|

Inside the $230M Bitcoin Heist by Malone Lam: A Wild Tale of Social Engineering, Supercars, and Spectacular Failure

Avatar photoByThe Droid Guy

The sophisticated crypto heist began in August 2024, when 20-year-old Singaporean Malone Lam and his accomplice Jeandiel Serrano targeted a wealthy early Bitcoin investor. What started as one of the most calculated cryptocurrency thefts in history would unravel into an unprecedented display of excess and poor judgment.

The Perfect Social Engineering Attack

The attackers executed their plan methodically. First, they triggered unauthorized Google account access notifications to the victim. Then, using spoofed phone numbers and carefully crafted scripts, Lam called the victim pretending to be Google support, claiming his account had been compromised.

Through manipulation, they convinced the victim to reset his password through a fake form, giving them access to his Google account. Scanning through his emails, they discovered his substantial holdings on the Gemini cryptocurrency exchange.

The scam escalated when Serrano called, this time posing as Gemini support, warning about suspicious account activity. They convinced the victim to install AnyDesk, a remote access software, under the guise of securing his account. With full access to his computer, they discovered a hidden folder containing private keys to multiple crypto wallets.

Moving swiftly, the scammers executed three large transactions within two hours, stealing 4,064 Bitcoin – approximately $230 million. They then began laundering the stolen funds through various exchanges and mixing services, including Monero, known for its untraceable transactions.

The Spectacular Spending Spree

Rather than disappearing with their massive haul, Lam embarked on one of the most brazen spending sprees in criminal history. His purchases included:

  • 31 supercars
  • A $2 million watch
  • Multiple luxury apartment rentals across Los Angeles and Miami
  • Regular private jet travel between cities

The nightclub expenses were particularly outrageous. In one Los Angeles club, Lam spent $569,000 in a single night, including:

  • $38,500 for 55 Grey Goose bottles
  • $72,000 for 48 Ace of Spade Brut bottles
  • $68,000 for 25 Emerald Ace of Spades Brut bottles
  • $300 for five baskets of Red Bull ($60 each)

Most notably, Lam paid for huge signs bearing his nickname “Malone” to be paraded through the clubs – the same name he had used during the crypto heist. He gave away five Hermés Birkin bags (worth approximately $20,000 each) to random women at clubs, and even attempted to gift a pink Lamborghini Urus to a woman on Instagram, who responded only with “I am taken once again.”

The Inevitable Capture

The spending spree created an obvious trail for law enforcement. While attempting to launder the stolen cryptocurrency, Lam and his accomplices made critical mistakes:

  • They performed multiple transactions linked to their personal crypto wallets
  • They spent enormous sums on traceable luxury purchases
  • They maintained a high-profile presence in exclusive clubs
  • They documented their spending on social media

The final raid occurred on September 19, 2024, in Miami. FBI agents found Lam in a rented luxury mansion with 10 bedrooms and 10 bathrooms, typically used by actors, businessmen, and politicians. The property’s courtyard was filled with luxury vehicles when agents arrived in bulletproof vests, surprising neighbors with the scale of the operation.

Only a small portion of the stolen funds has been recovered and returned to the victim. The case serves as a stark reminder that while cryptocurrency transactions are irreversible, even the most sophisticated crypto heists can be undone by the perpetrators’ own actions.

Leave a Reply

Your email address will not be published. Required fields are marked *