Key Developments in the $243 Million Crypto Heist Investigation
A significant development has occurred in the investigation into the $243 million crypto theft, with blockchain investigator ZachXBT reporting the potential arrest of a British hacker. This individual is suspected of orchestrating one of the largest individual thefts in the history of cryptocurrency.
On December 5, ZachXBT announced via a Telegram post that Danny, also known by the aliases Meech or Danish Zulfiqar Khan, the primary suspect in the attack, was likely apprehended by law enforcement authorities. This announcement marks a major breakthrough in the prolonged investigation.
Seized Crypto and Suspect Wallet Link
ZachXBT highlighted a crucial piece of evidence: approximately $18.58 million in cryptocurrency is currently held in an Ethereum wallet that is reportedly linked to the suspect. The investigator stated that several addresses previously associated with Zulfiqar had consolidated funds into this specific address. This action mirrors patterns observed in previous law enforcement seizures, leading to increased suspicion that authorities are closing in on the hacker.
Dubai Raid and Suspect's Whereabouts
Further adding to the mounting evidence, ZachXBT noted that Zulfiqar was last known to be in Dubai. It is alleged that a villa in Dubai was raided, resulting in the arrest of multiple individuals connected to the hacker. Additionally, ZachXBT observed that several of Zulfiqar's contacts have become uncharacteristically silent in recent days, further fueling the belief that law enforcement has taken decisive action against the hacker.
However, it is important to note that no official statements confirming the arrest have been released by the Dubai Police or UAE regulators. Local media reports also remain silent on the matter, leaving the details of the potential arrest unconfirmed by official sources.
The Genesis Creditor Heist: Unraveling the Attack
The potential arrest of Zulfiqar could be directly linked to one of the largest known individual cryptocurrency heists. In September 2024, ZachXBT uncovered evidence suggesting that three attackers were responsible for stealing 4,064 BTC, valued at $243 million at the time, from a Genesis creditor. The attack was executed using highly sophisticated social engineering tactics.
The hackers reportedly impersonated Google support to deceive the victim into resetting the two-factor authentication on their Gemini account. This maneuver granted them access to the victim’s private keys. Subsequently, they drained the compromised wallet, routing the stolen Bitcoin through an intricate network of exchanges and swap services.
ZachXBT had previously identified the suspects by their online monikers: "Greavys," "Wiz," and "Box." These online identities were later linked to individuals Malone Lam, Veer Chetal, and Jeandiel Serrano. The U.S. Department of Justice subsequently charged two of these suspects in connection with orchestrating a $230 million crypto scam involving the theft. Further court documents revealed that the criminals employed a combination of SIM swaps, social engineering, and even physical burglaries to execute the theft, spending millions of dollars on luxury items such as cars and extensive travel.
ZachXBT's diligent tracking efforts have been instrumental in uncovering several related thefts. This includes a $2 million scam in which Chetal was implicated while out on bond. The news surrounding Zulfiqar’s potential arrest represents a potentially significant turning point in the ongoing investigation, although comprehensive details are still emerging.