Cryptocurrency theft related to kidnapping, luxury cars, and travel.

Two young men accused of the largest person-to-person cryptocurrency theft in U.S. history have bought rare cars, $2 million watches, rented mansions and racked up tabs in the hundreds of thousands of dollars at nightclubs. He continued to waste his money brazenly by running out of money. New court records reveal.

An August 18th cyber heist defrauded a Washington, DC resident of $230 million in virtual currency. At least $100 million to date Bitcoin Prosecutors said in a lawsuit recently filed in Washington, D.C., federal court that the body stolen from the victim remains missing.

Police are now saying that another crime, the mysterious kidnapping of a Connecticut couple house-hunting in broad daylight on Aug. 25, may be connected to the Washington cryptocurrency theft.

Authorities are investigating whether the kidnapping was part of a plan to ransom the couple's son, who is being investigated for his involvement in the cryptocurrency heist.

“I've never seen anything like this in 20 years,” Detective Sgt. Stephen Castrobinci of the Danbury Police Department in Connecticut told CNBC.

The robbery of more than 4,100 bitcoins occurred just one week before a couple was carjacked in Danbury while their son was driving a rented Lamborghini.

Six Florida men currently face state and federal charges in Connecticut in connection with the kidnapping.

They have not been charged in connection with the cryptocurrency theft. The kidnapped couple's unidentified son is also missing.

“It's amazing to see how this individual extended its legs,” Castrovinci said.

On September 19, just one month after the cryptocurrency heist, the U.S. Attorney's Office for the District of Columbia announced that the FBI had charged Malone Lamb, 20, and Jandiel Serrano, 21, with conspiracy. announced that he had been arrested. They claim to have stolen Bitcoin and subsequently laundered the stolen Bitcoin.

Prosecutors said Serrano, who goes by the nicknames “Versace God” and “@Skidster” online, was wearing a $500,000 watch when he was arrested in Los Angeles, where he lives. .

Prosecutors said in court filings that both men, who are being held without bail, admitted their involvement in the robbery.

Serrano's attorney, Paulette Pagan, had no immediate comment on his lawsuit. CNBC has contacted Lam's lawyer, who lives in Singapore, for comment. After several months of overstay, Lam was granted a visa waiver that allowed him to visit the United States as a tourist for just 90 days, and he lived in Los Angeles and Miami.

The scheme at the center of the bizarre case is “one of the largest private crypto thefts in U.S. history,” according to a federal court filing.

A month before their arrest, Serrano, Lam and other unnamed co-conspirators identified a man in Washington as a wealthy investor from early on, believing him to be in possession of a significant amount of cryptocurrency. He was targeted because he was Days of Cryptocurrency,” the court filing states.

In early August, one of the co-conspirators caused victims to receive “unauthorized Google account access” notifications, making it appear as though the access attempt occurred overseas, according to court filings.

“In reality, this was simply the co-conspirators laying the groundwork for an impending theft through sophisticated social engineering,” prosecutors said in their filing.

On August 18, members of the conspiracy called the man, claiming to be from Google's security team, and asking him about a recent compromise attempt.

“Through a series of prompts and misrepresentations,” the co-conspirators succeeded in manipulating the men into giving them enough information to access Google Drive, “where they could tell them where their cryptocurrency holdings were in Gemini.” “cryptocurrency exchange,'' the filing states.

Serrano and other participants in the scheme then called the man back, with Serrano posing as a member of Gemini's support team, prosecutors said.

While Serrano spoke with the victim, Serrano and his co-conspirators communicated with each other on messaging apps Discord and Telegram, “manipulating the victim into giving away private keys to their virtual currency holdings. “They were strategizing on how to provide their victims with sufficient computer access.” “The co-conspirators attempted to steal all of his savings,” the filing states.

The conspirators then tricked the men into downloading a program onto their computers to protect Gemini's assets.

But prosecutors say the program actually gave the co-conspirators real-time access to the victims' desktops.

“Serrano was ultimately able to manipulate the victim into opening a file containing the private key.”
over 4,100 Bitcoins,” the court filing states.

“While Serrano continued to manipulate the victim, his co-conspirators used this access to quickly steal all of the victim’s virtual currency holdings.”

Prosecutors said the co-conspirators distributed the proceeds of the theft in five ways.

The schemers then used “sophisticated money laundering techniques to hide the proceeds and conceal their identities,” according to court filings.

According to the filing, Serrano created an account on TradeOrgre.com and deposited $29 million worth of virtual currency “with the belief that it was clean and laundered.”

Mr. Serrano used a virtual private network to mask his location when accessing his account, but he was unable to use a VPN when creating his account.

“TradeOgre records show that this account was created from an IP address registered to Ms. Serrano's $47,500-a-month rental home in Encino, California,” the filing states.

By the time Serrano was identified by federal authorities, “he had already left the country.”
Vacationing in the Maldives,” the filing states.

“Meanwhile, suspected co-conspirator Malone Lamb spent hundreds of thousands of dollars a night at Los Angeles nightclubs and amassed an impressive collection of custom Lamborghinis, Ferraris, and Porsches,” prosecutors wrote.

Lam, a Singaporean who was arrested in Miami after traveling from Los Angeles to Miami on a private jet, had rented several homes in Miami, according to the filing.

The mansion he rented there cost $68,000 a month, according to filings.

Prosecutors said Lam, who used the online handles “Anne Hathaway” and “$$$,” bought a watch for $2 million and a Lamborghini Rebuerto for more than $1 million. That's what it means.

However, “many of Mr. Lam's cars, including the Pagani Huayra that he purchased for $3.8 million, have not yet been recovered at this time,” prosecutors wrote.

In total, Lam “admitted to purchasing 31 luxury cars, 22 of which have not yet been recovered by law enforcement,” prosecutors wrote.

Lam also admitted to conducting additional hacks and making millions of dollars in those separate cryptocurrency fraud schemes. This has been his livelihood since arriving in the United States in October 2023. “He has supported the entire situation,” prosecutors wrote.

“The three vehicles that Serrano admitted to purchasing have also not been located.”

Federal surveillance arrested Lam on charges of “wasting the victim's assets,” including “seeing her at a Los Angeles nightclub and gifting her a handbag worth tens of thousands of dollars,” the court filing said.

Los Angeles nightclub owners told investigators that Lam tried to pay for food and drinks in virtual currency, “spending approximately $400,000 to $500,000 per night,” according to the filing. . Receipts from the Los Angeles club show Lamb spent “$569,528.39 in one night,” according to the filing.

According to court filings, FBI agents interviewed Serrano after he was arrested at Los Angeles International Airport on Sept. 18, when he returned from the Maldives with his girlfriend, but did not confirm Serrano's crimes. He denied knowledge of any involvement.

“The FBI agent who interviewed her told her that the only way to de-escalate the situation was to call Serrano's co-workers and inform them of the arrest,” the filing states.

“Right after finishing the interview, Serrano's girlfriend immediately called his criminal associates and informed them of his arrest. They in turn revealed his Telegram account and all the incriminating information contained in the saved chats. The evidence was deleted,” the filing states.

“To date, approximately $70 million has been recovered or frozen on various exchanges,” prosecutors said in a court filing.

“Even considering the millions of dollars Serrano and her co-conspirators spent on cars and jewelry, well over $100 million remains unaccounted for.”

According to court filings, Serrano had approximately $20 million in stolen Bitcoin from his victims stored on his cell phone and agreed to transfer the funds to the FBI.

On August 25, three weeks before Serrano and Lamb were arrested, police in Danbury, Conn., received multiple 911 calls reporting the couple's abduction by two men.

According to court records and Det. Sergeant Castrovinci, the victims were driving a 2024 Lamborghini Urus that their son had rented when they were rear-ended by a white Honda Civic.

A work van then pulled in front of the Lamborghini and about six men wearing black masks surrounded the vehicle.

The suspect pulled the two victims from the car. When her husband resisted, the kidnappers punched him in the face and then beat him with a baseball bat, authorities said.

“The suspects repeatedly spoke.'' [the couple] “They will 'kill,'” FBI agent Matthew Rooks said in an affidavit supporting criminal charges against the alleged kidnappers filed in U.S. District Court for the District of Connecticut.

“The victims were forced into the back of a work van and pinned down. The suspects then bound the victims' arms and legs with silver duct tape, which they also used to cover them.” [the husband’s] face. The suspects forced [his wife] Loukes ordered her to lie on her stomach and not look at them, according to her affidavit.

According to FBI agents, “the couple heard police sirens shortly after the van started moving and heard one of the suspects yell, “Call Rick…we're in deep water.'' ”. Shortly after, the van crashed and the suspects fled on foot, leaving the victim behind.

Police arrested four suspects later that day and two more the next day. All six suspects are from the Miami area.

Castrovinci told CNBC that he was briefly hospitalized after the incident, but had no idea why they had been targeted in the kidnapping.

“They kept asking us, 'Why?'” Castrovinci said.

Castrovinci said Danbury police already knew about the couple because their home had been the target of “swatting” calls.

Swatting is the act of calling the police and falsely reporting that a crime is occurring at someone else's home or business, often resulting in police being dispatched to the location.

Castrovinci said he suspected the swatting calls were made by people who knew the couple's son from online games.

The Danbury News-Times first reported on October 11 that Danbury police had planned to interview the couple's son, but canceled at the request of the FBI.

“We were contacted by the FBI and were told that there was an ongoing investigation into my son regarding the cryptocurrency theft,” Castrovinci told the paper.

“That's how we knew, and even at the time, we didn't actually know the extent of his involvement. I just knew that,” he said.

“We don't know how[the six Florida men]knew this boy had that kind of money, but it was all because of this boy's involvement that they didn't know their parents. ”, he told the newspaper.

Castrovinci told CNBC that it was “certainly likely” that the kidnappers had planned to hold the couple for ransom in the belief that their son would be able to pay the ransom.

A spokesperson for the U.S. Attorney's Office in Connecticut declined to comment when asked about a connection between the couple's carjacking and kidnapping and their son's potential role in the August cryptocurrency heist.

The U.S. Attorney's Office in Washington, D.C., did not respond to a request for comment.