Cyber Criminal Admits to Crime of $37M Worth of Crypto

A 21-year-old Indiana cybercriminal has pleaded guilty to defrauding 571 individuals of $37 million in cryptocurrency by exploiting a legitimate client's identity during a 2022 cyberattack.

Frederick Light faces charges of wire fraud and conspiracy to launder monetary instruments, reflecting a troubling trend of increasing cybercrime amid rising digitalisation.

In February 2022, Light targeted an investment firm in Sioux Falls, South Dakota, where his access to the client's identity allowed him to breach the company's servers and compromise the personal identifiable information (PII) of its clients, according to a Security Affairs' article.

With the help of an unnamed accomplice, he executed this extensive scheme to steal digital currencies:

“Light stole customer personal identifiable information (“PII”) and then stole cryptocurrency worth over $37 million from nearly 600 victims. He acted with one or more unidentified perpetrators.”

The DOJ added:

“After successfully accessing the computer servers, he then exfiltrated from the servers the PII of hundreds of other clients, using this access to steal virtual currencies from the clients who held such assets with the investment holdings company.”

The US Department of Justice (DoJ) reported that Light laundered the stolen funds by dispersing them to various locations worldwide, utilising multiple mixing services and gambling websites to obscure the illicit origins of the money.

Crypto Cyber Crime Continues to Rise

Light faces significant prison time for his fraudulent activities, with each count potentially leading to up to 20 years behind bars, fines, three years of supervised release, a $200 special assessment, and the possibility of restitution.

However, Light's case is emblematic of a broader trend; there has been a notable surge in cryptocurrency scams and cybercrimes worldwide.

Russia, for example, reported over 40 million data breach incidents in the first quarter of 2022, making it one of the largest victims of cybercrime.

In Oceania, Australia ranks as the primary target, while Nigeria has emerged as a hotspot for cybercriminal activity in Africa.

The average cost of a cyber breach was estimated at approximately $4.35 million in 2022, with projections suggesting that global costs of cybercrime could reach around $10.5 trillion, up from $7 trillion the previous year.

Recent reports indicate that criminals are increasingly focused on cryptocurrencies and digital assets.

Earlier this month, the US government imposed sanctions on two cryptocurrency exchanges—Cryptex and PM2BTC—accused of facilitating the laundering of funds obtained through cybercriminal activities.

Additionally, last month, the Department of Justice arrested Malone Lam, known by aliases including "Greavys" and "Anne Hathaway," along with 21-year-old Jeandiel Serrano, also known as "Box," "VersaceGod," and "@SkidStar."

This duo allegedly stole around $230 million worth of cryptocurrencies and attempted to launder the proceeds through various exchanges and mixing services.