5 Minutes
Guilty plea in a $13 million crypto impersonation scheme
A Canadian man has admitted to laundering proceeds from an impersonation-driven cryptocurrency fraud that reportedly resulted in more than $13 million in stolen Bitcoin. U.S. prosecutors say the operation relied on social engineering rather than software exploits, and they are seeking a prison term of up to 63 months as part of a plea agreement that includes cooperation with investigators.
Case details: charges, defendants and the method
According to U.S. court records, 20-year-old Trenton Richard Johnston pleaded guilty to conspiracy to commit money laundering after being accused of working with co-conspirators who impersonated employees of major tech and crypto firms, including Google and hardware wallet provider Trezor. Prosecutors say the group used persuasive phone and email tactics to convince victims that their accounts were compromised, then obtained access to victims’ cryptocurrency wallets.
How the scams worked
Federal filings indicate the scheme began in January 2024 and centered on social engineering: the attackers phoned or messaged victims, impersonated trusted support personnel, and directed victims to transfer funds or reveal recovery information. In one example cited by prosecutors, Johnston allegedly duped a victim into believing their Google and Coinbase accounts had been breached, leading to the theft of roughly $41,000 worth of Ether. In a separate, far larger incident, the scammers reportedly persuaded a California resident that someone was trying to access their wallet, then drained an account of approximately $13 million in Bitcoin.
Proceeds and spending: luxury lifestyle traced to stolen funds
Prosecutors say a portion of the illicit proceeds funded an extravagant lifestyle across Miami and Los Angeles. Court documents claim around $1.2 million was spent within a two-month window on high-end purchases and services, including luxury vehicles, jewelry, private jet flights, and upscale rental properties.
Co-conspirator involvement and asset purchases
Investigators allege Johnston worked with individuals who facilitated the purchase and rental of exotic cars. One collaborator, exotic car rental owner Brandon Tardibone, has also pleaded guilty to money laundering charges. Prosecutors say the defendants bought or rented vehicles such as a Lamborghini Aventador SVJ and several BMWs, and used stolen funds for private jet charters and a rental property in North Miami to host guests.
Investigation, seizure and restitution
Authorities ultimately linked Johnston to the fraud after a March traffic stop. While he was driving a Rolls-Royce, investigators confiscated electronic devices and handwritten notes that prosecutors say tied him to the impersonation ring. As part of the resolution, Johnston surrendered approximately 53.16 Bitcoin and 275.23 Ether — assets that prosecutors value at about $3.7 million at current market prices.
Sentencing recommendations
Federal prosecutors have recommended a custodial sentence in the range of 51 to 63 months and sought dismissal of separate wire fraud counts under the plea agreement. Tardibone faces a recommended prison term between 27 and 33 months according to court filings.
Wider industry context: social engineering remains a top crypto risk
Security experts note this case underscores a broader trend: many of the largest crypto thefts are now enabled by human manipulation rather than cryptographic or software vulnerabilities. Deddy Lavid, CEO and co-founder of Cyvers, told reporters that attackers exploit trust and urgency to push victims into irreversible blockchain transactions. Once funds move on-chain, reversing transfers is often impossible or impractical.
Patterns across multiple investigations
Independent blockchain researchers have documented similar impersonation scams. In one December probe, investigator ZachXBT exposed a Canadian actor who allegedly bilked victims of more than $2 million by posing as Coinbase support; the suspect reportedly spent proceeds on gambling, collectibles and other conspicuous purchases while attempting to mask their identity. ZachXBT’s analysis also estimated that social engineering targeting Coinbase users accounted for at least $65 million in losses between December 2024 and January 2025, and highlighted other multi-million-dollar cases involving attackers impersonating exchange staff.
Prevention and what the industry needs to do
Experts argue that user education, while essential, is insufficient on its own. Lavid and other security leaders recommend that cryptocurrency exchanges, custodians, wallet providers and banks implement proactive monitoring systems capable of detecting suspicious behavior and laundering patterns in real time before funds exit customer accounts. Those systems should combine transaction analytics, behavioral modelling, and stronger customer authentication to reduce successful social engineering attacks.
As the Johnston case demonstrates, attackers are willing to convert stolen crypto quickly into luxury goods and travel, making rapid detection and cross-border cooperation critical. Law enforcement recoveries — including seized devices, surrendered crypto, and criminal prosecutions — remain important deterrents, but preventing the initial account compromise is the more effective route to cutting losses for retail and institutional crypto users alike.
Source: crypto
Comments
datapulse
wow $13M gone from phone scams? unbelievable. They blew cash on cars, jets, jewelry, like instant flex. some seized crypto helps, but victims??
Leave a Comment