Tag:

Stolen

Decrypt logo
NFT Gaming

Suspected Crypto Scammer Linked to $580 Million in Stolen Funds Arrested in Bangkok

by admin



In brief

  • Portuguese authorities suspect 39-year-old Pedro M. of orchestrating cryptocurrency and credit card fraud totaling €500 million across multiple countries including Portugal, Europe, the Philippines, and Thailand.
  • The suspect was discovered by a Portuguese journalist at a Bangkok luxury mall and arrested by Thai police using facial recognition technology.
  • Police say he’s been living illegally in Thailand since 2023.

A Portuguese man who police suspect of orchestrating cryptocurrency and credit card fraud worth $580 million (€500 million) has been apprehended in Bangkok, Thailand.

The man, identified as 39-year-old Pedro M. by English-language Thai newspaper Khaosod, was first spotted in a luxury shopping mall by a Portuguese journalist who was on holiday in the city.

Pedro’s last name was not confirmed by Khaosod, but his profile and images match that of Pedro Mourato, who’s well-known in Portuguese media.

Thai authorities say they confirmed his identity using facial recognition and biometric data. The police dispatched more than 10 plainclothes investigators to search the mall. Pedro M. was reportedly found while making a call on his smartphone with a “tense” expression.



Police say that Pedro, born in Lisbon, has been living in Thailand since 2023. He had managed to avoid an initial arrest warrant that was issued after he first entered the country and remained there. But he was there illegally after failing to renew his visa or officially register his address.

He reportedly continued his fraudulent activity in Thailand, allegedly defrauding investors of more than 1 million baht ($30,800) while in Bangkok. Citing Interpol databases, Khaosod says that Pedro has been implicated in frauds across the planet in Portugal, Europe, the Philippines, and Thailand.

Thailand Hits Back at Crypto Refugees

Fleeing to Thailand may not be an effective strategy for avoiding punishment for crypto crime. The Southeast Asian nation has nabbed plenty of suspected crypto criminals on the run over just the past year.

In May, a 30-year-old Vietnamese woman was arrested in Bangkok for her involvement in a cryptocurrency scam that allegedly deceived more than 2,600 victims and resulted in losses of roughly $300 million.

In August, Thai police apprehended a 33-year-old South Korean man at Bangkok’s Suvarnabhumi Airport for his alleged role in laundering cryptocurrency via gold bars for international criminals.

The same week, the 34-year-old “mastermind” of another fraudulent scheme was extradited to his home country of South Korea. The scheme was thought to have defrauded K-pop star Jungkook, a member of BTS, among many others.

Daily Debrief Newsletter

Start every day with the top news stories right now, plus original features, a podcast, videos and more.



Source link

0 comments
0 FacebookTwitterPinterestEmail
Coinbase hacker spent stolen funds on 100k Solana - 1
Crypto Trends

Coinbase hacker spent stolen funds on 100k Solana

by admin



On-chain analysis shows that the Coinbase hacker spent $22.95 million worth of USD Coin and spent it on Solana. This marks the second major SOL purchase made by the hacker.

Summary

  • The Coinbase hacker recently swapped $22.95 million DAI into USDC and bridged it to Solana to buy over 100,000 SOL.
  • Since the attack, the hacker has executed at least five major on-chain transactions involving Bitcoin, Ethereum, DAI, and Solana.

According to on-chain analyst Ember CN, the hacker swapped around 22.95 million DAI into USDC only a few hours before bridging the funds. Not long after, the hacker bridged the 22.95 million USDC to the Solana network to purchase 100,913 SOL at an average price of $227.

As of Oct. 3 on 09:24 UTC, the hacker had emptied out most of their holdings on the wallet address, leaving only $0.47 worth of Solana (SOL).

This marks the largest SOL purchase made by the hacker allegedly responsible for draining up to $400 million from a cyberattack that occurred in May 2025. Just a month prior, the hacker also swapped DAI (DAI) for USDC before using the stolen funds to purchase 38,126 Solana.

The Coinbase hacker had spent stolen funds to purchase 100,913 SOL | Source: EmberCN

At press time, Solana is trading at $231 after rising by 3% in the past 24 hours. In the past month, SOL has been on an upward trend, having risen by 10.8%. However, it is still standing below its all-time high at $293 by 21.2%.

Coinbase hacker moves stolen funds from May cyberattack

So far, the Coinbase hacker has made at least five transactions on-chain since robbing the major crypto exchange of at least $400 million in damages. In May 2025, the hacker swapped about $42.5 million from Bitcoin (BTC) into ETH (ETH) via THORChain. Within the same month, the hacker sold 26,347 Ethereum for 68.18 million DAI. The sale was done at a price of $2,588.

Later in July, the hacker repurchased 5,513 ETH by spending 14.86 million DAI at $2,696. After a period of dormancy, the hacker appeared to use more DAI converted into USDC to buy chunks of large Solana purchases, much like the most recent one.

The May 2025 breach on Coinbase reportedly impacted nearly 70,000 users as the hacker deployed coordinated social-engineering on the attack.

To carry out the cyberattack, hackers had bribed overseas customer-support contractors to extract user records between December 2024 and May 2025. The attack compromised personal data, including full names, dates of birth, addresses, phone numbers, masked bank account numbers, and government-issued ID scans.



Source link

0 comments
0 FacebookTwitterPinterestEmail
Decrypt logo
GameFi Guides

$21M in Bitcoin and Other Crypto Stolen From Japanese Miner SBI, Says Blockchain Sleuth

by admin



In brief

  • Around $21 million in crypto was stolen from addresses tied to Japanese miner SBI Crypto, according to blockchain sleuth ZachXBT.
  • The blockchain sleuth says that the crypto has been laundered via Tornado Cash.
  • SBI Crypto has yet to acknowledge the suspicious transfers.

Suspicious outflows totaling about $21 million from addresses tied to Japan-based crypto miner SBI Crypto were labeled “stolen” by a blockchain expert. 

Blockchain sleuth ZackXBT highlighted the movements from the company, writing on Telegram that the missing funds included Bitcoin, Ethereum, Litecoin, Dogecoin, and Bitcoin Cash

He added that the funds were moved to “instant exchanges” or laundered through coin mixer Tornado Cash. 

The incident is the latest in a series of breaches this year, including the $1.4 billion hack of crypto exchange Bybit and theft of almost $50 million from crypto neobank Infini. The total amount stolen from various crypto entities this year by the end of February had already nearly matched 2024’s full-year total. 



Tornado Cash is a coin mixing app that allows users to hide their Ethereum transactions. The U.S. Treasury Department put the mixing service on the Specially Designated Nationals list in 2022 but removed it from the list this year. 

The U.S. Justice Department and other law enforcement agencies globally have alleged that North Korean state-sponsored hacking group Lazarus Group had used the app to launder stolen funds. Investigators have linked Lazarus to the Bybit exploit and a number of other incidents. The group typically tries to hide stolen funds through decentralized exchanges and obfuscating apps. 

ZachXBT wrote on Telegram that “several indicators share similarities to other known Democratic People’s Republic of Korea attacks.”

He added that SBI Crypto had yet to publicly disclose the incident.

Decrypt reached out to SBI Crypto but did not immediately receive a response.

SBI Crypto is a crypto mining pool owned by Japan’s publicly-traded investment management company SBI Group. 

The company’s crypto arm, SBI VC Trade, last year agreed to take control of Bitcoin exchange DMM Bitcoin’s customer assets and accounts following a $308 million hack

Daily Debrief Newsletter

Start every day with the top news stories right now, plus original features, a podcast, videos and more.



Source link

0 comments
0 FacebookTwitterPinterestEmail
Hacker moves stolen funds, sells $6.8m ETH
NFT Gaming

Hacker moves stolen funds, sells $6.8m ETH

by admin



The attacker responsible for the UXLINK hack is still shuffling their loot, recently dumping millions in assets in a bid to convert the proceeds of the hack.

Summary

  • The UXLINK hack continues to unfold as attacker offloads about $6.8 million worth of ETH. 
  • In a twist, the attacker recently lost a hefty portion of the stolen tokens to a phishing attack while moving assets.
  • UXLINK has finalized a new smart contract audit and is preparing for a token migration

The UXLINK hack has entered a new chapter as the attacker continues to shuffle funds stolen from the protocol. Per data from on-chain trackers, the malicious actor converted roughly 1,620 ETH into DAI stablecoins in the early hours of today, valued at approximately $6.8 million at the time of the transaction.

Occurring nearly 48 hours after the exploit, this transaction marks the first major effort by the attacker to cash out the stolen assets. The hacker had already engaged in extensive fund shuffling, moving assets across multiple wallets and using both centralized and decentralized exchanges to complicate the trail and attempt laundering.

In an interesting twist, the attacker has already lost a significant portion of the stolen funds to a phishing attack. Security researchers found that they had unknowingly granted approval to a malicious contract controlled by the Inferno Drainer group, allowing 542 million UXLINK tokens, worth roughly $43 million at the time, to be drained from their wallet.

The recently converted ETH represents only a portion of the stolen funds, with the attacker still estimated to be holding millions in assorted assets.

How the UXLINK hack Happened

The UXLINK hack began on September 22 and continued for several hours into the following day. The core of the attack involved an exploit of the project’s multi-signature wallet through a delegate call vulnerability. This security flaw gave the attacker administrator-level access, enabling unauthorized transfers and the ability to mint large amounts of fake tokens.

Within hours, the attacker minted nearly 10 trillion CRUXLINK tokens on the Arbitrum blockchain and swiftly liquidated part of these tokens for ETH, USDC, and other assets, draining liquidity and causing the token to crash by more than 70%.

The protocol responded immediately, alerting exchanges to freeze suspicious transactions and working with security firms to trace and mitigate further losses. However, these efforts did little to offset the damage already done.

UXLINK has since deployed emergency measures, including a token migration to a newly audited smart contract with a capped supply to prevent similar exploits. The audit focused on reinforcing security and tightening controls around multisig wallets and contract interactions.

The latest rounds of asset shuffling and conversions by the hacker complicate any hopes for full recovery of the stolen funds, and it remains to be seen whether additional movements will occur in the near term.



Source link

0 comments
0 FacebookTwitterPinterestEmail
Red padlock open on electric circuits network dark red background
Gaming Gear

Huge theft reportedly sees 2TB of private data stolen – police files hit in major breach

by admin



  • Maida.health allegedly leaks 2.3TB of Brazilian military police medical and personal data
  • Cybercriminals advertised stolen records including diagnostics, ID cards, and healthcare contracts online
  • Healthcare remains a top target due to sensitive data and risk of identity theft or fraud

Maida.health, a Brazilian health technology company, allegedly suffered a data breach in which it lost more than 2TB of data concerning the country’s military police.

A threat actor recently posted a new thread on an underground forum advertising 2.3 terabytes of data sourced from maida.health, including the health records of Brazilian military police, identification cards and other details, as well as medical reports.

“This data includes all medical services and management of healthcare contracts in the Brazilian health system, particularly the Brazilian military police,” the post reads. “It specifically covers diagnostic and treatment services such as cardiology, neurology, gynecology, and more, including patient details, identification cards, and medical records for both personnel and their families.”


You may like

Identity theft and medical fraud

So far, there has been no confirmation on the authenticity of the claims. The attacker posted a sample that is yet to be analyzed by security researchers, which allegedly includes invoices for medical care, administrative protocols, regulatory certificates, and clinical patient data.

In its writeup, Cybernews explained how the data might be abused: “When this kind of data is leaked, it could often lead to identity theft or medical fraud. For example, criminals may try to impersonate the victim to receive medical care or try to get prescription drugs in the victim’s name,” the researchers said.

This is not the first time the citizens of Brazil had their sensitive data leaked. In fact, at one point in early 2024, the entire Brazilian population was potentially put at risk, when researchers found an unprotected database that held personal information on approximately 223 million Brazilians.

Given that by 2021 data, Brazil has 214 million people, it could be that information on the entire population of Brazil was contained in that database.

Due to the sensitivity of the information generated, the healthcare industry is widely considered as among the most targeted ones.

Via Cybernews

You might also like



Source link

0 comments
0 FacebookTwitterPinterestEmail
Gemini co-founders Cameron and Tyler Winklevoss at White House (Jesse Hamilton/CoinDesk)
NFT Gaming

Venus Protocol Restores Services, Recovers Stolen Funds After $27M Exploit

by admin



Venus Protocol, a major lending platform on BNB Chain, said it fully restored operations after suspending withdrawals and liquidations in response to a suspected exploit on Tuesday.

The protocol confirmed on Wednesday that lost funds had been recovered and that the pause allowed security teams to complete full checks to ensure its front end was not compromised.

The incident, which stemmed from a malicious contract update that drained an estimated $27 million, prompted Venus to halt key functions while investigating.

Update: Venus Protocol has been fully restored (withdrawals and liquidations resumed) as of 9:58PM UTC. ✅

The lost funds have been recovered under Venus’ protection. ✅ https://t.co/y2uUwPqmtb

— Venus Protocol (@VenusProtocol) September 2, 2025

On-chain sleuths had initially flagged suspicious movements from the platform’s Core Pool Comptroller contract, which seemed to route user assets including vUSDC and vETH to the hacker’s wallet.

Despite the platform’s reassurance that funds are safe, Venus’ native token, XVS, remains down 2.69% over the past 24 hours, following a sell-off on Tuesday.

Venus said it will release a full post-mortem of the incident in due course while expressing its gratitude to the community for support during a “critical moment” on X.

It emphasized that the pause was “necessary not just to secure the phished funds, but to conduct full security checks.”





Source link

0 comments
0 FacebookTwitterPinterestEmail
Solana
GameFi Guides

Over 38,000 Solana Purchased With Stolen Crypto

by admin


Trusted Editorial content, reviewed by leading industry experts and seasoned editors. Ad Disclosure

A hacker linked to the Coinbase breach has made another move, this time buying over 38,000 Solana tokens worth nearly $8 million.

Blockchain tracking firm Ember CN reported that the hacker converted 7.957 million DAI to USDC before bridging the funds to Solana and purchasing the tokens at an average price of $208.

Blueprint Of Bold Moves

This is not the first major transaction tied to the hacker. Back in May, they offloaded 26,347 Ethereum for 68 million DAI at $2,588 per token.

Two months later in July, they shifted gears and bought back 5,513 ETH for 14.865 million DAI, paying an average of $2,696 each.

These calculated trades suggest the individual or group behind the breach is taking a measured approach rather than making random decisions.

[从 Coinbase 用户处窃取资金的黑客] 在过去 1 小时里,把 795.7 万 DAI 换成 USDC 后跨链到 Solana,然后买成了 38,126 枚 SOL,购买价格 $208.7。https://t.co/TRVVPiWIGS

这个黑客:
1⃣5 月,出售 26,347 枚 ETH 换成 6818 万 DAI,出售均价 $2,588。
2⃣7 月,1486.5 万 DAI 重新购买 5,513 枚… https://t.co/4HBWNBF738 pic.twitter.com/GIPGqwUJYu

— 余烬 (@EmberCN) August 24, 2025

Market conditions may have influenced this latest decision. Solana has gained more than 17% over the past 30 days, even though it remains down about 25% from its all-time high of $295 in January. Analysts believe the token could see more upside if current momentum holds.

Technical Outlook Signals Room For Gains

Trader Ucan has identified a rising channel in Solana’s price structure following a rounded bottom formation.

Key resistance levels include $215 for the first barrier, $227 for a breakout signal, and $242 as an upper target.

The channel’s top sits near $251. Another market voice, trader Ali, suggested holding Solana until it approaches $360, a level some expect if bullish sentiment stays strong.

The hacker’s purchase price of $208 aligns with those optimistic calls. Whether the market rewards that bet remains to be seen, but the move places the hacker among investors banking on Solana’s rally continuing.

SOLUSD currently trading at $208.6. Chart: TradingView

Fallout From The Coinbase Breach

The initial breach, which took place in May, impacted about 70,000 Coinbase users. The reports indicated that the hackers paid foreign customer-support contractors a bribe to gain access to sensitive user information between December 2024 and May 2025.

Sensitive user information exposed consisted of full names, birth dates, addresses, phone numbers, masked bank account data, and scans of government identification.

Coinbase made the hack public after being presented with a $20 million ransom payment, which Coinbase declined to make.

CEO Brian Armstrong later confirmed the exchange would reimburse affected customers and announced a $20 million bounty for information leading to an arrest.

The company estimates remediation costs could reach $400 million as it works to tighten security and restore user confidence.

For now, attention remains on the hacker’s latest bet. Whether the Solana purchase proves profitable—or marks the beginning of more high-profile trades—will depend on what happens in the coming weeks as the market reacts to shifting sentiment.

Featured image from Pixabay, chart from TradingView

Editorial Process for bitcoinist is centered on delivering thoroughly researched, accurate, and unbiased content. We uphold strict sourcing standards, and each page undergoes diligent review by our team of top technology experts and seasoned editors. This process ensures the integrity, relevance, and value of our content for our readers.





Source link

0 comments
0 FacebookTwitterPinterestEmail
Solana price path to $200 stalls as transactions and addresses jump
GameFi Guides

Coinbase hacker uses stolen crypto to buy 38,126 Solana

by admin



The hacker behind a recent Coinbase breach has surfaced with a 38,126 Solana purchase worth approximately $7.9 million, made with funds stolen from the exchange’s customers.

According to blockchain analyst Ember CN, the hacker converted 7.957 million DAI to USDC, then bridged these funds to the Solana network to purchase Solana (SOL) at an average price of $208.7.

The purchase comes as Solana trades up over 17% in the last 30 days, though the token remains down 29% from its all-time high of $293 reached in January.

This marks the third significant asset allocation move by the hacker behind the Coinbase breach in May.

Hacker’s strategic trading pattern spans over months

The Coinbase hacker has shown methodical trading behavior since gaining access to customer funds on at least two occasions:

  • In May, the hacker sold 26,347 Ethereum (ETH) for 68.18 million DAI. The sale was done at a price of $2,588.
  • Two months later in July, the hacker repurchased 5,513 ETH with 14.865 million DAI at $2,696.

X post by analyst EmberCN

The $208.7 purchase price aligns with analyst predictions that SOL could rally toward $360.

Technical analysis from trader Ucan indicates that Solana is currently moving within a rising channel, following the formation of a rounded bottom pattern.

Key resistance levels include $215 for initial resistance, $227 for breakout confirmation, and $242 as a strong upside target. The channel top sits at $251.

The hacker’s timing coincides with bullish sentiment around Solana, with prominent trader Ali recently asking to hold SOL until $360.

$SOL | Technical Analyses

Solana is moving within a rising channel after forming a rounded bottom. 👀

Key levels to watch 👇

• $215 – first resistance
• $227 – breakout confirmation
• $242 – strong upside target
• $251 – channel top

As long as $190 support holds, the… pic.twitter.com/mmdVSeH2Yl

— 𝖀𝖈𝖆𝖓 (@Ucan_Coin) August 23, 2025

Coinbase hack impact continues to unfold

The May Coinbase breach affected nearly 70,000 users through a coordinated social-engineering attack. Cybercriminals bribed overseas customer-support contractors to extract user records between December 2024 and May 2025.

The attack compromised personal data, including full names, dates of birth, addresses, phone numbers, masked bank account numbers, and government-issued ID scans.

Coinbase disclosed the incident publicly after receiving a $20 million ransom demand, which the company refused to pay.

CEO Brian Armstrong pledged to reimburse affected customers. Additionally, he offered a $20 million reward for information leading to an arrest. The breach triggered an estimated remediation cost of up to $400 million for the exchange.





Source link

0 comments
0 FacebookTwitterPinterestEmail
Close