Skip to main content
Looking for your next role?
July 21, 2025
July 20, 2025

Three Young Hackers and the $243 Million Bitcoin Heist That Rocked Web3

The $243 Million Crypto Heist That Sent Shockwaves Through Web3

In August 2024, an astonishing 4,100 BTC—equivalent to roughly $243 million—vanished in a single night from one affluent crypto user’s account. What began as an ordinary balance check turned into one of the most brazen social engineering attacks in recent memory. Behind the crime were three self-taught hackers—once casual gamers—who combined psychological trickery with technical know-how to empty the victim’s wallet.

Court papers unsealed by the US Department of Justice, alongside insights from blockchain sleuth ZachXBT, have now peeled back the layers of this operation. For recruitment professionals in crypto and blockchain, the case underlines why hiring security-savvy talent is paramount in this era of increasingly sophisticated digital fraud.

Step 1: Impersonation Calls and 2FA Reset

The attackers began with a classic social engineering ploy: phone calls impersonating first Google support, then Gemini’s customer service. Calling from spoofed numbers, they convinced the victim that his Google account was at risk. A follow-up call “from” Gemini claimed the wallet had already been compromised.

Fearing a breach, the victim was instructed to reset two-factor authentication (2FA) and transfer assets to what he believed was a secure, temporary wallet. Meanwhile, the attackers urged him to install AnyDesk, a remote-access tool. Within minutes, they had full control over his screen and coaxed out his private key.

Step 2: Draining and Laundering the Bitcoin

By 2 a.m. on 19 August, the trio had siphoned every Bitcoin from the account. Their next move was to launder the proceeds through multiple exchanges, swapping BTC for Litecoin (LTC), Ether (ETH), Monero (XMR) and back again—fragments of a familiar pattern explored in our analysis of crypto-heists in 2024.

  • Funds split among the three conspirators.
  • Transfers to more than 15 different trading platforms.
  • Layered swaps to complicate blockchain tracing.

The Team Behind the Scam

Investigators identified the hackers as:

  • Veer “Wiz” Chetal (19): The youngest, responsible for accessing the victim’s Gmail and iCloud accounts.
  • Malone Lam: Focused on combing through emails for personal data, before signalling the others when to strike.
  • Jeandiel Serrano: Played the role of the Gemini support agent on spoofed calls.

Each had learned their craft through gaming communities where phishing techniques and remote-access tools circulate like strategy guides. Their coordinated approach demonstrates how even non-technical individuals can amplify their impact through teamwork—an important reminder for a blockchain recruitment agency seeking candidates with the right mix of technical and human-engineering expertise.

Crypto Investigator ZachXBT Cracks the Case

ZachXBT—a former victim turned professional blockchain investigator—helped unravel the scheme. His breakthrough came when the hackers accidentally live-streamed their reaction to receiving 4,064 BTC. Viewers on X (formerly Twitter) heard them gloat, and more critically, slip up:

  • References to “Veer” identified Chetal by name.
  • Discord and Telegram profile pictures matched those in the recording.
  • IP addresses leaked during a VPN failure linked funds movements back to a New Jersey apartment.

This evidence allowed authorities to trace millions of dollars in ETH as Chetal splurged on supercars, designer clothing and luxury watches—a spending spree mirroring the aftermath of other high-profile breaches we covered in addressing skill shortages in the crypto job market.

The Reckless Luxuries That Led to Their Arrest

Flashy purchases proved fatal to the hackers’ anonymity:

  • Lam: Bought ten cars and spent half a million dollars on nights out in LA and Miami, all documented on Instagram.
  • Serrano: Used the same profile photo across platforms, tying him to $18 million in stolen funds.
  • Chetal: Unleashed brags on Discord, then drew law-enforcement attention when his parents were targeted in a kidnapping attempt linked to the stolen Bitcoin.

Lam and Serrano were indicted in September 2024; Chetal, whose parents narrowly escaped an abduction, was publicly charged months later. His initial plea deal spanned 19 to 24 years for the BTC theft, but a twist in October secured his release on bond as he agreed to testify against his co-conspirators.

A Second Social Engineering Spree, and Stunning Carelessness

Out on bail, Chetal resumed his criminal antics. In early 2025, he orchestrated a fresh $2 million theft by replaying the same tactics: spoofed calls from Google and Gemini and coercion via AnyDesk. Investigators traced the stolen crypto to an online gambling account that lacked KYC protocols. A single VPN slip revealed his IP address and reignited scrutiny.

During a March 31, 2025 court filing, prosecutors noted that Chetal admitted to realising the funds were illicit, yet still gambled the entire $200,000 within nine minutes. Judge Colleen Kollar-Kotelly rejected his new bail bid, observing, “That sum was so trivial to Chetal that he gambled and lost all $200,000 in a single bet nine minutes later.”

Lessons for Crypto Recruitment and Compliance

For a web3 recruitment agency like Spectrum Search, this saga underscores why forging a robust team of security-focused crypto recruiters, blockchain headhunters and web3 talent acquisition experts is no longer optional. As scams grow more elaborate, companies must:

  • Prioritise defi recruitment professionals skilled in risk assessment.
  • Engage crypto headhunters with experience in compliance and behavioural analysis.
  • Train staff to recognise red flags in social engineering and remote-access requests.

Our clients benefit from a targeted search for top-tier cryptocurrency recruiter candidates—individuals who combine technical prowess with an innate scepticism of unsolicited support calls. To explore how firms are navigating this challenge, read Navigating Crypto Compliance: The Cruciality of Expert Recruitment.

Parental Vigilance in an Era of Digital Risk

The Chetal case also highlights a less discussed dimension: the vulnerability of families. When teens acquire the skills to exploit remote-access tools, they can inadvertently endanger loved ones. After the $243 million heist, Chetal’s parents faced an armed kidnapping attempt—a grim illustration of how far criminal networks will pursue stolen funds.

In a world where cryptocurrency underpins both legitimate innovation and high-stakes crime, parental guidance is a frontline defence. Open dialogues about the mechanics of blockchain, clear rules around device access and regular monitoring of online activity can help avert digital perils before they escalate.

As the industry matures, the stakes for secure hiring in crypto and blockchain soar. From elite web3 recruiters to specialised blockchain talent scouts, the right hires can be the difference between resilience and ruin in an interconnected digital economy.