuse and laundering of digital assets in other contexts. On-chain investigator ZachXBT traced movements from wallets associated with US-seized crypto (held under U.S. Marshals Service custodianship) to wallets allegedly linked to John Daghita, the son of a federal contractor executive, with claims of roughly $23M in diverted cryptocurrency and another wallet holding about $36M in Ethereum; ZachXBT said he alerted the U.S. Marshals Service. In another DOJ case, Jingliang Su (a Chinese national) was sentenced to 46 months for laundering proceeds from a cryptocurrency investment fraud that authorities said victimized 174 people for $36.9M, using social engineering via social media/dating platforms and counterfeit trading sites, with $26.9M restitution ordered and multiple US agencies involved in tracing funds and dismantling the network.
Sources
Related Stories
Law enforcement actions against darknet marketplaces and cybercrime forums
US and international law enforcement continued disrupting illicit online marketplaces and forums used to trade **ransomware services, malware, stolen data, and drugs**. The FBI seized the dark web and clear web domains for **RAMP**, a long-running, predominantly Russian-language cybercrime forum that marketed itself as the “only place ransomware allowed,” and which hosted vetted users, tutorials, and a marketplace for malware and criminal services; the seizure was coordinated with the US Attorney’s Office for the Southern District of Florida and DOJ’s Computer Crime and Intellectual Property Section. Separately, US prosecutors announced guilty pleas tied to major darknet markets that also sold **cybercrime tools and stolen information** alongside narcotics. A Virginia man, **Raheim Hamilton** (aka `Sydney`/`ZeroAngel`), co-creator of **Empire Market**, pleaded guilty to federal drug conspiracy charges related to facilitating roughly **$430M** in transactions (2018–2020) and designing the market to evade law enforcement using cryptocurrency. A Slovakian national, **Alan Bill** (aka `Vend0r`/`KingdomOfficial`), pleaded guilty for helping operate **Kingdom Market** (2021–2023), which authorities previously seized in December 2023; investigators linked him to the operation after his arrest with devices and a crypto hardware wallet allegedly containing evidence tying him to the marketplace.
1 months agoMajor Cryptocurrency-Related Cybercrime Prosecutions and Asset Seizures
Law enforcement agencies in multiple countries have made significant progress in prosecuting individuals and groups involved in large-scale cryptocurrency-related cybercrimes. In the United States, a California man pleaded guilty to laundering at least $25 million as part of a group that stole $230 million in cryptocurrency through social engineering and account takeovers. The group, composed of young adults from several states and abroad, used various tactics to compromise victims' crypto accounts and launder the proceeds, with several members facing charges including wire fraud, racketeering, and money laundering. In the United Kingdom, prosecutors secured a civil recovery order to seize over £4.11 million ($5.39 million) in crypto assets from Joseph James O'Connor, who was convicted for his role in the 2020 Twitter mega-hack. O'Connor and his associates used SIM-swapping and social engineering to hijack high-profile Twitter accounts, soliciting Bitcoin from followers and amassing illicit gains. These actions demonstrate the increasing effectiveness of international law enforcement in tracing, prosecuting, and recovering assets from cybercriminals who exploit cryptocurrency for large-scale fraud and theft.
3 months ago
Law Enforcement Actions Targeting Cryptocurrency Theft and Fraud Proceeds
South Korean police arrested two suspects over the alleged embezzlement of **22 BTC (~$1.5M)** that had been held in police custody after a virtual asset company turned over a cold wallet during a 2021 hacking investigation. Reporting indicates required procedures to move seized crypto into a police-controlled cold wallet and vault were not followed; instead, the original third party retained control elements and later allegedly provided a **mnemonic seed phrase** to a hacker as part of a purported “loan” arrangement, enabling the attacker to recover the wallet and transfer the funds without police detection. The theft was reportedly uncovered during a National Police Agency audit triggered by a separate January 2026 incident in which **320 BTC** went missing from the Gwangju District Prosecutors’ Office. Separately, the U.S. Department of Justice announced the seizure of **$61 million in USDT (Tether)** tied to **“pig butchering”** cryptocurrency investment scams, stating the funds were traced to addresses used to launder proceeds stolen from victims. The DoJ described typical scam mechanics involving social engineering via dating/social messaging apps, coercion of trafficked workers in Southeast Asia–based scam compounds, and fraudulent investment platforms that display fabricated returns and impose additional “fees” when victims attempt withdrawals, with law enforcement emphasizing cross-border tracing and disruption of laundering infrastructure.
2 weeks ago