Skip to main content

cryptoscams.wiki

Navigation

Main page
Report a scam
Contribute an entry
Moderation

Categories

All entries280
Projects74
Tokens40
Individuals115
Organizations & groups12
Exchanges & platforms28
Websites & domains1
Social accounts2
Other8

Tools

All entries (A–Z)
Recent changes
Timeline
Statistics
Random entry

cryptoscams.wiki is a source-backed database. Entries are user-submitted and may contain errors.

Nothing here is legal or financial advice. Report corrections via the moderation queue.

Tag: social-engineering

9 entries tagged “social-engineering”.

Hamza Doost
A member of the 'SE Enterprise' crew tied to ~$250M in crypto thefts including the $243M Genesis-creditor heist. He pleaded guilty to a RICO conspiracy charge and, per reporting, faces up to 11 years in prison.
IndividualsImpersonationHigh· 1 sources· updated Jun 8, 2026
Marlon Ferro
A member of the 'SE Enterprise' social-engineering crew (online alias 'GothFerrari') behind ~$250M in crypto thefts (2023–2025), including the $243M Genesis-creditor heist. He pleaded guilty and was sentenced in 2026 to 78 months in prison.
IndividualsImpersonationHigh· 2 sources· updated Jun 8, 2026
Scattered Spider
A financially motivated cybercrime group (tracked as UNC3944, 0ktapus, Octo Tempest) known for SMS phishing and SIM-swapping. U.S. prosecutors say members stole millions in cryptocurrency from individuals; several have been arrested and pleaded guilty.
Organizations & groupsPhishingHigh· 2 sources· updated Jun 8, 2026
Contagious Interview (UNC4736)
A North Korea-linked campaign that poses as recruiters/contractors to trick developers and crypto workers into running malware (e.g. BeaverTail, InvisibleFerret, INLETDRIFT). Tracked as UNC4736 / AppleJeus / Citrine Sleet; linked to the Radiant Capital theft.
Organizations & groupsMalware / drainerHigh· 2 sources· updated Jun 8, 2026
@xcartermurphy (X impersonation account)
An X (Twitter) account described in a public post as an impersonator tied to a malware-focused social-engineering operation. Per the post, the account displayed (then removed) a well-known VC firm's tag in its bio, and a target was sent a malware-laden 'WeChat' installer plus an install command hosted on a now-scrubbed domain.
Social accountsImpersonationHigh· 2 sources· updated Jun 8, 2026
Veer Chetal
Identified by ZachXBT (alias 'Wiz') as a participant in the August 2024 ~$243M Genesis creditor theft; reporting indicates he was among those later charged.
IndividualsImpersonationHigh· 2 sources· updated Jun 8, 2026
Jeandiel Serrano
Named in a U.S. DOJ indictment (identified by ZachXBT as 'Box') over the August 2024 ~$243M social-engineering theft from a Genesis creditor.
IndividualsImpersonationHigh· 2 sources· updated Jun 8, 2026
Malone Iam
Identified by ZachXBT (alias 'Greavys') and named in a U.S. DOJ indictment in connection with the August 2024 ~$243M social-engineering theft from a Genesis creditor.
IndividualsImpersonationHigh· 2 sources· updated Jun 8, 2026
$243M Genesis Creditor Theft (Greavys, Wiz, Box)
On Aug 19, 2024, roughly 4,100 BTC (about $243M at the time) was stolen from a single creditor of the bankrupt lender Genesis through a social-engineering attack. ZachXBT traced the funds and identified three individuals; the case led to arrests and a U.S. DOJ indictment.
OtherImpersonationCritical· Bitcoin· $243.0M lost· 4 sources· updated Jun 8, 2026