- Binance and investigators froze $7M in stolen BTC after an elderly US whale lost $330M to a sophisticated phishing scam.
- The stolen funds were quickly moved across six exchanges, with most laundered into Monero to evade detection and traceability.
- Two suspects tied to a UK-based scam ring deleted their accounts after being named by on-chain analyst ZachXBT in an ongoing probe.
Over $330 million in Bitcoin was stolen from a longtime U.S. crypto holder in one of the largest single-wallet thefts in history. Investigators led by ZachXBT, with help from Binance and on-chain forensic teams, have recovered over $7 million of the stolen funds.
$7M in Stolen Bitcoin Frozen with Help from Binance
Over $7 million worth of stolen Bitcoin has been recovered following a major crypto theft that targeted a longtime U.S.-based holder. Blockchain investigator ZachXBT confirmed that the funds were frozen with support from Binance, CFInvestigators, and independent analyst tanuki42. The original theft involved 3,520 BTC worth approximately $330 million at the time.
According to a post by Global Rashid, the stolen Bitcoin was traced and intercepted after it was moved through six crypto exchanges. The victim, described as an elderly U.S. crypto whale, reportedly fell victim to an advanced social engineering scam. Binance has not yet released an official statement, but it has previously worked with law enforcement on asset recovery.
Scam Structure, Laundering via Monero, and Custody Risks
Attackers used fake websites and real-time voice calls to manipulate the victim into revealing private credentials. The breach led to an immediate movement of BTC through several wallets before being funneled into Monero, a privacy coin known for obscuring transactional data. In a report by ZachXBT, the suspects exploited personal data leaks to launch a precision phishing campaign.
The structure of the scam highlights weak points in crypto self-custody, especially for older investors who may not employ modern security tools. Blockchain tracking tools flagged wallet activity within hours, allowing Binance and others to lock down roughly $7 million. This change has led to significant outcomes in how centralized exchanges may coordinate to trace large thefts in real time.
Suspects Identified, Laundered Funds Harder to Track
ZachXBT named two suspects in the heist: “Nina” or “Mo,” a Somalian national running a scam call center in Camden, UK, and an accomplice named “W0rk” who handled the fraudulent site and communications. Both individuals have since deleted their social media profiles. Their coordinated strategy included impersonation, phishing, and social engineering.
This shift in direction has important implications for crypto investor protection and law enforcement. Much of the $330 million was allegedly laundered into Monero, which is difficult to trace. One important development to highlight is that this incident could lead to renewed focus on protecting elderly or inactive high-value crypto holders from targeted scams.
