What was the $243 million social engineering crypto scam?
Social engineering attacks are a potent weapon that scammers use to compromise crypto wallets and steal funds from victims. Court documents reveal that this was the tactic used to target the Gemini creditor in this case.
In August 2024, about 4,100 BTC worth $243 million vanished overnight from a single victim’s account. Three gamers, turned self-taught hackers, siphoned off the Bitcoin (BTC) after successfully gaining access using social engineering tactics. But this was just the start of a bizarre case, especially for the youngest thief, 19-year-old Veer Chetal.
Nicknamed “Wiz,” Chetal went from flaunting supercars to pleading guilty to a fresh round of scams while out on bail.
Unsealed crypto court documents from the Department of Justice revealed an initial overview of the scam. Then crypto sleuth ZachXBT, who helped unmask the hackers, provided a detailed summary.
Posting on X, the anonymous crypto investigator explained that Veer Chetal, Malone Lam and Jeandiel Serrano used a “highly sophisticated social engineering attack” to steal $243 million from a single person.
The victim was first targeted with a call pretending to be Google support via a spoofed number to compromise personal accounts. This was followed by a spoof Gemini support call claiming the account had been hacked. This was enough to convince the victim to reset their 2-factor authentication (2FA) and send the Gemini funds to a compromised wallet. Concurrently, the victim was led to use AnyDesk to share their screen and leak their Bitcoin private key.
Chetal, Lam and Serrano worked as a team to pull off the scam. Chetal accessed the victim’s Gmail and iCloud while Lam searched emails and folders for personal information. Then Serrano was tasked with calling as the customer service representative. By the early hours of Aug. 19, the trio had successfully accessed and drained the wallet.
Everything had seemingly gone to plan, but a series of mistakes would lead to their downfall.
Did you know? Malone Lam was living a flashy life before he was apprehended, purchasing 10 cars and spending $500,000 on nights out with friends in LA and Miami.
How ZachXBT unmasked the teen Bitcoin hacker
ZachXBT is a former scam survivor turned blockchain investigator. He has been at the heart of some of the most technical Bitcoin money laundering cases. However, in this case, the suspects made life easier for him by recording the entire event.
ZackXBT posted a private recording of the live reaction from the thieves on X as they received 4,064 Bitcoin.
This would become a key clue for the ZachXBT crypto investigation alongside tracking blockchain transactions. Initial traces showed that the funds were split among each party before the Bitcoin was sent to more than 15 different exchanges. Here, the crypto was swapped multiple times between Litecoin (LTC), Ether (ETH), Monero (XMR) and Bitcoin.
However, during the livestream, Chetal accidentally leaked his name. This was reinforced with accomplices referring to him as Veer on several recordings and chats. It was the first careless error that he would make during his crime spree, and how ZachXBT tied him to the funds.
Millions of dollars worth of ETH accrued from Veer Chetal’s scam started flowing to luxury goods brokers as he bought cars, jewellery, watches and designer clothing.
The two accomplices were equally sloppy in protecting their identities. Multiple people referred to Malone Lam as “Malone” during video clips, and he was seen flexing the stolen funds on Discord. About $3.5 million tied to Lam was pinpointed, and he was located with his girlfriend posting pictures of his location each night on Instagram.
Jeandiel Serrano, who posed as the Gemini exchange representative, used the same profile picture across the recording, Discord, and Telegram, which ultimately tied him to $18 million in ill-gotten gains.
As a result of the investigation, all three were arrested. Lam and Serrano’s indictment case was unsealed on Sept. 19, 2024, revealing official details of the case. Still, it would be several months before Chetal’s bizarre case would be made public.
Did you know? One week after the initial $243 million Bitcoin theft, Chetal’s parents were victims of a kidnapping attempt. Fortunately, local police officers arrived in time to arrest the six masked perpetrators.
Chetal’s second crypto scam gone wrong
In another twist to the story, Chetal agreed to cooperate with authorities and testify against his conspirators.
He pleaded guilty and gave up his array of purchases, including 30 luxury watches and over $36 million in ETH. The Bitcoin scam plea deal agreement consigned him to between 19 and 24 years in prison, but after a pre-trial hearing, he was released on bond on Oct. 21, 2024.
While out of jail and cooperating with authorities, the teenager started another social engineering spree, which included an alleged $2 million theft. A resident of New Jersey was tricked by a fake support team claiming to be from the Gemini exchange and Google, which convinced her to reveal the seed phrase to a crypto wallet.
As a result, about $2 million in cryptocurrency was drained from her wallet. Investigators used established blockchain tracing tools to follow the stolen funds. They discovered that $200,000 had been transferred to a newly created account on an online gambling platform, which may not have had any Know Your Customer (KYC) protocols.
This account was accessed six times, and during one session, a VPN failure exposed the real IP address, which was traced back to Chetal’s residence in New Jersey.
Chetal did not contest receiving the $200,000. His attorney stated in a March 31, 2025, motion that he understood, based on where the funds originated, that they were likely tied to illegal activity and that he should not have accepted them.
“Chetal admits that, even after he began negotiating with the Government, he secured $200,000 in illicit funds with a simple text message,” said US District Judge Colleen Kollar-Kotelly in her decision to reject Chetal’s request for re-release on bond.
“That sum was so trivial to Chetal that he gambled and lost all $200,000 on a single bet nine minutes later,” she said.
Importance of parental vigilance in the age of crypto crime
The Veer Chetal case highlights how teens can be drawn into crypto crime and how a lack of vigilance can put entire families at risk. Parental awareness and digital caution are key to prevention.
The case of Veer Chetal, involved in $245 million worth of crypto thefts, shows how quickly tech-savvy teens can become entangled in high-stakes digital crime.
Using basic social engineering tactics, like impersonating tech support from major companies, Chetal and his co-conspirators tricked victims into giving up sensitive credentials. The consequences extended beyond digital theft; Chetal’s parents were later targeted in a violent kidnapping attempt tied to the stolen funds.
This case underscores the need for parental vigilance. As cryptocurrency and online finance become more accessible, parents must stay informed about how these platforms work, how scams unfold and how young people might be recruited or influenced.
Encouraging open conversations, monitoring digital behavior and setting firm boundaries around financial access can reduce risks. In the digital economy, awareness isn’t optional; it’s necessary protection.
