In one of the most significant thefts in recent cryptocurrency history, blockchain investigator ZachXBT and a team of collaborators have managed to freeze over $7 million worth of Bitcoin connected to a larger $330 million crypto heist. The victim—an elderly investor based in the United States—reportedly had their funds stolen through a highly sophisticated social engineering scheme, underscoring the growing vulnerability of individuals in the crypto space, especially those less familiar with the latest security practices.

The theft, which occurred on April 28, quickly drew the attention of ZachXBT, a well-known figure in the crypto industry for his tireless work exposing scams and tracking stolen digital assets. Just days after the crime was reported, ZachXBT introduced on social media that he had already traced and helped freeze a portion of the stolen funds. He credited the quick progress to the cooperation of several parties, including Binance’s Security team, CF Investigators, and independent researcher tanuki42_.

While recovering $7 million is a positive step, more than $300 million in stolen Bitcoin remains missing. This staggering amount has left many in the crypto community shaken, especially given the high-profile nature of the attack and the victim involved. According to ZachXBT, the victim was a “whale”—a term for someone who holds a large amount of cryptocurrency—who had been active across multiple exchanges. The exact source of the victim’s wealth was described only as “interesting,” leaving some room for speculation. ZachXBT declined to share more details about how the assets were initially acquired or what specific platforms were compromised.

The attack appears to have been executed using classic social engineering tactics. In this case, the perpetrators manipulated the victim or third parties to gain access to sensitive account information, rendering conventional security features like two-factor authentication nearly useless. This method has become increasingly popular among cybercriminals, especially when targeting individuals with substantial holdings and weaker personal cybersecurity awareness.

Two primary suspects have been identified in the ongoing investigation. One, known by aliases “Nina” or “Mo,” is alleged to be a Somalian national operating a call scam center out of Camden, United Kingdom. The second, going by the name “W0rk,” is believed to have assisted in the technical and communication aspects of the scam. Both suspects have since deleted their online profiles and gone dark, making further tracking more difficult. Investigators believe that much of the stolen Bitcoin was quickly moved through Monero (XMR), a privacy-focused cryptocurrency often used for laundering illicit funds due to its anonymity features. The laundering process was reportedly so intense that it even caused a short-term spike in Monero’s trading volume.

Binance’s involvement in the operation to freeze some of the funds is particularly notable. The exchange has become increasingly proactive in collaborating with investigators to combat large-scale scams. This case comes just weeks after similar reports of social engineering attacks targeting Binance users, highlighting a broader trend of cyber threats linked to leaked user data.

The crypto community has reacted strongly to the news. Many experts argue that this case should serve as a wake-up call to both investors and platforms about the importance of robust security practices. For individual investors—especially older ones—this includes educating themselves on potential threats and ensuring their accounts are protected not just by passwords but also by secure devices and behavior patterns.

Despite freezing a portion of the funds, the investigation is far from over. ZachXBT and his partners continue to monitor wallets, analyze blockchain data, and collaborate with exchanges and possibly law enforcement agencies to recover more of the stolen assets. Given the scale of the theft and the international nature of the suspects, recovering the full amount may take months, if not years.

Nonetheless, this swift partial recovery is a rare bright spot in a story that otherwise highlights the dark side of digital finance. It’s also a testament to the power of community-led investigations in the decentralized world of cryptocurrency—where traditional policing often falls short, but vigilant individuals like ZachXBT can still make an impact.