Cryptocurrency

incorporated-in-us:-$8.4b-money-launderer-for-chinese-speaking-crypto-scammers

Incorporated in US: $8.4B money launderer for Chinese-speaking crypto scammers

crypto scams, Cryptocurrency, investment scams, Security, syndication, Xinbi Guarantee / /

Before crackdown, this was one of the ‘Net’s biggest markets for Chinese-speaking scammers.

As the underground industry of crypto investment scams has grown into one of the world’s most lucrative forms of cybercrime, the secondary market of money launderers for those scammers has grown to match it. Amid that black market, one such Chinese-language service on the messaging platform Telegram blossomed into an all-purpose underground bazaar: It has offered not only cash-out services to scammers but also money laundering for North Korean hackers, stolen data, targeted harassment-for-hire, and even what appears to be sex trafficking. And somehow, it’s all overseen by a company legally registered in the United States.

According to new research released today by crypto-tracing firm Elliptic, a company called Xinbi Guarantee has since 2022 facilitated no less than $8.4 billion in transactions via its Telegram-based marketplace prior to Telegram’s actions in recent days to remove its accounts from the platform. Money stolen from scam victims likely represents the “vast majority” of that sum, according to Elliptic’s cofounder Tom Robinson. Yet even as the market serves Chinese-speaking scammers, it also boasts on the top of its website—in Mandarin—that it’s registered in Colorado.

“Xinbi Guarantee has served as a giant, purportedly US-incorporated illicit online marketplace for online scams that primarily offers money laundering services,” says Robinson. He adds, though, that Elliptic has also found a remarkable variety of other criminal offerings on the market: child-bearing surrogacy and egg donors, harassment services that offer to threaten or throw feces at any chosen victim, and even sex workers in their teens who are likely trafficking victims.

Xinbi Guarantee is the second such crime-friendly Chinese-language market that Robinson and his team of researchers have uncovered over the past year. Last July, they published a report on Huione Guarantee, a similar Cambodia-based service that Elliptic said in January had facilitated $24 billion in transactions—largely from crypto scammers—making it the biggest illicit online marketplace in history by Elliptic’s accounting. That market’s parent company, Huione Group, was added to a list of known money laundering operations by the US Treasury’s Financial Crimes Enforcement Network earlier this month in an attempt to limit its access to US financial institutions.

Telegram bans

After WIRED reached out to Telegram last week about the illicit activity taking place on Xinbi Guarantee’s and Huione Guarantee’s channels on its messaging platform, Telegram appears to have responded Monday by banning many of the central channels and administrator accounts used by both Xinbi Guarantee and Huione Guarantee. “Criminal activities like scamming or money laundering are forbidden by Telegram’s terms of service and are always removed whenever discovered,” Telegram spokesperson Remi Vaughn wrote to WIRED in a statement. “Communities previously reported to us by WIRED or included in reports published by Elliptic have all been taken down.”

Telegram had banned several of Huione Guarantee’s channels in February following an earlier Elliptic report on the marketplace, but Huione Guarantee quickly re-created them, and it’s not clear whether the new removals will prevent the two companies from rebuilding their presence on Telegram again, perhaps with new accounts or even new branding. “These are very lucrative businesses, and they’ll attempt to rebuild in some way,” Robinson said of the two marketplaces following Telegram’s latest purge.

Elliptic’s accounting of the total lifetime revenue of the biggest online black markets.Courtesy of Elliptic

Xinbi Guarantee didn’t respond to multiple requests for comment on Elliptic’s findings that WIRED sent to the market’s administrators on Telegram.

Like Huione Guarantee, Xinbi Guarantee has offered a similar “guarantee” model of enabling third-party vendors to offer services by requiring a deposit from them to prevent fraud. Yet it’s flown under the radar, even as it grew into one of the biggest hubs for crypto crime on the Internet. In terms of scale of transactions prior to Telegram’s crackdown, it was second only to Huione’s market, according to Elliptic.

Both services “offer a window into the China-based underground banking network,” Robinson says. “It’s another example of these huge Chinese-language ‘guaranteed’ marketplaces that have thrived for years.”

On Xinbi Guarantee, Elliptic found numerous posts from vendors offering to accept funds related to “quick kills,” “slow kills,” and “pig butchering” transactions, all different terms for crypto investment scams and other forms of fraud. In some cases, Robinson explains, these Xinbi Guarantee vendors offer bank accounts in the same country as the victim so that they can receive whatever payment they’re tricked into making, then pay the scammer in the cryptocurrency Tether. In other cases, the Xinbi Guarantee merchants offer to receive cryptocurrency payments and cash them out in the scammer’s local currency, such as Chinese renminbi.

Not just money laundering

Aside from Xinbi Guarantee’s central use as a cash-out point for crypto scammers, Elliptic also found that the market’s vendors offered other wares for scammers such as stolen data that could be used for finding victims, as well as services for registering SIM cards and Starlink Internet subscriptions through proxies.

North Korean state-sponsored cybercriminals also appear to have used the platform for money laundering. Elliptic found through blockchain analysis, for instance, that about $220,000 stolen from the Indian cryptocurrency exchange WazirX—the victim of a $235 million theft in July 2024, widely attributed to North Korean hackers—had flowed into Xinbi Guarantee in a series of transactions in November.

Those money-laundering and scam-enabling services, however, are far from the only shady offerings found on Xinbi Guarantee’s market. Elliptic also found listings for surrogate mothers and egg donors, with one post showing faceless pictures of the donor’s body. Other accounts have offered services that will, for a payment in Tether, place a funeral wreath at a target’s door, deface their home with graffiti, post damaging statements around their home, have someone verbally threaten them, throw feces at them, or even, most bizarrely, surround their home with AIDS patients. One posting suggested these AIDS patients would carry “case reports and needles for intimidation.”

Other listings have offered sex workers as young as 18 years old, noting the specific sex acts that are allowed and forbidden. Elliptic says that one of its researchers was even offered a 14-year-old by a Xinbi Guarantee merchant. (The account holder noted, however, that no transaction for sex with someone below the age of 18 would be guaranteed by Xinbi. The legal age of consent in China is 14.)

Exactly why Xinbi Guarantee is legally registered in the US remains a mystery. Its incorporation record on the Colorado Secretary of State’s website shows an address at an office park in the city of Aurora that has no external Xinbi branding. The company appears to have been registered there in August of 2022 by someone named “Mohd Shahrulnizam Bin Abd Manap.” (WIRED connected that name with several people in Malaysia but couldn’t determine which one might be Xinbi Guarantee’s registrant.) The listing is currently marked as “delinquent,” perhaps due to failure to file more recent paperwork to renew it.

For fledgling Chinese companies—legitimate and illegitimate—incorporating in the US is an increasingly common tactic for “projecting legitimacy,” says Jacob Sims, a visiting fellow at Harvard’s Asia Center who focuses on transnational Chinese crime. “If you have a US presence, you can also open US bank accounts,” Sims says. “You could potentially hire staff in the US. You could in theory have more formalized connections to US entities.” But he notes that the registration’s delinquent status may mean Xinbi Guarantee tried to make some sort of inroads in the US in the past but gave up.

While Telegram has served as the chief means of communication for the two markets, the stablecoin cryptocurrency Tether has served as their primary means of payment, Elliptic found. And despite Telegram’s new round of removals of their channels and accounts, Xinbi Guarantee and Huione Guarantee are far from the only companies to use Tether and Telegram to create essentially a new, largely Chinese-language darknet: Elliptic is tracking close to 30 similar marketplaces, Robinson says, though he declined to name others in the midst of the company’s investigations.

Just as Telegram shows new signs of cracking down on that sprawling black market, Tether, too, has the ability to disrupt criminal use of its services. Unlike other more decentralized cryptocurrencies such as Bitcoin, Tether can freeze payments when it identifies bad actors. Yet it’s not clear to what degree Tether has taken measures to stop Chinese-language crypto scammers and others on Xinbi Guarantee and Huione Guarantee from using its currency.

When WIRED wrote to Tether to ask about its role in those black markets, the company responded in a statement that it encourages “firms like Elliptic and other blockchain intelligence providers to share critical data with law enforcement so we can act swiftly and in coordination.”

“We are not passive observers—we are active players in the global fight against financial crime,” the Tether statement continued. “If you’re considering using Tether for illicit purposes, think again: it is the most traceable asset in existence. We will identify you, and we will work to ensure you are brought to justice.”

Despite that promise—and Telegram’s new effort to remove Huione Guarantee and Xinbi Guarantee from its platform—both tools have already been used to facilitate tens of billions of dollars in theft and other black market deals, much of it occurring in plain sight. The two largely illegal and very public markets have been “remarkable for both the scale at which they’re operating and also the brazenness,” says Harvard’s Jacob Sims.

Given that brazenness and the massive criminal fortunes at stake, expect both markets to attempt a revival in some form—and plenty of competitors to try to take their place atop the Chinese-language crypto crime economy.

This story originally appeared on wired.com.

Photo of WIRED

Wired.com is your essential daily guide to what’s next, delivering the most original and complete take you’ll find anywhere on innovation’s impact on technology, science, business and culture.

Incorporated in US: $8.4B money launderer for Chinese-speaking crypto scammers Read More »

celsius-founder-alex-mashinsky-sentenced-to-12-years-for-“unbank-yourself”-scam

Celsius founder Alex Mashinsky sentenced to 12 years for “unbank yourself” scam

Alex Mashinsky, Celsius Network, Cryptocurrency, cryptocurrency fraud, Policy, securities fraud / /

As the case dragged on, Mashinsky and his family appeared unremorseful, victims said, even while facing threats of violence and significant public shaming. Some victims accused Mashinsky of lying to their faces and pushing them to continue depositing funds even when the end was near and he knew that the money would be lost.

In victim statements sent to US District Judge John Koeltl, customers accused Mashinsky of weaponizing his family-man brand to scam many naïve investors out of their life savings. Some suicides were reported, victims said, and elderly victims were among the most vulnerable, with many becoming homeless after retirement funds were drained. Among the victims was Rien Vanmarcke, who confessed to feeling haunted by guilt after convincing his aging mother to invest in Celsius and losing the majority of their savings.

And “Mashinsky’s cruelty didn’t end with the collapse,” Vanmarcke wrote. “His family mocked victims with ‘unbankrupt yourself’ merchandise funded by stolen savings, while flaunting luxury lifestyles online.”

Other victims also described feeling palpable shame, even if they felt their road to recovery wasn’t as bad as others. One victim, Daniel Frishberg, was still in high school when he lost 70 percent of his crypto to Mashinsky’s false promises.

“I am lucky that I am young and have plenty of time to make back the money I lost due to naively trusting Mr. Mashinsky—many are not as fortunate,” Frishberg wrote.

Celsius founder Alex Mashinsky sentenced to 12 years for “unbank yourself” scam Read More »

trump-says-bitcoin-reserve-will-change-everything-crypto-fans-aren’t-so-sure.

Trump says bitcoin reserve will change everything. Crypto fans aren’t so sure.

Bitcoin, bitcoin reserve, Cryptocurrency, digital assets, Donald Trump, Policy / /

Ahead of the first-ever White House Crypto Summit Friday, President Donald Trump signed an executive order establishing a strategic bitcoin reserve that a factsheet claimed delivers on his promise to make America the “crypto capital of the world.”

Trump’s order requires all federal agencies currently holding bitcoins seized as part of a criminal or civil asset forfeiture proceeding to transfer those bitcoins to the Treasury Department, which itself already has a store of bitcoins. Additionally, any other digital assets forfeited will be collected in a separate Digital Assets Stockpile.

But while Trump likely anticipates that bitcoin fans will be over the moon about this news—his announcement of the reserve and looser crypto regulations helped send bitcoin’s price to its all-time high of $109,000 in January, Reuters noted—some cryptocurrency enthusiasts were clearly disappointed that Trump’s order confirmed that the US currently has no plans to buy any more bitcoins at this time.

Bitcoin’s price briefly dropped by about 5 percent to $85,000 on the news, Reuters reported. Charles Edwards, the founder of a bitcoin-focused hedge fund called Capriole Investments, took to X (formerly Twitter) to declare that Trump’s order is “a pig in lipstick.” Currently, bitcoin’s price is around $90,500.

“This is the most underwhelming and disappointing outcome we could have expected for this week,” Edwards wrote. “No active buying means this is just a fancy title for Bitcoin holdings that already existed” with the government.

A digital assets managing director at S&P Global Ratings, Andrew O’Neill, agreed, telling Reuters that the “significance” of Trump’s order was “mainly symbolic” and provides no timeline for when more bitcoin might be acquired by the US.

In the factsheet, the White House insisted that the strategic reserve and digital assets stockpile would harness “the power of digital assets for national prosperity rather than letting them languish in limbo.”

Trump says bitcoin reserve will change everything. Crypto fans aren’t so sure. Read More »

how-north-korea-pulled-off-a-$1.5-billion-crypto-heist—the-biggest-in-history

How North Korea pulled off a $1.5 billion crypto heist—the biggest in history

Biz & IT, Cryptocurrency, hacking, North Korea, Security / /

The cryptocurrency industry and those responsible for securing it are still in shock following Friday’s heist, likely by North Korea, that drained $1.5 billion from Dubai-based exchange Bybit, making the theft by far the biggest ever in digital asset history.

Bybit officials disclosed the theft of more than 400,000 ethereum and staked ethereum coins just hours after it occurred. The notification said the digital loot had been stored in a “Multisig Cold Wallet” when, somehow, it was transferred to one of the exchange’s hot wallets. From there, the cryptocurrency was transferred out of Bybit altogether and into wallets controlled by the unknown attackers.

This wallet is too hot, this one is too cold

Researchers for blockchain analysis firm Elliptic, among others, said over the weekend that the techniques and flow of the subsequent laundering of the funds bear the signature of threat actors working on behalf of North Korea. The revelation comes as little surprise since the isolated nation has long maintained a thriving cryptocurrency theft racket, in large part to pay for its weapons of mass destruction program.

Multisig cold wallets, also known as multisig safes, are among the gold standards for securing large sums of cryptocurrency. More shortly about how the threat actors cleared this tall hurdle. First, a little about cold wallets and multisig cold wallets and how they secure cryptocurrency against theft.

Wallets are accounts that use strong encryption to store bitcoin, ethereum, or any other form of cryptocurrency. Often, these wallets can be accessed online, making them useful for sending or receiving funds from other Internet-connected wallets. Over the past decade, these so-called hot wallets have been drained of digital coins supposedly worth billions, if not trillions, of dollars. Typically, these attacks have resulted from the thieves somehow obtaining the private key and emptying the wallet before the owner even knows the key has been compromised.

How North Korea pulled off a $1.5 billion crypto heist—the biggest in history Read More »

sec’s-“scorched-earth”-lawsuit-against-coinbase-to-be-dropped,-company-says

SEC’s “scorched-earth” lawsuit against Coinbase to be dropped, company says

coinbase, Cryptocurrency, cryptocurrency exchange, Donald Trump, Policy, SEC, Securities and Exchange Commission / /

On Friday, a Coinbase executive declared the “war against crypto” over—”at least as it applies to Coinbase.”

According to Coinbase Chief Legal Officer Paul Grewal, the US Securities and Exchange Commission (SEC) plans to drop its lawsuit against the largest US cryptocurrency exchange as the agency shifts to embrace Donald Trump’s new approach to regulating cryptocurrency in the US.

The SEC sued Coinbase in 2023, accusing Coinbase of “operating its crypto asset trading platform as an unregistered national securities exchange, broker, and clearing agency” and “failing to register the offer and sale of its crypto asset staking-as-a-service program.”

“Since at least 2019, Coinbase has made billions of dollars unlawfully facilitating the buying and selling of crypto asset securities,” the SEC alleged.

At that time, the SEC claimed that Coinbase’s supposedly dodgy operations were depriving investors of “significant protections, including inspection by the SEC, recordkeeping requirements, and safeguards against conflicts of interest, among others.” The litigation was intended to protect Coinbase customers, the SEC said, by holding Coinbase to the same standards as any service acting as an exchange, broker, or clearing agency.

Former SEC Chair Gary Gensler, long considered an adversary in the crypto industry, had warned that Coinbase “deliberately” flouted rules to cheat investors out of protections for financial gain. That left customers exposed to risks, Gensler claimed, and allowed for insider trading that resulted in a settlement.

“You simply can’t ignore the rules because you don’t like them or because you’d prefer different ones: the consequences for the investing public are far too great,” Gensler said.

SEC’s “scorched-earth” lawsuit against Coinbase to be dropped, company says Read More »

man-offers-to-buy-city-dump-in-last-ditch-effort-to-recover-$800m-in-bitcoins

Man offers to buy city dump in last-ditch effort to recover $800M in bitcoins

bitcoins, climate change, crypto mining, Cryptocurrency, Policy, solar farm / /

Howells told The Times that he envisions cleaning up the site and turning it into a park, but the council’s analysis seems to suggest that wouldn’t be a suitable use. Additionally, the council noted that there aren’t viable alternative sites for the solar farm, which, therefore, must be built on the landfill site or else potentially set back the city’s climate goals.

If Howells can’t turn the landfill into a park, he suggested that he could simply clear it out so that it can be used as a landfill again.

But the Newport council does not appear to be entertaining his offer, the same way the council seemingly easily rejected his prior offer to share his bitcoin profits if granted access to dig up the landfill. When asked about Howells’ most recent offer, a council spokesperson directed The Times to a 2023 statement holding strong to the city’s claims that Howells gave up ownership of the bitcoins the moment the hard drive hit the landfill and his plans for excavation would come at “a prohibitively high cost.”

“We have been very clear and consistent in our responses that we cannot assist Mr. Howells in this matter,” the spokesperson said. “Our position has not changed.”

Howells insists his plan is “logical”

But Howells told The Guardian that it was “quite a surprise” to learn the city planned to close the landfill, reportedly in the 2025–26 financial year. This wasn’t disclosed in the court battle, he said, where the council claimed that “closing the landfill” to allow his search “would have a huge detrimental impact on the people of Newport.”

“I expected it would be closed in the coming years because it’s 80–90 percent full—but didn’t expect its closure so soon,” Howells told The Guardian. “If Newport city council would be willing, I would potentially be interested in purchasing the landfill site ‘as is’ and have discussed this option with investment partners and it is something that is very much on the table.”

Man offers to buy city dump in last-ditch effort to recover $800M in bitcoins Read More »

us-selling-69k-seized-bitcoins-could-mess-with-trump-plans-for-crypto-reserve

US selling 69K seized bitcoins could mess with Trump plans for crypto reserve

Bitcoin, Cryptocurrency, department of justice, Donald Trump, Federal Reserve, Policy, Silk Road, US bitcoin reserve / /

At the end of 2024, a US court authorized the Department of Justice to sell 69,370 bitcoins from “the largest cryptocurrency seizure in history.”

At bitcoin’s current price, just under $92,000, these bitcoins are worth nearly $6.4 billion, and crypto outlets are reporting that DOJ officials have said they’re planning to proceed with selling off the assets consistent with the court’s order. The DOJ had reportedly argued that bitcoin’s price volatility was a pressing reason to push for permission for the sale.

Ars has reached out to the DOJ for comment and will update the story with any new information regarding next steps.

A hacker initially stole these bitcoins from Silk Road—an illegal online marketplace where goods could only be bought and sold with bitcoins—in 2012, shortly before the US government shut down the marketplace. The US later discovered the stolen bitcoins in 2020 while conducting further investigations of Silk Road, eventually securing a consent agreement that year from the hacker, who signed the bitcoins over to the government.

Whether the government’s seizure of those bitcoins was proper has been disputed by Battle Born Investments, a company that purchased the assets of bankruptcy estate from an individual who they believed to be either the hacker whose bitcoins were seized or someone “associated with him.”

After a court battle failed to return the bitcoins, Battle Born attempted to unmask the hacker through a Freedom of Information Act (FOIA) request, which sparked a new court fight. But ultimately, in late December, the court agreed with the US government that the hacker had a right to privacy as someone who was the subject of a criminal investigation and shouldn’t be unmasked. That ended Battle Born’s claim to the bitcoins and cleared the way for the government’s sale.

US selling 69K seized bitcoins could mess with Trump plans for crypto reserve Read More »

do-kwon,-the-crypto-bro-behind-$40b-luna/terra-collapse,-finally-extradited-to-us

Do Kwon, the crypto bro behind $40B Luna/Terra collapse, finally extradited to US

Cryptocurrency, do kwon, Policy / /

The US government finally got its metaphorical hands on Do Hyeong Kwon, the 33-year-old Korean national who built a financial empire on the cryptocurrency Luna and the “stablecoin” TerraUSD, only to see it all come crashing down in a wipeout that cost investors $40 billion.

As private investors filed lawsuits, and as the governments of South Korea and the United States launched fraud investigations, Do Kwon was nowhere to be found. In 2022, the Korean government filed a “red notice” with Interpol, seeking Kwon’s arrest and his return to Korea. A few months later, the Securities and Exchange Commission charged Kwon with fraud in the US.

On September 17, 2022, Kwon famously tweeted, “I am not ‘on the run’ or anything similar”—but he also wouldn’t say where he was. He didn’t help his case when he was arrested in March 2023 by the authorities in Montenegro. At an airport. With fake travel documents. On his way to a country with no US extradition agreement.

After serving some time in a Montenegro prison, Kwon battled extradition to both Korea and the US. This delayed the process by some months, but on December 31, 2024, he was shipped off to US authorities. Today, he appeared in front of a federal judge in New York City, where he pled “not guilty” to fraud.

The US Justice Department crowed about the extradition, with US Attorney General Merrick Garland pointing out that the US can sometimes get to people in surprising ways.

“We secured this extradition despite Kwon’s alleged attempt to cover his tracks by laundering proceeds of his schemes and trying to use a fraudulent passport to travel to a country that did not have an extradition treaty with the United States,” Garland said in a statement. “This extradition from Montenegro is an example of the Justice Department’s international partnerships, which enable the pursuit of criminals wherever they attempt to hide.”

Five alleged misrepresentations

As for the charges, the US also unsealed a massive indictment against Kwon today, which you can read here (PDF) if you want all the gory details.

The basic claim is that Kwon “defrauded investors by falsely advertising the company’s blockchain products as decentralized, reliable, and effective, and by engaging in market manipulation, ultimately resulting in more than $40 billion in investor losses,” according to the US government. This, the government alleges, happened in five key ways:

Do Kwon, the crypto bro behind $40B Luna/Terra collapse, finally extradited to US Read More »

power-company-hid-illegal-crypto-mine-that-may-have-caused-outages

Power company hid illegal crypto mine that may have caused outages

Bitcoin, crypto mining, Cryptocurrency, Policy, russia, siberia / /

But Russia presumably gets no taxes on illegal crypto mining, and power outages can be costly for everyone in a region. So next year, Russia will ban crypto mining in 10 regions for six years and place seasonal restrictions that would disrupt some crypto mining operations during the coldest winter months in regions like Irkutsk, CoinTelegraph reported.

Illegal mining is still reportedly thriving in Irkutsk, though, despite the government’s attempts to shut down secret farms. To deter any illegal crypto mining disrupting power grids last year, authorities seized hundreds of crypto mining rigs in Irkutsk, Crypto News reported.

In July, Russian president Vladimir Putin linked blackouts to illegal crypto mines, warning that crypto mining currently consumes “almost 1.5 percent of Russia’s total electricity consumption,” but “the figure continues to go up,” the Moscow Times reported. And in September, Reuters reported that illegal mines were literally going underground to avoid detection as Russia’s crackdown continues.

Even though illegal mines are seemingly common in parts of Siberia and increasingly operating out of the public eye, finding an illegal mine hidden on state land controlled by an electrical utility was probably surprising to officials.

The power provider was not named in the announcement, and there are several in the region, so it’s not currently clear which one made the controversial decision to lease state land to an illegal mining operation.

Power company hid illegal crypto mine that may have caused outages Read More »

crypto-scammers-posing-as-real-brands-on-x-are-easily-hacking-youtubers

Crypto scammers posing as real brands on X are easily hacking YouTubers

Cryptocurrency, cryptocurrency scam, fake x accounts, Gmail, Google, LinkedIn, phishing, Policy, Twitter, X, youtube / /

“I’m fighting with Google now,” Townsend told Ars. “I don’t expect any real answers from them.”

How YouTubers can avoid being targeted

As YouTube appears evasive, Townsend has been grateful for long-time subscribers commenting to show support, which may help get his videos amplified more by the algorithm. On YouTube, he also said that because “the outpouring of support was beyond anything” he could’ve expected, it kept him “sane” through sometimes 24-hour periods of silence without any updates on when his account would be restored.

Townsend told Ars that he rarely does sponsorships, but like many in the fighting game community, his inbox gets spammed with offers constantly, much of which he assumes are scams.

“If you are a YouTuber of any size,” Townsend explained in his YouTube video, “you are inundated with this stuff constantly,” so “my BS detector is like, okay, fake, fake, fake, fake, fake, fake, fake. But this one just, it looked real enough, like they had their own social media presence, lots of followers. Everything looked real.”

Brian_F echoed that in his video, which breaks down how the latest scam evolved from more obvious scams, tricking even skeptical YouTubers who have years of experience dodging phishing scams in their inboxes.

“The game has changed,” Brian_F said.

Townsend told Ars that sponsorships are rare in the fighting game community. YouTubers are used to carefully scanning supposed offers to weed out the real ones from the fakes. But Brian_F’s video pointed out that scammers copy/paste legitimate offer letters, so it’s already hard to distinguish between potential sources of income and cleverly masked phishing attacks using sponsorships as lures.

Part of the vetting process includes verifying links without clicking through and verifying identities of people submitting supposed offers. But if YouTubers are provided with legitimate links early on, receiving offers from brands they really like, and see that contacts match detailed LinkedIn profiles of authentic employees who market the brand, it’s much harder to detect a fake sponsorship offer without as many obvious red flags.

Crypto scammers posing as real brands on X are easily hacking YouTubers Read More »

don’t-use-crypto-to-cheat-on-taxes:-bitcoin-bro-gets-2-years

Don’t use crypto to cheat on taxes: Bitcoin bro gets 2 years

Bitcoin, Cryptocurrency, cryptocurrency mixer, department of justice, IRS, Policy, tax evasion, tax fraud / /

A bitcoin investor who went to increasingly great lengths to hide $1 million in cryptocurrency gains on his tax returns was sentenced to two years in prison on Thursday.

It seems that not even his most “sophisticated” tactics—including using mixers, managing multiple wallets, and setting up in-person meetings to swap bitcoins for cash—kept the feds from tracing crypto trades that he believed were untraceable.

The Austin, Texas, man, Frank Richard Ahlgren III, started buying up bitcoins in 2011. In 2015, he upped his trading, purchasing approximately 1,366 using Coinbase accounts. He waited until 2017 before cashing in, earning $3.7 million after selling about 640 at a price more than 10 times his initial costs. Celebrating his gains, he bought a house in Utah in 2017, mostly funded by bitcoins he purchased in 2015.

Very quickly, Ahlgren sought to hide these earnings, the Department of Justice said in a press release. Rather than report them on his 2017 tax return, Ahlgren “lied to his accountant by submitting a false summary of his gains and losses from the sale of his bitcoins.” He did this by claiming that the bitcoins he purchased in 2015 were much higher than his actual costs, even being so bold as to claim he as charged prices “greater than the highest price bitcoins sold for in the market prior to the purchase of the Utah house.”

First tax evasion prosecution centered solely on crypto

Ahlgren’s tax evasion only got bolder as the years passed after this first fraud, the DOJ said.

In 2018 and 2019, he sold more bitcoins, earning more than $650,000 and deciding not to report any of it on his tax returns for those years. That meant that he needed to actively conceal the earnings, but he’d been apparently researching how mixers are used to disguise where bitcoins come from since at least 2014, the feds found, referencing a blog he wrote exhibiting his knowledge. And that’s not the only step he took to try to trick the Internal Revenue Service.

Don’t use crypto to cheat on taxes: Bitcoin bro gets 2 years Read More »

teen-creates-memecoin,-dumps-it,-earns-$50,000

Teen creates memecoin, dumps it, earns $50,000

Cryptocurrency, memecoins, Policy, syndication / /

dontbuy. Seriously, don’t buy it

Unsurprisingly, he and his family were doxed by angry traders.

On the evening of November 19, art adviser Adam Biesk was finishing work at his California home when he overheard a conversation between his wife and son, who had just come downstairs. The son, a kid in his early teens, was saying he had made a ton of money on a cryptocurrency that he himself had created.

Initially, Biesk ignored it. He knew that his son played around with crypto, but to have turned a small fortune before bedtime was too far-fetched. “We didn’t really believe it,” says Biesk. But when the phone started to ring off the hook and his wife was flooded with angry messages on Instagram, Biesk realized that his son was telling the truth—if not quite the full story.

Earlier that evening, at 7: 48 pm PT, Biesk’s son had released into the wild 1 billion units of a new crypto coin, which he named Gen Z Quant. Simultaneously, he spent about $350 to purchase 51 million tokens, about 5 percent of the total supply, for himself.

Then he started to livestream himself on Pump.Fun, the website he had used to launch the coin. As people tuned in to see what he was doing, they started to buy into Gen Z Quant, leading the price to pitch sharply upward.

By 7: 56 pm PT, a whirlwind eight minutes later, Biesk’s son’s tokens were worth almost $30,000—and he cashed out. “No way. Holy fuck! Holy fuck!” he said, flipping two middle fingers to the webcam, with tongue sticking out of his mouth. “Holy fuck! Thanks for the twenty bandos.” After he dumped the tokens, the price of the coin plummeted, so large was his single trade.

To the normie ear, all this might sound impossible. But in the realm of memecoins, a type of cryptocurrency with no purpose or utility beyond financial speculation, it’s relatively routine. Although many people lose money, a few have been known to make a lot—and fast.

In this case, Biesk’s son had seemingly performed what is known as a soft rug pull, whereby somebody creates a new crypto token, promotes it online, then sells off their entire holdings either swiftly or over time, sinking its price. These maneuvers occupy something of a legal gray area, lawyers say, but are roundly condemned in the cryptosphere as ethically dubious at the least.

After dumping Gen Z Quant, Biesk’s son did the same thing with two more coins—one called im sorry and another called my dog lucy—bringing his takings for the evening to more than $50,000.

The backlash was swift and ferocious. A torrent of abuse began to pour into the chat log on Pump.Fun, from traders who felt they had been swindled. “You little fucking scammer,” wrote one commenter. Soon, the names and pictures of Biesk, his son, and other family members were circulating on X. They had been doxed. “Our phone started blowing up. Just phone call after phone call,” says Biesk. “It was a very frightening situation.”

As part of their revenge campaign, crypto traders continued to buy into Gen Z Quant, driving the coin’s price far higher than the level at which Biesk’s son had cashed out. At its peak, around 3 am PT the following morning, the coin had a theoretical total value of $72 million; the tokens the teenager had initially held were worth more than $3 million. Even now, the trading frenzy has died down, and they continue to be valued at twice the amount he received.

“In the end, a lot of people made money on his coin. But for us, caught in the middle, there was a lot of emotion,” says Biesk. “The online backlash became so frighteningly scary that the realization that he made money was kind of tempered down with the fact that people became angry and started bullying.”

Biesk concedes to a limited understanding of crypto. But he sees little distinction between what his son did and, say, playing the stock market or winning at a casino. Though under California law, someone must be at least 18 years old to gamble or invest in stocks, the unregulated memecoin market, which has been compared to a “casino” in risk profile, had given Biesk’s teenage son early access to a similar arena, in which some must lose for others to profit. “The way I understand it is he made money and he cashed out, which to me seems like that’s what anybody would’ve done,” says Biesk. “You get people who are cheering at the craps table, or angry at the craps table.”

Memecoins have been around since 2013, when Dogecoin was released. In the following years, a few developers tried to replicate the success of Dogecoin, making play of popular internet memes or tapping into the zeitgeist in some other way in a bid to encourage people to invest. But the cost and complexity of development generally limited the number of memecoins that came to market.

That equation was flipped in January with the launch of Pump.Fun, which lets people release new memecoins instantly, at no cost. The idea was to give people a safer way to trade memecoins by standardizing the underlying code, which prevents developers from building in malicious mechanisms to steal funds, in what’s known as a hard rug pull.

“Buying into memecoins was a very unsafe thing to do. Programmers could create systems that would obfuscate what you are buying into and, basically, behave as malicious actors. Everything was designed to suck money out of people,” one of the three anonymous cofounders of Pump.Fun, who goes by Sapijiju, told WIRED earlier in the year. “The idea with Pump was to build something where everyone was on the same playing field.”

Since Pump.Fun launched, millions of unique memecoins have entered the market through the platform. By some metrics, Pump.Fun is the fastest-growing crypto application ever, taking in more than $250 million in revenue—as a 1 percent cut of trades on the platform—in less than a year in operation.

However, Pump.Fun has found it impossible to insulate users from soft rug pulls. Though the platform gives users access to information to help assess risk—like the proportion of a coin belonging to the largest few holders—soft rug pulls are difficult to prevent by technical means, claims Sapijiju.

“People say there’s a bunch of different stuff you can do to block [soft rug pulls]—maybe a sell tax or lock up the people who create the coin. Truthfully, all of this is very easy to manipulate,” he says. “Whatever we do to stop people doing this, there’s always a way to circumnavigate if you’re smart enough. The important thing is creating an interface that is as simple as possible and giving the tools for users to see if a coin is legitimate or not.”

The “overwhelming majority” of new crypto tokens entering the market are scams of one form or another, designed expressly to squeeze money from buyers, not to hold a sustained value in the long term, according to crypto security company Blockaid. In the period since memecoin launchpads like Pump.Fun began to gain traction, the volume of soft rug pulls has increased in lockstep, says Ido Ben-Natan, Blockaid founder.

“I generally agree that it is kind of impossible to prevent holistically. It’s a game of cat and mouse,” says Ben-Natan. “It’s definitely impossible to cover a hundred percent of these things. But it definitely is possible to detect repeat offenders, looking at metadata and different kinds of patterns.”

Now memecoin trading has been popularized, there can be no putting the genie back in the bottle, says Ben-Natan. But traders are perhaps uniquely vulnerable at present, he says, in a period when many are newly infatuated with memecoins, yet before the fledgling platforms have figured out the best way to protect them. “The space is immature,” says Ben-Natan.

Whether it is legal to perform a rug pull is also something of a gray area. It depends on both jurisdiction and whether explicit promises are made to prospective investors, experts say. The absence of bespoke crypto regulations in countries like the US, meanwhile, inadvertently creates cloud cover for acts that are perhaps not overtly illegal.

“These actions exploit the gaps in existing regulatory frameworks, where unethical behavior—like developers hyping a project and later abandoning it—might not explicitly violate laws if no fraudulent misrepresentation, contractual breach, or other violations occur,” says Ronghui Gu, cofounder of crypto security firm CertiK and associate professor of computer science at Columbia University.

The Gen Z Quant broadcast is no longer available to view in full, but in the clips reviewed by WIRED, at no point does Biesk’s son promise to hold his tokens for any specific period. Neither do the Pump.Fun terms of use require people to refrain from selling tokens they create. (Sapijiju, the Pump.Fun cofounder, declined to comment on the Gen Z Quant incident. They say that Pump.Fun will be “introducing age restrictions in future,” but declined to elaborate.)

But even then, under the laws of numerous US states, among them California, “the developer likely still owes heightened legal duties to the investors, so may be liable for breaching obligations that result in loss of value,” says Geoffrey Berg, partner at law firm Berg Plummer & Johnson. “The developer is in a position of trust and must place the interests of his investors over his own.”

To clarify whether these legal duties apply to people who release memecoins through websites like Pump.Fun—who buy into their coins like everyone else, albeit at the moment of launch and therefore at a discount and in potentially market-swinging quantities—new laws may be required.

In July 2026, a new regime will take effect in California, where Biesk’s family lives, requiring residents to obtain a license to take part in “digital financial asset business activity,” including exchanging, transferring, storing or administering certain crypto assets. President-elect Donald Trump has also promised new crypto regulations. But for now, there are no crypto-specific laws in place.

“We are in a legal vacuum where there are no clear laws,” says Andrew Gordon, partner at law firm Gordon Law. “Once we know what is ‘in bounds,’ we will also know what is ‘out of bounds.’ This will hopefully create a climate where rug pulls don’t happen, or when they do they are seen as a criminal violation.”

On November 19, as the evening wore on, angry messages continued to tumble in, says Biesk. Though some celebrated his son’s antics, calling for him to return and create another coin, others were threatening or aggressive. “Your son stole my fucking money,” wrote one person over Instagram.

Biesk and his wife were still trying to understand quite how their son was able to make so much money, so fast. “I was trying to get an understanding of exactly how this meme crypto trading works,” says Biesk.

Some memecoin traders, sensing there could be money in riffing off the turn of events, created new coins on Pump.Fun inspired by Biesk and his wife: QUANT DAD and QUANTS MOM. (Both are now practically worthless.)

Equally disturbed and bewildered, Biesk and his wife formed a provisional plan: to make all public social media accounts private, stop answering the phone, and, generally, hunker down until things blew over. (Biesk’s account is active at the time of writing.) Biesk declined to comment on whether the family made contact with law enforcement or what would happen to the funds, saying only that his son would “put the money away.”

A few hours later, an X account under the name of Biesk’s son posted on X, pleading for people to stop contacting his parents. “Im sorry about Quant, I didnt realize I get so much money. Please dont write to my parents, I wiill pay you back [sic],” read the post. Biesk claims the account is not operated by his son.

Though alarmed by the backlash, Biesk is impressed by the entrepreneurial spirit and technical capability his son displayed. “It’s actually sort of a sophisticated trading platform,” he says. “He obviously learned it on his own.”

That his teenager was capable of making $50,000 in an evening, Biesk theorizes, speaks to the fundamentally different relationship kids of that age have with money and investing, characterized by an urgency and hyperactivity that rubs up against traditional wisdom.

“To me, crypto can be hard to grasp, because there is nothing there behind it—it’s not anything tangible. But I think kids relate to this intangible digital world more than adults do,” says Biesk. “This has an immediacy to him. It’s almost like he understands this better.”

On December 1, after a two-week hiatus, Biesk’s son returned to Pump.Fun to launch five new memecoins, apparently undeterred by the abuse. Disregarding the warnings built into the very names of some of the new coins—one was named test and another dontbuy—people bought in. Biesk’s son made another $5,000.

This story originally appeared on wired.com.

Photo of WIRED

Wired.com is your essential daily guide to what’s next, delivering the most original and complete take you’ll find anywhere on innovation’s impact on technology, science, business and culture.

Teen creates memecoin, dumps it, earns $50,000 Read More »