Ongoing Cryptocurrency Scams and Thefts Targeting Individuals and Infrastructure
Multiple forms of cryptocurrency-related fraud and theft continue to impact individuals and organizations. Ongoing email and web-based scams promise large Bitcoin payouts, luring victims to fake chatbot sites and requiring them to pay conversion fees to criminal-controlled wallets. These campaigns often abuse platforms like telegra[.]ph and Google Forms to create convincing phishing pages. Meanwhile, the FBI reports a significant and rising trend in Bitcoin ATM fraud, with Americans losing at least $333 million in 2025, and scammers frequently targeting older victims. Law enforcement actions have included lawsuits against ATM providers accused of enabling or profiting from fraudulent transactions.
In addition to direct scams, sophisticated attacks have leveraged previous data breaches to facilitate cryptocurrency theft. Investigations have traced ongoing wallet-draining attacks to the 2022 LastPass breach, where attackers obtained encrypted password vaults containing private keys and seed phrases. Victims with weak master passwords have been especially vulnerable, with stolen funds laundered through Russian exchanges. These incidents highlight the evolving tactics of cybercriminals in exploiting both technical vulnerabilities and social engineering to steal cryptocurrency assets.
Timeline
Jan 2, 2026
TRM Labs and Secret Service link $35M thefts to LastPass breach
By early 2026, TRM Labs had traced more than $35 million in cryptocurrency thefts to the 2022 LastPass breach, with the U.S. Secret Service corroborating the connection. The analysis found a coordinated laundering operation using CoinJoin and Russian-linked exchanges.
Jan 1, 2026
Authorities intensify scrutiny of crypto ATM operators
By early 2026, U.S. authorities were pursuing legal and enforcement actions against cryptocurrency ATM providers, including allegations against Athena Bitcoin over undisclosed fees and fraud-heavy transaction volumes. In one case, a sheriff's office recovered $32,000 from a Bitcoin Depot ATM using a warrant.
Dec 31, 2025
Americans lose $333 million to crypto ATM fraud in 2025
The FBI said Americans lost at least $333 million to Bitcoin ATM scams in 2025. The agency described the fraud as showing a clear and constant rise and not slowing down.
Oct 1, 2025
Bitcoin payout scam campaign starts abusing telegra.ph
By at least October 2025, a scam campaign was sending emails promising large cash payouts from supposed Bitcoin holdings. The operation used telegra.ph pages and sometimes Google Forms to funnel victims to fake chatbot-driven payment requests.
Dec 31, 2024
Crypto ATM scam losses rise to $247 million
U.S. losses from cryptocurrency ATM fraud increased to $247 million in 2024, according to FBI figures cited in reporting. The jump showed the scam type was accelerating rather than declining.
Jan 1, 2024
OFAC sanctions Russian-linked exchange Cryptex
In 2024, the U.S. Treasury's OFAC sanctioned Cryptex, an exchange later identified in reporting as part of the laundering path for cryptocurrency stolen from LastPass victims. This linked the theft campaign to Russian cybercrime infrastructure.
Jan 1, 2024
Crypto thefts begin from cracked LastPass vault data
By 2024, attackers were using data stolen in the 2022 LastPass breach to crack weak or reused master passwords offline and steal cryptocurrency from affected users. The stolen funds were laundered through Wasabi Wallet and routed toward Russian-linked exchanges.
Dec 31, 2023
Crypto ATM scam losses reach $114 million in the U.S.
The FBI reported that Americans lost $114 million to cryptocurrency ATM scams in 2023. The scams disproportionately targeted older victims and reflected a growing fraud trend.
Jan 1, 2022
LastPass breach exposes encrypted password vaults
In 2022, attackers breached LastPass and stole encrypted customer vaults containing sensitive stored data. For some users, those vaults included cryptocurrency wallet private keys and seed phrases.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Related Entities
Sources
Related Stories
FBI Warns of Surge in Account Takeover Fraud Targeting Financial Institutions
The FBI has issued a warning about a significant increase in account takeover (ATO) fraud schemes, with cybercriminals impersonating financial institutions to steal money and sensitive information. Since the beginning of the year, over $262 million in losses have been reported from more than 5,100 complaints. Attackers use social engineering tactics—including texts, calls, and emails—to trick victims into revealing login credentials, multi-factor authentication codes, or one-time passcodes. Once access is gained, criminals reset passwords, lock out account owners, and quickly transfer funds, often to cryptocurrency wallets, making recovery difficult. The FBI highlighted that these schemes are becoming more sophisticated, with tactics such as search engine optimization (SEO) poisoning, where fraudulent ads mimic legitimate e-commerce or financial sites to lure victims. The warning comes ahead of the holiday season, a period when such scams typically increase. The agency urges heightened vigilance, especially as cybercriminals exploit fears of fraudulent transactions and use impersonation of both financial institution staff and law enforcement to manipulate victims into providing sensitive account information.
1 months ago
FBI says cyber fraud losses hit $17.6 billion as crypto scams topped $11 billion
The FBI’s Internet Crime Complaint Center reported more than **1,008,597** cybercrime complaints in 2025, with cyber-enabled fraud driving **$17.6 billion** in losses and accounting for **85%** of all reported losses. **Investment fraud** caused the most damage at **$8.6 billion**, followed by **business email compromise** at more than **$3 billion** and **tech support fraud** at **$2.1 billion**. Older adults were hit especially hard, with people aged 60 and above filing **201,266** complaints tied to about **$7.7 billion** in losses, while California, Texas, and Florida recorded the highest complaint volumes. Cryptocurrency-related crime was a major driver of the surge, with Americans reporting **$11.4 billion** in crypto scam losses across **181,565** complaints, up **22%** from the prior year. The FBI said many cryptocurrency investment scams are sophisticated, long-running schemes linked to organized criminal enterprises in Southeast Asia that use trafficked people as forced labor. The bureau also warned that ransomware remained a persistent threat, investigating more than **200** ransomware variants, actors, and enablers after identifying **63** new variants; ransomware complaints rose to **3,611** with more than **$32 million** in losses, and attacks affected **14 of 16** U.S. critical infrastructure sectors.
1 weeks ago
Emergence of AI-Driven Romance Scams and Crypto Phishing Threats
New research has revealed that romance scams are increasingly being automated through the use of large language models (LLMs), allowing cybercriminals to scale their operations and make scam interactions more convincing. These scams typically follow a three-stage process: initial contact, relationship building, and financial extraction, with LLMs now handling much of the repetitive conversation and persona management. Insiders from scam operations report daily use of AI tools to draft and translate messages, making it easier to maintain multiple simultaneous conversations and deceive victims into fraudulent cryptocurrency investments. In parallel, the threat landscape for cryptocurrency users has intensified, with phishing attacks targeting digital wallets and decentralized applications (dApps) on the rise. According to a 2025 Kaspersky report, crypto-related phishing detections surged by over 80% compared to 2023, with social engineering scams accounting for the largest share of incidents. Attackers employ tactics such as fake wallet sites, approval phishing, and payload-based transaction phishing, resulting in hundreds of millions of dollars in losses. These developments underscore the growing sophistication and automation of social engineering attacks in the cryptocurrency ecosystem, driven by advances in AI and the expanding use of digital assets.
1 months ago