CyberHappenings logo
Home Browse About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Cryptocurrency fraud network dismantled by European authorities

First reported
Last updated
3 unique sources, 3 articles

Summary

Hide ▲

European law enforcement agencies have dismantled a cryptocurrency fraud network that stole over €600 million from victims across multiple countries. The fraudsters created fake cryptocurrency investment platforms promising high returns and recruited victims through social media, cold calling, and other methods. The stolen funds were laundered using blockchain tools. The coordinated operation took place between October 27 and 29 in Cyprus, Spain, Germany, France, and Belgium, resulting in the seizure of €800,000 in bank accounts, €415,000 in cryptocurrencies, €300,000 in cash, and a set of luxury watches worth €100,000. The investigation started in 2023, and the suspects face six charges, each with between five and 10 years in prison and between €1875 and €1m in fines. Several real estate properties are currently being appraised.

Timeline

  1. 04.11.2025 17:09 3 articles · 6d ago

    European authorities dismantle €600 million cryptocurrency fraud network

    The operation took place between October 27 and 29. The operation involved agencies from France, Belgium, Cyprus, Germany, and Spain. The criminal use of cryptocurrency and blockchain is becoming increasingly professionalized, sophisticated, and organized. Law enforcement, private sector partners, and academia are advancing their ability to counter the threats posed by sophisticated crypto-related crimes and money laundering.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

International Law Enforcement Dismantles Credit Card Fraud Networks

International authorities have dismantled three large-scale credit card fraud and money laundering networks in Operation Chargeback. The operation targeted 44 suspects, including American, Austrian, Canadian, Danish, Dutch, German, and Lithuanian nationals, and resulted in the arrest of 18 individuals. The fraud networks affected over 4.3 million cardholders across 193 countries, causing losses exceeding €300 million. The operation involved over 60 searches and the execution of 18 arrest warrants. The fraudsters created over 19 million fake online subscriptions for services like pornography, dating, and streaming. They disguised monthly charges of about €50 to avoid detection. The operation was led by the Cybercrime Department of the General Prosecutor’s Office in Koblenz and the German Federal Criminal Police Office, supported by Europol and Eurojust. Authorities seized assets worth over €35 million, including luxury vehicles, cryptocurrency, and electronic devices. The suspects face accusations of organized computer fraud, membership in a criminal group, and money laundering. The fraudsters abused four major German payment service providers to launder proceeds, with six employees allegedly helping the fraudsters in exchange for fees. The suspects concealed their activities through numerous shell companies obtained through crime-as-a-service providers, primarily registered in the UK and Cyprus. The estimated attempted damages from the fraud schemes surpass €750 million (~$865 million).

Open in new tab

Increased Cryptocurrency and Forex Investment Scams in Asia

A surge in fake investment platforms targeting cryptocurrency and forex exchanges is driving a new wave of financial crime across Asia. These scams, orchestrated by organized cross-border groups, exploit social media and messaging apps to lure victims. The schemes use sophisticated trading interfaces and complex backend systems to steal funds. Group-IB's research outlines two key models: a Victim Manipulation Flow and a Multi-Actor Fraud Network. These models detail how trust is built and exploited, and how distinct roles cooperate within a single operation. The report highlights shared technical fingerprints, such as reused SSL certificates and identical chatbot systems, linking multiple scam campaigns. The growing international threat is exemplified by the August 2025 arrest of 20 individuals in Vietnam connected to the $1bn Paynet Coin crypto fraud. This case illustrates how online investment scams have scaled beyond borders, with operators recruiting globally and leveraging fake corporate accounts, stolen identity data, and mule networks to move funds undetected.

Open in new tab

SIM-box operation dismantled, enabling global telecom fraud

European law enforcement dismantled a sophisticated cybercrime-as-a-service (CaaS) platform that operated a SIM farm, enabling over 49 million fake online accounts and facilitating over 3,200 fraud cases resulting in at least 4.5 million euros in losses. The service provided phone numbers for various telecommunication crimes, including phishing, investment fraud, impersonation, extortion, migrant smuggling, and the distribution of child sexual abuse material (CSAM). The operation, codenamed 'SIMCARTEL,' involved multiple countries and seized significant infrastructure and assets. The SIM-box service operated through two websites, gogetsms.com and apisim.com, which have been seized. The service rented out phone numbers registered in over 80 countries, enabling the creation of fraudulent online accounts. The operation resulted in the arrest of seven individuals, including five Latvian nationals, and the seizure of 1,200 SIM-box devices, 40,000 SIM cards, five servers, and luxury vehicles. Financial assets totaling EUR 431,000 and $333,000 in crypto were also frozen. The operation's main raids occurred during an action day in Latvia on October 10, where 26 searches were carried out and five Latvian nationals were arrested. Three suspects were subject to a non-custodial security measure and a court imposed a security measure on a man born in 1982. Latvian law enforcement shared footage of a raid on a workspace packed with computer hardware, specialized equipment and large quantities of SIM cards.

Open in new tab

North Korean Hackers Steal $2 Billion in Cryptocurrency in 2025

North Korean hackers have stolen approximately $2 billion in cryptocurrency in 2025, the highest annual total recorded. This theft is part of a broader campaign to fund nuclear weapons development. The largest single heist was the Bybit hack in February, which accounted for $1.46 billion. The tactics used by these hackers have evolved to include more sophisticated laundering techniques and a shift towards targeting individuals and exchange employees through social engineering. The 2025 total so far is triple last year’s figure and beats 2022’s record of $1.35bn, which came on the back of attacks against Ronin Network and Harmony Bridge. The total amount stolen by North Korean hackers since 2017 exceeds $6 billion. Other notable breaches include LND.fi, WOO X, Seedify, and BitoPro. The Lazarus Group stole an estimated $11 million from BitoPro. The actual stolen amount may be higher due to difficulties in attribution and unreported incidents.

Open in new tab

Interpol-led Operation HAECHI VI Seizes $439 Million in Global Cybercrime Crackdown

Interpol and 40 countries' law enforcement agencies seized $439 million in cash and cryptocurrency during Operation HAECHI VI, a five-month operation targeting cyber-enabled financial crimes. The operation, conducted between April and August 2025, involved a wide range of criminal activities, including voice phishing, investment fraud, e-commerce fraud, online sextortion, business email compromise, romance scams, and money laundering. The operation resulted in the seizure of 400 cryptocurrency wallets, blocking of 68,000 bank accounts, and the arrest of 45 suspects in Portugal. Additionally, Thai police seized $6.6 million transferred by a Japanese corporation into accounts controlled by a transnational organized crime group. This operation is part of a series of global efforts to combat cyber-enabled financial crimes, with previous operations HAECHI V and HAECHI IV also resulting in significant seizures and arrests.

Open in new tab