A 23-year-old Brooklyn resident, Ronald Spektor, has been indicted on 31 criminal counts for allegedly orchestrating a phishing scheme that defrauded nearly $16 million from approximately 100 Coinbase users. According to the Brooklyn District Attorney’s Office, Spektor’s alleged crimes spanned from April 2023 to December 2024 and involved methods of impersonation, social engineering, and laundering stolen funds through various crypto transactions.
Spektor was arraigned on several charges, including first-degree grand larceny, criminal possession of stolen property, and money laundering. Prosecutors claim that he contacted victims while masquerading as a Coinbase customer support representative, alerting them to supposed risks to their accounts. Under this pretense, he persuaded victims to transfer their assets into wallets that he controlled, ultimately leading to significant financial losses.
Once he had obtained the victims’ funds, Spektor is accused of using crypto mixers, token-swapping services, and online gambling platforms to conceal the origins of the stolen assets. Court documents reveal that he operated under the alias “Ronaldd” and the handle “@lolimfeelingevil,” maintaining a Telegram channel called Blockchain enemies, where he discussed his activities. Reports indicate that some victims, such as one from California, lost more than $1 million, while another from Virginia lost over $900,000.
So far, over 70 victims have been interviewed in this case, with estimates suggesting a total victim count close to 100. Law enforcement has managed to recover around $105,000 in cash and approximately $400,000 in cryptocurrency, though much of the stolen money has been laundered, complicating recovery efforts.
The investigation included collaboration with Coinbase, which provided internal data and assistance in tracking the stolen funds. The Brooklyn District Attorney’s Virtual Currency Unit, alongside independent blockchain investigator ZachXBT, played a crucial role in this effort. ZachXBT’s insights were instrumental after he was contacted by a victim who had lost $6 million.
In response to the indictment, Coinbase has emphasized its commitment to pursuing scammers targeting its users. CEO Brian Armstrong made a public statement highlighting the company’s ongoing efforts to combat impersonation and social engineering tactics. The case underscores the vulnerabilities that exist in offchain interactions, reaffirming that social engineering attacks can bypass more sophisticated onchain defenses.
This indictment follows a tumultuous year for Coinbase concerning security issues. Recent reports indicate that users lost over $65 million to social engineering scams in a two-month span earlier this year. Additionally, in May, the company disclosed a significant data breach affecting nearly 70,000 users, resulting from criminals bribing overseas support staff, with estimated losses reaching up to $400 million.
Prosecutors disclosed that Spektor had plans to leave the United States prior to his arrest, and legal documents suggest that his father is now being considered an “active suspect” in connection with the scheme. Spektor has pleaded not guilty, with his attorney describing the charges as “speculative.”
As the case progresses through New York’s criminal courts, prosecutors will attempt to forge a cohesive evidentiary trail by connecting onchain activity, communications records, and victim testimonies. While law enforcement has recovered only a fraction of the stolen funds, efforts to trace the assets are ongoing, highlighting the persistent challenges in recovering losses from such sophisticated fraud schemes.
