U.S. prosecutors have charged a 23-year-old Brooklyn resident with orchestrating a nationwide cryptocurrency phishing operation that allegedly drained nearly $16 million from Coinbase users. The case underscores how social engineering, rather than technical exploits, remains one of the most effective attack vectors in crypto-related crime.
According to prosecutors, the scheme affected roughly 100 victims across the United States and relied on impersonation, urgency, and psychological pressure rather than malware or protocol vulnerabilities.
Authorities say Ronald Spektor ran the operation under the online alias "@lolimfeelingevil," posing as an official customer support representative from Coinbase.
Investigators allege that Spektor contacted victims directly by phone while simultaneously sending spoofed two-factor authentication messages. During these interactions, he falsely warned users that their accounts were under active attack and that immediate action was required to prevent losses.
By creating a sense of panic, Spektor allegedly convinced users to transfer their crypto assets to wallets he controlled, framing the move as a temporary "security" measure. Once transferred, the funds were irreversibly lost.
After gaining control of the assets, prosecutors say the stolen cryptocurrency was rapidly moved through a combination of mixers, token-swapping services, and online gambling platforms. These steps were allegedly taken to break the on-chain trail and complicate recovery efforts.
Despite these attempts, blockchain analysis ultimately played a central role in reconstructing the flow of funds.
The investigation was led by the Brooklyn District Attorney's Virtual Currency Unit, working alongside Coinbase's internal security team and independent blockchain investigators, including ZachXBT.
Their combined efforts allowed authorities to trace the movement of the stolen funds and link them back to Spektor. As part of the case, law enforcement seized approximately $105,000 in cash and about $400,000 in digital assets.
Spektor now faces 31 criminal counts, including first-degree grand larceny and multiple money-laundering charges. He has pleaded not guilty and is currently being held at Rikers Island, with bail set at $500,000.
This case highlights a persistent reality in crypto security: exploiting human trust is often more effective than attacking software. Even platforms with strong technical safeguards can be undermined when users are manipulated into authorizing transactions themselves.
Authorities continue to stress that legitimate exchanges do not ask users to move funds to "safe" wallets and do not request private keys, recovery phrases, or emergency transfers under pressure.