In this complex and articulated but pathetic crypto scam, Malone lam “Anne Hathaway,” is a 20 year old Singaporean who stole 4,064 Bitcoin, approximately $230 million, along with a Jeandiel Serrano by posing as Google and Gemini customer support and convincing a Bitcoin holder to reset his 2FA authenticator app and allowing access his computer which led to the theft of the wallet private keys. He and his co conspirators spent the stolen money on luxury cars and buying expensive gifts for women and $500k bills in night clubs. In the end, his lavish lifestyle drew the attention of the FBI, which arrested him on September 18, 2024, at his mansion in Miami, charging him with conspiracy to commit wire fraud and money laundering, with court proceedings still ongoing.
As you can start understanding, he did all that was possible to help the authorities recognize and arrest him as his twisted mind needed to gain popularity, approval, and recognition. This case is useful for explaining the risks associated with social engineering attacks and also for highlighting how the recent generations are influenced by luxury lifestyles shown on social media, exemplified by the fact that the scammers, after obtaining so much money, didn’t disappear in a non-extradition tax haven, but preferred to try gaining social recognition thanks to money, albeit without success.
The main source of information for this article is ZachXBT, who collaborated with multiple exchanges and financial authorities to help the victim recover the money. He is a very well-known and skilled blockchain investigator who helped recover money from multiple scams. In this case, he was assisted by Cryptoforensic Investigators, ZeroShadow, the U.S. Attorney’s Office of the District of Columbia, and some crypto exchanges that collaborated to freeze scammers’ accounts.
A Pathetic Gang of Scammers: How They Stole More than $230 Million
This group of young scammers performed a sophisticated social engineering attack on an early and rich Bitcoin investor who kept more than $230 million worth of cryptocurrencies in his Gemini exchange account. They succeeded in the attack but miserably failed in laundering the money, as they performed multiple transactions linked to their personal crypto wallets. Additionally, most of them, especially Malone lam “Anne Hathaway”, spent their money on luxury clothes, bags, cars, and clubs. They did all their best to be traced and identified at least as suspects, and the authorities were able to link their fancy expenses with the $230 million crypto scam. But how did they attack the victim? Let’s explore the steps more in detail.
Step 1: Getting access to the Google account
At the beginning of the scam, the attackers didn’t know the exact amount of cryptocurrencies the victim had, and they actually didn’t even know which crypto exchange he was using. How did they discover that? They needed access to his mail and his Google account. So, the first involved impersonating Google support to manipulate him and get access to its mail. They called him with a spoofed number and told him that his Google account had been hacked and that he had to verify his personal information with them to secure his account. They guided him step-by-step and sent him a fake email from Google to reset his password. Of course, the mail was fake, and the victim inserted his previous password in the reset form and created a new one. This first step of this attack was a success: The scammers got access to his Google account and scanned all the emails to find out which crypto exchanges and wallets the victim was using.
Step 2: Impersonating the Gemini support
Inside the victim’s email, they found that he was using the Gemini exchange to store his crypto, and the second step began. They called him, this time impersonating Gemini support, and told him that someone was accessing his account from a suspicious location. The victim, in a state of panic, followed the instructions of the scammers: They said that he must transfer his crypto assets to another Gemini account because the previous one was not safe anymore, and they asked to reset his 2-factor authentication code. After that, they insisted on offering additional help to ensure the account was safe, but, in reality, they only wanted to get full access to his computer to check if he was hiding cryptocurrencies in other crypto wallets.
Step 3: “AnyDesk” app to get access to his computer
The scammers claimed that the last step to secure his account involved installing the screen-sharing app “AnyDesk” so that they could help him verify everything was safe again. However, after installing the software and sharing the screen with them, they had full access to his computer. They searched for additional crypto wallets and found that the investor had a hidden folder with all the private keys of other crypto wallets, bingo! They found all the credentials needed to get full access to his crypto wallets, and discovered that the victim was holding more than expected: $230 million worth of BTC in a Bitcoin Core wallet.
Step 4: Stealing $230 million worth of cryptocurrencies
The scammers now have access to multiple wallets, and they started from Gemini: On this crypto exchange, they stole $6 million worth of cryptocurrencies, but it was not enough, the game had just started. After closing the call with the investor, the scammers acted fast to transfer all the money to their accounts. Having the private keys of the Bitcoin Core wallets, they performed three additional transactions in the course of less than 2 hours, effectively stealing more than $230 million worth of BTC. The loot was more than expected, and the scammers couldn’t believe that they succeeded in this attack. After that, the victim received an email and figured out that his entire crypto portfolio had been stolen and that all the calls and requests received were fake.
Step 5: Laundering the stolen cryptocurrencies
One quarter of a billion dollars worth of cryptocurrencies is not easy to cash out, especially if it comes from a scammers' attack. Firstly, they needed to spread the money across multiple exchanges, including popular ones like Binance, but they also used multiple cryptocurrencies, including the most anonymous one, Monero. Monero is practically untraceable and they knew it very well. Additionally, they used crypto mixers to make the cryptocurrencies stolen untraceable, and then they split them across multiple wallets and exchanges’ accounts. At this point, this could be the “perfect” scammers' attack, where the hackers stole and laundered more than $230 million worth of cryptocurrencies effectively, but they were just “pathetic kids” looking for social recognition and approval, so..
Step 6: Scammers spent money like there was no “tomorrow”
After stealing such an amount of money, you probably think that they disappeared into thin air and moved to a tax haven without extradition, or something like that. But that’s not what happened. Caught by euphoria and excitement, they didn’t escape with the loot, but decided to enjoy their new wealth by spending enormous amounts of money on futile material things, trying to attract women by buying them expensive gifts, including Hermes bags and Lamborghini cars.. As you can start understanding, this final step was not very smart, but it helped the authorities to trace and catch them all. What exactly did they do with the money?
How did Malone lam spend the stolen money?
This could be considered the “perfect” scam until they started spending money in very dumb ways. Malone lam “Anne Hathaway”, especially, wanted to be the main character of this story, showing how his brain is fried and how young generations are cooked trying to impress others with luxury and futile stuff. He probably thought he was living in a movie and that now that he was super rich, all the women would be attracted to him. However, it happened the complete opposite. So, how did Malone lam spend the stolen money?
Buying Designer Clothes
The first things he purchased were luxury clothes produced by high-end brands such as Louis Vuitton clothes and other luxury stuff. It makes you understand how these scammers, representing a large portion of young generations, are manipulated to think that appearance is all: how you dress defines who you are. This is what they thought, and Malone lam “Anne Hathaway,” in particular, exemplifies this. He thought that just by wearing luxury clothes, people, and girls in particular, would be attracted to him. Unfortunately for him, it happened the complete opposite, and he has been rejected multiple times even if he was wearing the last limited edition branded and expensive jacket.
Lamborghini and Hermes Birkin Bags to Impress Girls
As you can imagine, buying expensive clothes and stuff for him was not enough to impress girls, and here comes the most pathetic act of this young scammer. He purchased at least 5 Hermes Birkin bags (each of them costs around $20,000) and a limited edition pink Lamborghini Urus. Not for him, but to give to random girls in a club as a gift. That’s unbelievable. This guy entered the club with five bags worth around $100k and gave them for free to random girls, trying to impress and convince them to stay with him. It didn’t work, and if the rejection was not enough, some of these girls posted a TikTok video telling the entire story about how they got the bag, mentioning that a “young guy” gifted them the bag. One of them even said that the color is “really not her style.”
Among these gifts, the most relevant was a Lamborghini Urus that Malone lam wanted to give for free to a girl on Instagram. He sent multiple messages saying that he purchased it for her, but her only reply was “I am taken once again..” This also means that it was not the first offer she had received from him and that he was desperately insisting on at least having a chance with her without success. Luxury gifts don’t make you attractive, especially if you have zero charisma or charm.
Multiple $500k bills at clubs
Most people struggle to make $500,000 in the course of their entire life, and our main character, Malone lam “Anne Hathaway”, along with his friends, spent this incredible amount of money in one night, for almost every night since stealing the money, that’s crazy. How did they manage to spend this amount of money every day? Don’t worry, there are the bills to explain that.. $38,500 for 55 Grey Goose bottles, $72,000 for 48 Ace of Spade Brut bottles, $68,000 for 25 Emerald Ace of Spades Brut bottles, and so on. However, the funniest expense in the bill shown below is $300 for five baskets of Redbull ($60 each), and that also makes the club owner a criminal, not only the scammers.
Oh, and we forgot the club's silliest expense, which is basically to shout at everyone ‘I am the scammer’: Malone Lam paid a lot of money so that huge signs will be paraded in the club with the “Malone” nickname written in big letters, the same one he used on Discord and other platforms during the scam!
Why did Malone lam “Anne Hathaway” and his dumb friends do it?
Even if these guys seem very pathetic and stupid, we must recognize that they actually performed a sophisticated social engineering attack, leveraging multiple tricks that are not easy to implement, such as using spoofed phone numbers and emails, leveraging the psychological bias of the victim, laundering money with crypto mixers and anonymous cryptocurrencies, and more. However, why did they commit such a crime? And, most importantly, why did they have the necessity to show everyone their new stolen wealth?
Need for fame
In the social media era, fame is what many people are looking for. Attracted by, in most cases, likely fake lifestyles shown on social media by influencers, many people want to live a fancy life just to post it on social media and gain fame. People want to gain social recognition and approval, and make other people jealous of their lifestyle. We think that having fame is equal to being happy, but that’s not true, and in most cases, it’s the complete opposite. Even if you see someone on social media showing an amazing life, it is only what he decided to show off, and, also, in his life, there are troubles and insecurities like everyone else. The happiest people, in fact, don’t need fame and social approval and, on the contrary, "live the moment" and the best life without the need to post it on social media, often preferring to be anonymous instead of famous. Privacy is one of the most underrated things nowadays.
Insecurity
Now, we don’t know how Malone lam “Anne Hathaway” lived in the past during his childhood, but of course, we can suppose that he was very insecure, likely alone, and sad because otherwise, someone would have stopped it by making these dumb choices looking for social recognition. Additionally, trying to get rich by scamming other people shows that you don’t believe you can become rich with your own skills and talent. He was just a common insecure guy who, instead of trying to create a positive life for himself, decided to take the short, risky path by literally becoming a criminal. And not a smart criminal, but a pathetic one, looking for popularity and fame instead of actual wealth and privacy.
Desire for women
Another deduction we can make by analyzing his behavior is that he didn’t have success with girls before getting rich (illegally, and it didn’t work either). His behavior clearly showed that he doesn’t have charm or personality, and it’s exemplified by the fact that he literally tried to “buy” girls by giving them free luxury stuff. Fortunately, the girls involved were smart and didn’t give him attention simply because he treated them as objects to be bought, which is highly offensive, awkward, and stupid. He had no self-respect and thought that the girls he wanted did not have it either, but fortunately, this was not the case, and they all rejected him.
Key takeaways from this $230 million cryptocurrency scam
Now, even if this group of cooked scammers failed miserably to launder the stolen cryptocurrencies, we must admit that the first part of their plan was effective. So, it’s time to give some advice to investors to prevent them from being victims of similar scammers. What security measures can you implement to protect your digital assets?
Be skeptical and verify communications
The first suggestion is to be skeptical about everything, especially when contacted without request and in particular in cryptocurrencies. The first mistake the victim made in this scam was to trust the scammers without questioning the legitimacy of the call. Even if the phone number was replicated to be similar to the Google support, he should have verified it through official sources and contacted the support directly. Additionally, Google and Gemini support would never ask you for your personal information, especially sharing your computer screen with them. Never trust people online without double-checking the request on official channels.
Use a cold wallet
Another common mistake made by crypto investors is not using a cold wallet for their long-term holdings. In fact, if the victim had kept his digital assets on a hardware wallet like Ledger or Trezor, the scam wouldn’t have happened. Holding your assets in a cold wallet means that your seed phrase (sequence of random words needed to get access to the wallet) is not online, and your wallet is not connected to the internet. It’s a common practice to use it, especially for long-term holding, as you ensure only you have access to your asset, that your wallet is not connected to the internet, and that your seed phrase has never been online. Never keep your seed phrase on your computer, and use a metal card to engrave it physically.
Spread your assets across multiple wallets
If you have $230 million in cryptocurrencies, it’s advisable to spread them across multiple cold wallets to limit the risks of thefts. In fact, if you have such an amount of funds across, for example, 5 wallets, it means that every wallet contains $46 million of cryptocurrencies, and even if scammers get access to one of them, you will lose only 20% of your total wealth, instead of 100%. Of course, it could be more complex to manage and store 5 different seed phrases safely, but you would be equipped to preserve your wealth even if one of your wallets is compromised. This advice is mainly directed to long-term holders who have a huge amount of money to protect.
Be informed about common crypto scams
The last piece of advice is to be informed and updated on how scammers try to steal cryptocurrencies. The number of crypto scams is increasing as cryptocurrencies are not fully regulated yet, and the pseudonymous nature of digital assets makes it easier to launder stolen money by making them likely untraceable. However, if you’re informed and implement all the best practices to store your cryptocurrencies, you can avoid falling for scams and thefts. Knowledge is your best ally.
Malone lam “Anne Hathaway” Arrested in a luxury mansion in Miami
In conclusion, Malone lam and his pathetic group of scammers were arrested. He was caught in a rented luxury mansion in Miami on September 19 at 1201 NE 83rd St., with the courtyard full of luxury cars. The FBI raided the house with bulletproof vests and machine guns, with neighbors surprised at what was happening. The house in question, listed on Airbnb, with 10 bedrooms and 10 bathrooms, with a canal view, was often rented out to actors, businessmen, and politicians.
However, only a small minority of the funds have been recovered and given back to the victim. It’s a reminder to explain that cryptocurrency transactions are not reversible, and recovering stolen funds is, in most cases, likely impossible. The best thing you can do is to prevent being scammed by implementing all the security best practices to protect your wealth. We hope that this research can be useful for crypto investors to audit their security measures and store their crypto wealth effectively. Never trust anyone on the internet, especially regarding your financial assets. Cryptocurrencies and blockchain can be tools to give people financial freedom for the first time in human history, but it comes at a cost: The responsibility of effectively protecting your assets with knowledge and smart security measures.
