Alleged Crypto Scammer Behind 4,100 Bitcoin Theft Appears in US Court for Wire Fraud

A Singaporean national, Malone Lam, has been charged in the United States for allegedly orchestrating a massive crypto theft, stealing over 4,100 Bitcoin—worth approximately $274 million—from a private investor in Washington. This case, which ranks among the largest individual crypto thefts in US history, has drawn significant attention as Lam and his accomplice, Jeandiel Serrano, are accused of carrying out an elaborate social engineering scheme.

According to the indictment unsealed by the US District Court for the District of Columbia, Lam and Serrano targeted the victim, identified as a high-net-worth cryptocurrency investor. They tricked the investor into believing his Google account had been compromised, gaining his trust through fraudulent support calls. On August 18, they contacted the victim while impersonating Google security staff, convincing him that urgent action was needed to secure his account.

After establishing this trust, Lam and Serrano were able to access the victim’s private accounts, including OneDrive and Gmail, where they located sensitive cryptocurrency information tied to the Gemini exchange. Posing as Gemini’s security team, they persuaded the victim to transfer approximately $3 million worth of crypto to a wallet they controlled under the pretext of safeguarding it.

The scheme escalated when the conspirators convinced the victim to install a remote desktop application, granting them direct access to his computer. Using this access, they obtained the private keys to over 4,100 BTC, allowing them to transfer the funds into their possession. Court records reveal that Lam continued to comb through the victim’s accounts in search of additional assets.

After securing the stolen funds, Lam and Serrano used various crypto exchanges to launder the assets, converting them into other cryptocurrencies such as Litecoin, Ethereum, and Monero to obscure their trail. Serrano, however, made a critical error by creating an account on the TradeOgre exchange without using a VPN, which led investigators to an IP address linked to his residence in Encino, California. The rented property reportedly cost $47,500 per month, adding to the conspicuous spending that followed the heist.

Authorities report that Lam went on a lavish spending spree, frequenting high-end nightclubs in Los Angeles and Miami where he spent between $400,000 and $500,000 per night, often attempting to pay in cryptocurrency. On one occasion, receipts showed a single night’s expenditure exceeding $569,000. Lam also purchased luxury cars, some valued at up to $3 million, and acquired a collection of high-end watches. During a raid, investigators seized nine vehicles and a watch valued at $1.8 million from properties Lam rented in Miami.

The breakthrough in the investigation came with the help of blockchain investigator ZachXBT, who traced the stolen funds and identified Lam and Serrano as the culprits. The case highlights the increasing sophistication of social engineering tactics used by cybercriminals in the crypto space, where advanced schemes can bypass even robust security measures.

Notably, this incident draws parallels to a similar attack on billionaire Mark Cuban, whose Google account was compromised in June by an imposter posing as Google support. Although Cuban recovered his account without significant financial loss, the incident underscores the growing threat of such attacks on high-profile individuals.

Lam has reportedly confessed to additional crypto thefts and fraud schemes. Both he and Serrano face charges of conspiracy to commit wire fraud and money laundering, with each charge carrying a potential prison sentence of up to 20 years and substantial fines based on the value of their illicit activities.