Massive $243 million heist ends with multiple arrests and asset freezes

Share this article

Hackers stole $243 million in cryptocurrency from a single Genesis lender through a sophisticated social engineering attack on August 19, as reported by ZachXBT. The blockchain detective revealed that two of the three main bad actors were arrested and millions of dollars were frozen.

The attackers, identified as Greavys, Wiz and Box, carried out the heist posing as Google and Gemini, claiming that the victim’s account on the crypto exchange had been hacked. The real names of the attackers are Malone Iam, Veer Chetal and Jeandiel Serrano respectively.

As a result, they manipulated the victim into resetting two-factor authentication (2FA) and transferring their funds from Gemini to a compromised wallet. Additionally, they tricked the victim into sharing their screen and leaking their Bitcoin (BTC) wallet private keys.

The Gemini account compromise awarded the attackers 74.22 BTC, while the Bitcoin wallet breach led to the theft of 4,064 BTC, equivalent to nearly $238 million.

ZachXBT revealed that the stolen funds were quickly distributed across more than 15 exchanges through transactions using Bitcoin, Litecoin, Ethereum and Monero. Wiz reportedly received a large percentage of the theft, with $34.5 million linked to his address, with a fourth actor helping him launder the funds.

The Greavys allegedly spent the stolen funds lavishly, buying several cars and spending up to $500,000 a night at clubs in Los Angeles and Miami. Box, who posed as a Gemini exchange representative during the heist, has $18 million tied to his address.

“With the help of @CFInvestigators, @zeroshadow_io and the Binance security team over $9 million has been frozen and over $500,000 has already been returned after working closely with the victim to investigate the incident,” ZachXBT said.

Following the investigation, Box and the Greavys were arrested in Miami and Los Angeles, respectively. ZachXBT added that law enforcement would have seized additional funds during the arrests, given the large transactions recorded on the chain after the arrests.

Share this article