$243M Crypto Theft Ends in Arrests and Frozen AssetsA massive $243 million cryptocurrency heist, targeting a Genesis creditor, culminated in multiple arrests after an advanced social engineering operation was executed in August. According to blockchain investigator ZachXBT, the individuals behind the theft have been identified as Greavys (Malone Iam), Wiz (Veer Chetal), and Box (Jeandiel Serrano). The trio successfully compromised the victim’s personal and exchange accounts through a series of calculated steps.The attack began on August 19 when the perpetrators, posing as Google Support, contacted the victim using a spoofed phone number, allowing them access to personal accounts. Next, they impersonated Gemini support staff, deceiving the victim into believing their exchange account had been breached. The attackers persuaded the victim to reset their two-factor authentication and transfer funds to a wallet controlled by the group. 1/ An investigation into how Greavys (Malone Iam), Wiz (Veer Chetal), and Box (Jeandiel Serrano) stole $243M from a single person last month in a highly sophisticated social engineering attack and my efforts which have helped lead to multiple arrests and millions frozen. pic.twitter.com/dcY1e9xsPd— ZachXBT (@zachxbt) September 19, 2024 Additionally, they convinced the victim to install AnyDesk, a remote desktop tool, giving them access to the victim’s screen and enabling the theft of private keys from Bitcoin Core. This led to the transfer of a substantial amount of Bitcoin, with one transaction involving 4,064 BTC at 4:05 AM UTC on August 19, documented under transaction hash ending at fbe9090.A video secured by ZachXBT captures the moment the criminals celebrated receiving $238 million. Tracing the stolen funds revealed that the entire $243 million was quickly divided among the attackers, spread across more than 15 exchanges, and swiftly converted into Bitcoin, Litecoin, Ethereum, and Monero to obscure the transaction trail.Wiz (Veer Chetal), one of the key players in the theft, reportedly ended up with a significant share of the stolen crypto. According to ZachXBT, Chetal accidentally disclosed his full name during a screen-sharing session. Additional evidence includes accomplices referring to him as "Veer" in both audio files and chat logs. Currently, approximately $34.5 million of Chetal's funds are traceable to the Ethereum wallet 0x3c7…5c935.The blockchain sleuth said that on Wednesday, FBI agents raided homes in Miami and Los Angeles based on his investigation. Box and Greavys reportedly got caught in Miami and Los Angeles. ZachXBT suggested that authorities are expected to have seized more funds due to large on-chain transactions post-arrests. While ZachXBT has not disclosed how he obtained access to the videos and chat logs on Telegram and Discord, he hinted on X (formerly Twitter) that “Some things are better left unsaid” when questioned about the source of his evidence.8/ Greavys was located via OSINT in LA/Miami due to friends/girls posting his location on social media each night.He also has an Instagram account where he posted photos of himself using his name earlier this year. pic.twitter.com/mfh0cAaJGG— ZachXBT (@zachxbt) September 19, 2024 He also shared that with the help of Cryptoforensic Investigators, zeroShadow, and Binance Security Team, over $9M has been frozen, and over $500K has been returned. The victim cooperated closely in the investigation. ZachXBT's findings played a significant role in multiple arrests and the freezing of millions in assets. This case highlights the growing efficiency of blockchain analysts working in tandem with law enforcement to trace illicit crypto activity. According to ZachXBT, the incident serves as a stark warning about the vulnerabilities within the digital asset space and emphasizes the need for robust security measures.Though the identity of the victim remains undisclosed, it is notable that Mark Cuban, a prominent crypto enthusiast, faced a similar social engineering attack on his Google account in June. Cuban’s account was restored within 24 hours, though it has not been confirmed whether he was linked to this specific theft.This article has been refined and enhanced by ChatGPT.