Meet Malone Lam.
In August 2024, he scammed someone of 4,100 BTC and then bought 31 supercars.
Here’s the simple trick he used:
We put a lot of research and work into this thread before reading it.🙏 🚨
Very Important 🚨 Please follow
@Coinaute and 🩷Like + Comment and ✅ Share #binance
#MarketDownturn A 20-year-old Singaporean, Malone Lam, and his accomplice, Jeandiel Serrano were arrested for stealing $230M in crypto from an anonymous man a few months ago.
How did it happen?
The scammers caused an "unauthorized Google account access" notification to be sent to the victim.
Days later, Malone called the victim pretending to be a Google employee, asking about the unauthorized access attempts.
After a series of back-and-forths, he managed to manipulate the victim into giving him enough information to access their Google Drive.
This was where they found his personal information including details of his crypto holdings with Gemini.
His partner, Jeandiel, then called the victim again, this time posing as a Gemini employee.
He was also able to convince the victim to download some software that was supposed to help protect his crypto holdings.
The scammers used this software to gain access to his private keys and then stole up to 4,100 bitcoins.
This was worth $230M at the time.
They then laundered the stolen funds through various crypto exchanges and mixing services.
How did they get caught?
Malone went on an absolute spending spree with his share of the loot.
He hit the streets of Los Angeles and spent $569k in one night at a club!
He also gave away 5 Hermés Birkin bags to random ladies at the club.
Court documents later revealed he had bought 31 supercars, a $2M watch, and rented several luxury apartments across LA and Miami.
He was arrested in Miami after arriving there by a private jet from Los Angeles.
The Malone heist proves how easily one could lose their crypto assets to social engineering attacks.
Here are three ways you can protect yours:
1/ Guard your device from unauthorized access:
Do not give remote access to your device to individuals whose identity you have not verified.
This way, you don’t become a victim of unauthorized control over your sensitive data.
2/ Enable 2-Factor Authentication:
This is especially critical for email and cloud accounts where sensitive data may be stored.
Ideally, choose an authenticator app, or in the case of Edge, use our built-in 2FA, but be sure to avoid SMS-based 2FA to avoid SIM-swapping attacks.
3/Embrace secure key storage:
Recognize the risks associated with storing your private keys in a CEX.
You're as vulnerable as the victim in the Malone case.
To protect your assets, seek out wallets that offer more secure key management, self-custody, and ease of use like Edge.
🚀🛍️Dive into eshop.coinaute.com, our Web3 boutique made for crypto degens!
🛍️👕From epic crypto merch to gear that screams Web3 vibes, we’ve got you covered.