The Charges: Social Engineering & Theft
Blockchain researcher ZachXBT accused Ronald Spektor, an online user known as “Ronaldd,” of perpetrating a crypto theft estimated to be as high as $6.5 million. The theft reportedly happened last October through a social engineering attack targeting a Coinbase user.
The victim reported, “The victim was contacted by a person pretending to be a Coinbase support agent who managed to get them to click on a phishing link, after which their life savings were stolen.” The money was laundered immediately through several Bitcoin and Ethereum exchanges in order not to leave any traces.
Evidence Linking Spektor
It is alleged that shortly after the incident, Spektor bragged about having $3.1 million on Ledger Live to people in a Discord group. A since-deleted Telegram channel also doxxed one of Spektor’s wallets, which was linked to several Coinbase withdrawals and also had connections with multiple phishing victims.
Blockchain analysis indicated that Spektor might not have acted alone. Activity across different wallets suggested the stolen funds went to various different actors. A data leak further pinpointed Spektor in New York, lending some much-needed credence to the allegations made on November 20.
Spektor’s Response
Days after ZachXBT came out with his findings, Spektor deactivated his account on Telegram, further raising the suspicion antenna. The victim also deleted their X account, but for reasons unknown.
The incident again raises the specter of social engineering attacks, while the actions of blockchain provide transparency and security.
Scammers Target Users of Coinbase
Impersonation scams against Coinbase users have been on the rise for several months. The incident is reminiscent of a similar case ZachXBT made public in August, where a Genesis creditor had lost $238 million in Bitcoin to fraudsters posing as Coinbase support. Police in Miami arrested suspects connected with that scam due to the investigations of ZachXBT and other analysts.
Increasing Awareness
Cases like this serve as a constant reminder of the vulnerability of crypto users to social engineering attacks. As the industry is growing, so is the level of sophistication for these schemes. Greater awareness and stricter security measures are required for the protection of users and the prevention of similar scams.
