Genesis Creditor Loses $243M Bitcoin In Crypto Phishing Heist, Here’s All

In the highly sophisticated social engineering scheme this past August 19, 2024, a lone Genesis creditor became the mark of a heist among three principals, namely Greavys, alias Malone Iam; Wiz, alias Veer Chetal; and Box, alias Jeandiel Serrano.

In fact, the unravelling of this Genesis heist was greatly aided by blockchain investigator ZachXBT-a true demonstration of the might of blockchain forensics against cryptocurrency crime. His in-depth journey into the trail of stolen assets that moved through various exchanges and cryptocurrencies yielded critical evidence that led to the arrest of Box in Miami and Greavys in Los Angeles.

Google, Gemini Impersonators Busted in Multi-Million Dollar Scam

ZachXBT used blockchain analysis in conjunction with OSINT and contacts with security firms to piece together the details of one of the largest crypto heists this year.

His investigation revealed a sophisticated operation that leveraged both technological weaknesses and human psychology. First, the attackers impersonated representatives from Google Support and then the Gemini exchange whose regulatory compliance make it a compelling choice for investors, to finally get access to the victim’s personal accounts and bypass two-factor authentication.

But the biggest share of the siphoned money was received by Wiz, aka Veer Chetal; this, in turn, had $34.5 million traced to a single Ethereum wallet. ZachXBT unmasked Wiz due to a critical mistake during the screen-sharing session, coupled with the revealing of audio recordings.

How a Crypto Thief’s Spending Spree in Genesis Heist Ended in Jail

Greavys, whose real name is Malone Iam, was unraveled simply because, in this Genesis heist, he spent his loot rather ostentatiously-buying expensive cars and hosting parties. ZachXBT tracked $3.5 million of the siphoned money to an Ethereum address linked to Greavys.

One of them, Box (Jeandiel Serrano), who impersonated a representative of Gemini, was linked to $18 million in stolen assets. ZachXBT tracked down a web of Ethereum addresses that were connected with both Box and Wiz, tracing transactions in excess of $41 million to brokers of high-end goods.

The hackers had quickly laundered the funds across more than 15 different exchanges and immediately converted them into a variety of cryptocurrencies, including Bitcoin, Litecoin, Ethereum, and Monero. With ZachXBT’s cooperation with blockchain analytics companies and security teams at exchanges, more than $9 million was frozen, and $500,000 was returned to the victim already.

Just for comparison – recently, healthcare company Cencora faced backlash from the crypto community following a $75 million cyber ransom payment in Bitcoin. On-chain analyst revealed the exact BTC transactions in three installments in March.