Top Highlights
- European law enforcement arrested five suspects connected to a €100 million+ crypto scam that targeted over 100 victims across multiple countries since 2018, involving fraud and money laundering through a fake investment platform.
- The scam operated by promising high crypto returns, transferring funds to Lithuanian bank accounts for laundering, and disappearing after victims paid additional withdrawal fees.
- The US FTC reports a record $12.5 billion lost to fraud in 2024, with investment scams growing significantly, and over 79% of victims losing median amounts exceeding $9,000.
- Chainalysis successfully thwarted a $13 million social engineering attack on Venus Protocol, recovering funds within 12 hours and freezing assets, showcasing swift detection against crypto thefts.
The Issue
Law enforcement agencies across Europe have uncovered and arrested five suspects involved in a sophisticated online investment scam that defrauded over 100 victims across four countries—France, Germany, Italy, and Spain—out of more than €100 million ($118 million). The scheme, active since at least 2018, centered around a fraudulent cryptocurrency investment platform that lured individuals with promises of high returns. Once deposits were made, the stolen funds were funneled through bank accounts in Lithuania to evade detection and then further disguised. Victims who attempted to withdraw their assets were coerced into paying extra fees, which led to the disappearance of the scam website. The coordinated effort, involving multiple law enforcement agencies from Bulgaria, Italy, Lithuania, Portugal, Romania, and Spain, also included searches and the freezing of assets. Meanwhile, in the United States, the Federal Trade Commission reports a record $12.5 billion lost to scams in 2024, with investment fraud being the most lucrative—highlighting the global scale of such criminal activities.
Simultaneously, private cybersecurity firm Chainalysis detailed how a social engineering attack on a Venus Protocol user was thwarted: attackers used a compromised Zoom client to take control of the victim’s system, tricking them into executing a blockchain transaction that granted the hackers access to their assets. Thanks to swift detection and community intervention, the attackers’ wallet was force-liquidated, allowing law enforcement to recover approximately $13 million worth of stolen funds and freezing an additional $3 million still under the attacker’s control. This incident, part of broader efforts including a recent crackdown by Seoul’s police that disrupted a cybercrime ring stealing around $30 million, underscores the persistent and evolving nature of financial cybercrimes worldwide, blending traditional scam techniques with advanced digital tactics.
What’s at Stake?
Cyber risks pose a profound threat to financial stability and personal security, exemplified by recent international investigations into elaborate investment fraud schemes, which have defrauded over €100 million from victims across Europe, and record-breaking U.S. losses exceeding $12.5 billion in 2024, predominantly from online investment scams. These schemes often involve social engineering tactics, such as malicious manipulation of system access via compromised platforms like Zoom, enabling attackers to drain assets by infiltrating blockchain wallets or impersonating officials, with some cases resulting in the recovery of stolen funds through swift, coordinated responses. The widespread nature of these threats underscores the persistent vulnerabilities within digital financial ecosystems, where fraudsters exploit sophisticated methods to deceive individuals and institutions, leading to significant monetary losses, erosion of trust, and ongoing challenges for law enforcement agencies worldwide striving to detect, prevent, and mitigate such pervasive cyber risks.
Possible Actions
Quick action in cases like the Eurojust arrests involving a massive €100 million cryptocurrency fraud across 23 countries is essential to minimize financial loss, prevent further criminal activity, and restore public trust in regulatory systems. Prompt recognition and response can also hinder the organization’s ability to launder funds or expand illegal operations.
Mitigation Measures:
- Immediate asset freezing
- International legal cooperation
- Enhanced surveillance
- Customer due diligence
Remediation Strategies:
- Strengthen regulatory frameworks
- Conduct comprehensive investigations
- Increase public awareness
- Implement advanced cybersecurity protocols
Stay Ahead in Cybersecurity
Explore career growth and education via Careers & Learning, or dive into Compliance essentials.
Learn more about global cybersecurity standards through the NIST Cybersecurity Framework.
Disclaimer: The information provided may not always be accurate or up to date. Please do your own research, as the cybersecurity landscape evolves rapidly. Intended for secondary references purposes only.
Cyberattacks-V1
