74 entries in this category.
A Las Vegas company that the SEC said was a $12M+ Ponzi scheme: it told 277+ investors their money would be invested in securities and crypto via an 'artificial intelligence supercomputer' guaranteeing 20–30% annual returns. The SEC halted it in 2021; over 90% of funds came from investors.
A mobile crypto-investing app that the SEC and New York AG said was fraudulent: it sold unregistered 'CSD' tokens, misrepresented its management, charged hidden fees, and traded in customers' accounts without permission. A NY court shut it down in 2021 with a $3M judgment against CEO Delgerdalai Davaasambuu.
A blockchain 'universal shopper profile' startup whose 2017–2018 ICO raised ~$42.5M. The SEC and New York AG said it was fraudulent — fake retailer partnerships, no working product. Founder Eran Eyal pleaded guilty to felony securities fraud (NY) and settled with the SEC.
A December 2023 software supply-chain attack: a phished former Ledger employee's npm key let attackers publish malicious versions of Ledger's widely used 'Connect Kit' library, injecting the Angel Drainer into many dApps. About $500K–$600K was drained in a few hours before a fix shipped.
A 2018 ICO that billed its B2G token as 'the next generation of Bitcoin.' New Jersey issued a cease-and-desist calling it a fraudulent unregistered securities offering, and the SEC charged actor Steven Seagal for touting it without disclosing he was promised $250K cash plus $750K in tokens.
An NFT collection launched on OpenSea in September 2021 that promised a fighting game. About a week later its anonymous developer 'Evil Ape' vanished with 798 ETH (~$2.7M). In June 2024 U.S. prosecutors charged three U.K. nationals over the scheme.
A knockoff of the Mutant Ape Yacht Club NFTs whose creator, French national Aurelien Michel, raised ~$2.9M then 'rug-pulled' buyers, abandoning promised rewards. He was arrested at JFK in 2023, pleaded guilty to wire-fraud conspiracy, and forfeited $1.4M.
An Avalanche stablecoin protocol exploited for about $8.5M in February 2023 via a flash loan that abused a flawed solvency check. Two brothers were arrested in France (aided by ZachXBT) but were later acquitted of criminal charges by a French court.
Two 2017 ICOs run by Brooklyn's Maksim Zaslavskiy, marketed as tokens backed by real estate and diamonds that did not exist. The case produced the first U.S. criminal conviction for an ICO fraud; Zaslavskiy was sentenced to 18 months in 2019.
A cryptocurrency marketed by Rowland Marcus Andrade's NAC Foundation as 'anti-money-laundering' Bitcoin. A U.S. jury convicted Andrade of wire fraud and money laundering in 2025; the DOJ said he defrauded investors of about $10M with false claims, including a fabricated Panama Canal deal.
A 2017 ICO by Dominic Lacroix that promised returns of more than 1,300% in under a month. It was the first case brought by the SEC's new Cyber Unit; the SEC obtained an emergency freeze and a multimillion-dollar judgment.
An NFT 'play-to-earn' game promoted by Logan Paul in 2021 that never fully launched after raising millions. A Coffeezilla exposé called it a 'rug pull'; Paul apologized and offered refunds. An investor class action against Paul was dismissed; a defamation suit over the 'scam' label was ongoing.
An 8,888-piece NFT collection whose two creators abruptly shut it down within hours of selling out in Jan 2022 and moved ~$1.1M to their own wallets. The U.S. DOJ charged Ethan Nguyen and Andre Llacuna with wire fraud and money laundering.
A 2018 ICO that claimed it would put fruit and vegetables on the blockchain. After raising only a small amount, the team vanished and replaced its website with a single crude word — a widely cited example of a low-effort ICO exit scam.
A global crypto Ponzi/pyramid scheme (later rebranded 'Weltsys') that the DOJ and SEC say defrauded thousands of mostly Spanish-speaking investors of ~$8.4M with promises of guaranteed returns from nonexistent crypto mining and trading. Senior promoter Juan Tacuri got the 20-year statutory maximum.
A purported crypto hedge fund that promised ~1% daily returns from an 'EX BOT' trading robot. The SEC and DOJ called it a Ponzi scheme with ~$40M+ in investor losses; head trader Joshua David Nicholas pleaded guilty and was sentenced to 51 months.
A purported crypto mining and trading platform (MCC) that the U.S. DOJ called a $62M global investment fraud. Prosecutors say founder Luiz Capuci Jr. sold 'Mining Packages' and 'Trading Bots' with guaranteed returns but diverted investor funds to wallets he controlled.
A Web3 game on the Blast network drained of about $62.5M in March 2024 by one of its own developers — an insider whom investigators (ZachXBT) linked to North Korea. After negotiations, the developer returned all of the funds without a ransom.
A July 30, 2023 incident in which a compiler bug in older Vyper versions broke reentrancy protection, letting attackers drain several Curve pools and dependent protocols (Alchemix, JPEG'd, Metronome). Gross losses were ~$70M; white-hats and returns cut net losses to about $52M.
An early Bitcoin Ponzi (2011–2012) run by Trendon Shavers ('pirateat40'), who promised up to 7% weekly returns and took in ~764,000 BTC. The SEC won a $40M+ judgment, and in 2016 Shavers was sentenced to 18 months — the first U.S. federal securities-fraud case involving Bitcoin.
A cross-chain lending protocol drained of about $50M on October 16, 2024. Mandiant attributed it to a North Korea-linked actor (UNC4736 / AppleJeus) that used a fake-contractor Telegram lure to plant macOS malware on developers' machines and forge multisig approvals.
A decentralized exchange drained of about $48M in November 2023 via a complex exploit of its Elastic concentrated-liquidity pools. The attacker then posted an on-chain 'treaty' demanding full executive control of the Kyber company in exchange for the funds.
A yield-farming protocol exploited on October 26, 2020 in a flash-loan attack that manipulated Curve pool prices to drain its USDC and USDT vaults. Estimates ranged from ~$24M to ~$33.8M; the attacker returned about $2.5M.
A purported diamond-backed cryptocurrency run by Jose Angel Aman as the latest stage of a multi-year diamond-investment Ponzi. The SEC said the linked schemes raised about $30M from 300+ investors; Aman was sentenced in 2020 to six years and ordered to pay ~$23M in restitution.
A DeFi platform that falsely claimed backing by Morgan Stanley and used a paid actor as a fictitious 'CEO' while promising 1% daily returns. In May 2023 it exit-scammed roughly $31.6M, with on-chain investigator ZachXBT tracing funds bridged to Tron and Ethereum.
A Dallas-based operation that sold the Bitqy and BitqyM tokens. The SEC said founders Bruce Bise and Samuel Mendez defrauded over 13,000 investors in unregistered offerings; the DOJ said the venture raised ~$24M. Both pleaded guilty to tax evasion and received 50-month prison terms.
The Ethereum stablecoin protocol Beanstalk lost about $182M in April 2022 when an attacker used a flash loan to borrow enough governance tokens to pass a malicious proposal that drained the protocol's funds in a single transaction.
The Nomad token bridge was drained of about $190M in August 2022 in a chaotic 'free-for-all' after a flawed upgrade let users replay other people's withdrawal messages by copying transactions.
Harmony's Horizon bridge was exploited for about $100M in June 2022 after attackers compromised multisig signing keys. The FBI later attributed the theft, along with the Ronin hack, to North Korea's Lazarus Group.
A 2018 ICO by Titanium Blockchain (TBIS), led by Michael Stollery, that raised ~$21M for its 'BAR' token using fabricated testimonials and bogus partnerships (e.g. the Federal Reserve, PayPal, Boeing). The SEC froze it; Stollery was sentenced to 51 months.
A 2017 Texas ICO that marketed itself as the world's 'first decentralized bank' on the AriseCoin token, with false claims of FDIC insurance and a Visa partnership and a bogus '$600M raised'. The SEC halted it; the real fraud was ~$4M. CEO Jared Rice got 5 years.
A BNB Chain yield-vault protocol that lost ~$31M (≈14M BUSD and ~73,600 BNB) one day after launch in March 2021. The deployer used the proxy upgradeTo() function to swap the vault logic for malicious contracts with a permissionless 'backdoor' and drained the vaults. Widely classified as a rug pull.
A BNB Chain stableswap protocol that rug-pulled ~$27M in June 2021 by deploying a linked library different from its verified source code, letting operators drain the protocol and approved user wallets. A white-hat traced the team to Manchester, UK; arrests followed and most funds were returned.
A fraudulent virtual currency (MBC) marketed 2014–2017 as gold-backed and tradeable. Founder Randall Crater was convicted of wire fraud in 2022 and sentenced to over eight years; courts ordered ~$7.6M in restitution/forfeiture.
A purported crypto mining/trading company (founded ~2018) that the U.S. DOJ says was a Ponzi scheme promising guaranteed daily returns. Founder David Carmona was sentenced in 2024 to 121 months (~10 years) and ordered to forfeit ~$3.6M.
Two ICO tokens promoted in Vietnam by Modern Tech as MLM investments advertising up to 48% monthly returns. Widely reported as a ~$660M exit scam affecting ~32,000 people, though later Vietnamese investigation said those figures were inflated.
A South African crypto investment platform (founded 2019) whose founders said it was hacked in April 2021, then left the country. Loss figures are heavily disputed ($3.6B reported vs ~$40–50M later); the founders deny wrongdoing.
A 'decentralized' smart-contract investment platform the SEC called a 'textbook pyramid and Ponzi scheme', raising $300M+ (DOJ cited ~$340M). The SEC charged 11 people in 2022.
A 2017 ICO that sold the CTR token and, per the SEC, raised over $32M by touting nonexistent partnerships with Visa, Mastercard, and Bancorp. Co-founder Sohrab Sharma was sentenced to 8 years.
Munchables, a game on the Blast network, lost about 17,414 ETH (~$62.5M) on Mar 26, 2024 through contract manipulation. ZachXBT linked the hired developer(s) to a single person assessed as likely North Korean; the funds were later returned.
ZachXBT publicly warned that Sorta Finance (Arbitrum) was likely to be an exit scam and linked it to a series of earlier lending-protocol rug pulls attributed to the same actor, with reported cumulative losses above $25M.
Classic Ponzi promising 1.5% daily returns from 'arbitrage bots'. Paid early users with new deposits until collapse.
A Houston-based operation that the SEC says was a $300M Ponzi scheme targeting 40,000+ predominantly Latino investors with promises of 15–100% returns from crypto and forex trading. The SEC halted it in 2022 and later charged 17 network leaders; founder Mauricio Chavez pleaded guilty to wire fraud.
A multi-level-marketing 'crypto and forex' investment program that the SEC says raised more than $650M from over 200,000 investors (2019–2023), many in the Haitian-American community. The SEC charged founders Cynthia and Eddy Petion in 2024, alleging a fraudulent Ponzi/pyramid scheme.
A global multi-level-marketing scheme that sold 'investment packages' promising 300% returns over 16 months from purported forex trading, paid in crypto. Per the U.S. DOJ it raised over $650M from thousands of investors, then collapsed in 2022 blaming a 'hack'; founders were indicted in 2025.
About $81.5M was drained from the Orbit Bridge (by South Korea's Ozys) on Dec 31, 2023 – Jan 1, 2024, via weak withdrawal/signature validation. Ozys later said a former security chief had weakened its firewall weeks earlier and pursued legal action.
A purported medicinal-cannabis 'e-growing' investment platform that was in fact a Ponzi scheme. From 2020 to 2022 it took about €645M (~$688M) from ~186,000 investors with promises of 6–14% monthly returns, then froze withdrawals. Europol coordinated nine arrests in April 2024.
A BNB Chain lending protocol whose QBridge was exploited for about $80M on January 27, 2022. A logic flaw let an attacker mint unlimited 'qXETH' collateral without depositing any ETH, then borrow out the protocol's assets. Chainalysis later assessed it was likely North Korea-linked.
A blockchain-gaming ecosystem on Polygon whose semi-custodial wallets were drained of about $140M on December 13, 2021. Attackers compromised Vulcan Forged's servers to obtain its wallet-provider (Venly) credentials and export 96 users' private keys; the team reimbursed users from its treasury.
A DeFi protocol whose users lost about $120M on December 2, 2021 — not via a smart-contract bug but a front-end attack: a compromised Cloudflare API key let attackers inject a script that tricked users into approving malicious token allowances, then drained their wallets.
An Estonia-based cloud-mining operation that sold ~$577M in 'mining' contracts (2015–2019) while owning a tiny fraction of the advertised hashpower. Founders Sergei Potapenko and Ivan Turõgin pleaded guilty to wire-fraud conspiracy in 2025 and agreed to forfeit $400M+.
A cross-chain lending protocol drained of about $130M on October 27, 2021 via a flash-loan price-oracle manipulation of a Yearn yUSD vault — the largest of three exploits Cream suffered in 2021.
A UK-registered operation that the CFTC says fraudulently solicited at least 22,858 BTC (~$147M) from more than 1,000 customers in 2017 by falsely claiming expert trading and referral rewards. A U.S. court entered a default judgment against principal Benjamin Reynolds.
The cross-chain bridge Multichain saw about $130M moved out of its contracts in July 2023 in unexplained 'abnormal' transfers. The team said CEO 'Zhaojun' had been detained by Chinese police in May 2023, taking the protocol's keys with him; Multichain ceased operations.
The Ethereum lending protocol Euler Finance lost about $197M in a March 2023 flash-loan attack exploiting a flawed 'donate' function. After weeks of on-chain negotiation, the attacker returned essentially all of the recoverable funds.
The Wormhole bridge between Solana and Ethereum was exploited for about $325M (120,000 wETH) in February 2022 after a signature-verification flaw let the attacker mint unbacked tokens. Backer Jump Crypto replenished the funds.
A cross-chain protocol exploited for about $611M in August 2021 — one of the largest DeFi thefts ever. Unusually, the attacker (dubbed 'Mr. White Hat') returned nearly all of the funds over the following days.
The Ronin bridge behind the game Axie Infinity was drained of about $625M in ETH and USDC in March 2022 after attackers obtained validator keys. U.S. authorities attributed the theft to North Korea's Lazarus Group, and OFAC sanctioned the wallet.
A self-described 'investment club' led by Eddy Alexandre claiming a secret bot produced 5–9.99% weekly returns. DOJ/CFTC said it was a Ponzi/MLM that mainly targeted the Haitian-American community; ~25,000 investors put in ~$250M. Alexandre got 9 years.
A multi-level-marketing firm led by Ramil Ventura Palafox that claimed AI-powered Bitcoin/forex trading with daily returns up to 3%. Per DOJ/SEC it was a Ponzi: 90,000+ investors put in $201M+; net losses ~$62.7M. Palafox was sentenced in 2026 to 20 years.
An India-based Bitcoin Ponzi launched in 2015 by Amit Bhardwaj, promising 10% monthly returns for 18 months via an MLM model. India's Enforcement Directorate alleged ~80,000+ BTC was collected; loss estimates vary widely. Bhardwaj was arrested in 2018 and died in 2022.
A China-based MLM 'wallet/trading' Ponzi (2018–2019) that falsely claimed trading bots generated profits. A Chinese court found it took ~7.7 billion yuan (~$1.1B) from 715,000+ investors; operators were convicted in 2020. Closely tied to the larger PlusToken scheme.
A 2016–2018 MLM scheme that the SEC says raised 82,000+ BTC (~$295M at the time) from 100,000+ investors on the false promise of a trading 'bot'. The SEC charged founder Douver Braga and promoters; Braga was extradited to the U.S. and faces criminal charges.
A global multi-level-marketing 'crypto mining/trading' club (2015–2020) that the U.S. DOJ says was a ~$100M Ponzi scheme. Members saw fake on-screen 'profits' they could not withdraw. Founders and promoters pleaded guilty; co-founder Rodriguez was sentenced to 12 years.
A crypto 'membership' scheme (also HyperVerse/HyperNation) promising daily passive rewards from non-existent mining. The SEC cited $1.7B raised; the DOJ described a $1.89B fraud.
A Bitcoin 'mining pool' scheme (2014–2019) that the U.S. DOJ says took at least $722M by selling shares in non-existent mining returns and rewarding recruitment.
A South Africa-based operation that accepted only Bitcoin for a 'commodity pool' it claimed a bot traded. The CFTC called it the largest Bitcoin fraud it has charged — at least 29,421 BTC (~$1.7B) from 23,000+ people.
A wallet-based Ponzi scheme that operated mainly in China and South Korea (2018–2019), promising high returns. Estimates of funds taken range from about $2 billion to over $4 billion; Chinese courts convicted ringleaders in 2020.
The algorithmic stablecoin TerraUSD (UST) lost its dollar peg in May 2022 and, with its sister token LUNA, collapsed. The SEC and DOJ cited about $40 billion in investor losses; co-founder Do Kwon was sentenced to 15 years.
A high-yield 'lending program' built around the BCC token (2016–2018). Per a U.S. federal indictment, founder Satish Kumbhani ran it as a Ponzi scheme that took about $2.4 billion from investors worldwide.
A multi-level-marketing scheme based in Bulgaria that sold a cryptocurrency with no underlying blockchain or value. Per the U.S. DOJ, victims invested more than $4 billion. Co-founder Ruja Ignatova ('Cryptoqueen') remains a fugitive.
Fintoch ('Morgan DF Fintoch') operated on BNB Chain, claimed Morgan Stanley affiliation, and advertised 1% daily returns. ZachXBT reported the team withdrew about $31.6M in USDT in May 2023; a related arrest later occurred in Bangkok.
ZKasino ran a 'bridge-to-earn' campaign that, per reporting, collected about 10,515 ETH (~$33M). At launch the project converted deposits into its native ZKAS token instead of returning ETH and moved funds to a team multisig and into Lido. The event was widely reported as a rug pull.
A DeFi yield farm that drained its liquidity pool 11 days after launch, taking an estimated $4.2M from depositors.