Law Enforcement Actions Targeting Cryptocurrency Theft and Fraud Proceeds
South Korean police arrested two suspects over the alleged embezzlement of 22 BTC (~$1.5M) that had been held in police custody after a virtual asset company turned over a cold wallet during a 2021 hacking investigation. Reporting indicates required procedures to move seized crypto into a police-controlled cold wallet and vault were not followed; instead, the original third party retained control elements and later allegedly provided a mnemonic seed phrase to a hacker as part of a purported “loan” arrangement, enabling the attacker to recover the wallet and transfer the funds without police detection. The theft was reportedly uncovered during a National Police Agency audit triggered by a separate January 2026 incident in which 320 BTC went missing from the Gwangju District Prosecutors’ Office.
Separately, the U.S. Department of Justice announced the seizure of $61 million in USDT (Tether) tied to “pig butchering” cryptocurrency investment scams, stating the funds were traced to addresses used to launder proceeds stolen from victims. The DoJ described typical scam mechanics involving social engineering via dating/social messaging apps, coercion of trafficked workers in Southeast Asia–based scam compounds, and fraudulent investment platforms that display fabricated returns and impose additional “fees” when victims attempt withdrawals, with law enforcement emphasizing cross-border tracing and disruption of laundering infrastructure.
Related Entities
Organizations
Sources
Related Stories
Law Enforcement Crypto Custody Failures Lead to Multi-Million Dollar Thefts
US authorities arrested **John Daghita** (online handle **“Lick”**) in Saint Martin for allegedly stealing **more than $46 million** in cryptocurrency tied to the **U.S. Marshals Service (USMS)**. The arrest was conducted in a joint operation between the **FBI** and France’s **Groupe d’Intervention de la Gendarmerie Nationale (GIGN)**, and reportedly involved the seizure of cash, hard drives, and security keys. Reporting links Daghita to a USMS digital-asset management contractor (CMDSS), and notes that blockchain investigator **ZachXBT** publicly traced USMS-linked wallet movements to addresses he associated with Daghita, helping bring attention to the alleged theft. Separately, South Korea’s **National Tax Service** reportedly lost roughly **$5 million** in seized cryptocurrency after officials circulated a press release that exposed a wallet’s **mnemonic recovery phrase/password**, enabling an unknown party to drain the funds. The incident was described as part of a broader pattern of **crypto custody lapses** in South Korean law enforcement, with additional cases cited involving missing seized bitcoin and investigations tied to potential phishing and internal control failures. Together, the incidents underscore that government-held digital assets remain a high-value target and that operational security failures (credential exposure, weak key management, and inadequate redaction/review processes) can directly translate into rapid, irreversible losses.
1 weeks ago
US Law Enforcement Actions Targeting Crypto-Enabled Crime and Illicit Marketplaces
US authorities reported multiple enforcement actions tied to **crypto-enabled crime**. In the Empire Market case, prosecutors said co-creators **Raheim Hamilton** and **Thomas Pavey** designed the dark web marketplace to help users evade law enforcement and launder proceeds; the market allegedly facilitated about **$430M** in transactions (drugs, stolen payment data, counterfeit currency) before disappearing in 2020 in what investigators described as an exit scam that stole an estimated **$30M** in bitcoin. Hamilton pleaded guilty to federal drug conspiracy charges and agreed to forfeit roughly **1,230 BTC** plus **24.4 ETH** and real estate; Pavey previously pleaded guilty and agreed to forfeit about **1,584 BTC** and other assets. Separately, reporting highlighted alleged misuse and laundering of digital assets in other contexts. On-chain investigator **ZachXBT** traced movements from wallets associated with **US-seized crypto** (held under U.S. Marshals Service custodianship) to wallets allegedly linked to **John Daghita**, the son of a federal contractor executive, with claims of roughly **$23M** in diverted cryptocurrency and another wallet holding about **$36M** in Ethereum; ZachXBT said he alerted the **U.S. Marshals Service**. In another DOJ case, **Jingliang Su** (a Chinese national) was sentenced to **46 months** for laundering proceeds from a cryptocurrency investment fraud that authorities said victimized **174** people for **$36.9M**, using social engineering via social media/dating platforms and counterfeit trading sites, with **$26.9M** restitution ordered and multiple US agencies involved in tracing funds and dismantling the network.
1 months agoMajor Cryptocurrency-Related Cybercrime Prosecutions and Asset Seizures
Law enforcement agencies in multiple countries have made significant progress in prosecuting individuals and groups involved in large-scale cryptocurrency-related cybercrimes. In the United States, a California man pleaded guilty to laundering at least $25 million as part of a group that stole $230 million in cryptocurrency through social engineering and account takeovers. The group, composed of young adults from several states and abroad, used various tactics to compromise victims' crypto accounts and launder the proceeds, with several members facing charges including wire fraud, racketeering, and money laundering. In the United Kingdom, prosecutors secured a civil recovery order to seize over £4.11 million ($5.39 million) in crypto assets from Joseph James O'Connor, who was convicted for his role in the 2020 Twitter mega-hack. O'Connor and his associates used SIM-swapping and social engineering to hijack high-profile Twitter accounts, soliciting Bitcoin from followers and amassing illicit gains. These actions demonstrate the increasing effectiveness of international law enforcement in tracing, prosecuting, and recovering assets from cybercriminals who exploit cryptocurrency for large-scale fraud and theft.
3 months ago