Social Engineering Enterprise Cryptocurrency Theft and Prosecution
A criminal group known as the Social Engineering Enterprise orchestrated large-scale cryptocurrency thefts using social engineering tactics and physical attacks to gain access to victims' digital assets. The group targeted individuals with significant cryptocurrency holdings, either deceiving them into revealing access credentials or physically breaking into their homes to steal devices containing private keys. Law enforcement efforts have led to multiple arrests and guilty pleas, including a California man who admitted to laundering millions in stolen cryptocurrency and facilitating the group's operations by renting luxury properties for their activities.
In related developments, a key participant in a $263 million social engineering ring pleaded guilty, and additional members have been indicted and arrested in various locations, including Miami and Dubai. The group's operations began in late 2023 and involved members from the United States and abroad, who coordinated attacks and laundered proceeds through real estate and other means. The ongoing investigation highlights the growing threat of organized cybercrime targeting cryptocurrency holders through both digital and physical means.
Timeline
Dec 9, 2025
Evan Tangeman pleads guilty to RICO conspiracy
California resident Evan Tangeman pleaded guilty to RICO conspiracy charges for laundering money and facilitating operations for the Social Engineering Enterprise, which prosecutors say stole hundreds of millions in cryptocurrency.
Dec 9, 2025
DOJ indicts members of crypto theft gang
U.S. authorities indicted multiple members of the Social Engineering Enterprise for their roles in a large-scale cryptocurrency theft and laundering scheme tied to social engineering and related crimes.
Dec 9, 2025
Gang steals $263 million in cryptocurrency from Washington victim
Members of the Social Engineering Enterprise allegedly carried out a $263 million cryptocurrency theft from a victim in Washington, D.C. The theft was part of a broader campaign targeting wealthy holders of digital assets.
May 31, 2025
Social Engineering Enterprise activity continues until May 2025
The DOJ said the crypto theft gang continued its criminal activity through May 2025, laundering proceeds through exchanges and mixers while members spent funds on luxury goods, travel and rentals.
Oct 1, 2023
Social Engineering Enterprise begins crypto theft campaign
According to U.S. prosecutors, the Social Engineering Enterprise began operating in October 2023, using social engineering, hacked databases and physical burglaries to steal cryptocurrency from victims in the United States and abroad.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Related Entities
Threat Actors
Sources
Related Stories
Major Cryptocurrency-Related Cybercrime Prosecutions and Asset Seizures
Law enforcement agencies in multiple countries have made significant progress in prosecuting individuals and groups involved in large-scale cryptocurrency-related cybercrimes. In the United States, a California man pleaded guilty to laundering at least $25 million as part of a group that stole $230 million in cryptocurrency through social engineering and account takeovers. The group, composed of young adults from several states and abroad, used various tactics to compromise victims' crypto accounts and launder the proceeds, with several members facing charges including wire fraud, racketeering, and money laundering. In the United Kingdom, prosecutors secured a civil recovery order to seize over £4.11 million ($5.39 million) in crypto assets from Joseph James O'Connor, who was convicted for his role in the 2020 Twitter mega-hack. O'Connor and his associates used SIM-swapping and social engineering to hijack high-profile Twitter accounts, soliciting Bitcoin from followers and amassing illicit gains. These actions demonstrate the increasing effectiveness of international law enforcement in tracing, prosecuting, and recovering assets from cybercriminals who exploit cryptocurrency for large-scale fraud and theft.
1 months ago
Major International Law Enforcement Actions Against Cybercrime and Financial Fraud Networks
Law enforcement agencies across multiple countries have conducted significant operations targeting cybercriminal groups responsible for large-scale financial fraud, data breaches, and cryptocurrency theft. In Spain, police arrested a 19-year-old hacker accused of stealing and attempting to sell 64 million personal data records from nine companies, while Ukrainian authorities apprehended a separate data broker who used custom malware to compromise accounts and sell access on hacker forums. In California, a member of the so-called "Social Engineering Enterprise" pleaded guilty to laundering millions in cryptocurrency stolen through sophisticated social engineering attacks, with the group responsible for a $263 million heist and extravagant spending of the proceeds. Meanwhile, Russian police dismantled a gang that used NFCGate-based malware to steal millions from bank customers by tricking victims into installing fake banking apps and harvesting card credentials for remote theft. A major international operation led by Europol and Eurojust dismantled a €700 million cryptocurrency scam network in Europe that used deepfake videos and aggressive marketing to lure victims into fake investment schemes. The network operated numerous fraudulent platforms, laundered funds through complex channels, and was taken down in coordinated raids across several countries, resulting in arrests and the seizure of cash, cryptocurrencies, and luxury items. These actions highlight the growing sophistication of cyber-enabled financial crime and the increasing collaboration between law enforcement agencies to disrupt such operations on a global scale.
1 months ago
California Man Sentenced for Laundering Millions From Social-Engineering Crypto Heists
Evan Tangeman, a 22-year-old from Newport Beach, California, was sentenced to 70 months in prison after pleading guilty to a `RICO` conspiracy tied to a cybercriminal network that stole roughly **$230 million to $260 million** in cryptocurrency from victims. Prosecutors said Tangeman laundered at least **$3.5 million** between October 2023 and May 2025 for the group, which allegedly stole more than **4,100 Bitcoin** from a Washington, D.C., victim in August 2024 and used the proceeds to fund luxury homes, private jets, high-end vehicles, private security, and other lavish purchases. Authorities said the organization, identified by law enforcement as the **Social Engineering Enterprise**, targeted wealthy cryptocurrency holders using stolen and dark-web-sourced data, spoofed phone numbers, impersonation of Google and Gemini support staff, and remote-access tools including **AnyDesk** to obtain Bitcoin Core private keys. Investigators alleged the group then obscured the proceeds through mixers, exchanges, peel chains, pass-through wallets, and VPNs, while Tangeman also helped rent properties under false identities and destroy devices after arrests of key members. Another alleged launderer, **Kunal Mehta**, has also pleaded guilty and is awaiting sentencing.
2 days ago