European law enforcement agencies coordinated a massive operation that exposed a criminal empire worth over €700 million ($815 million) that affected thousands of victims all over various jurisdictions.
Europol disclosed the takedown of the sophisticated crypto fraud syndicate that managed a good number of fake digital assets’ platforms. The scammers’ scheme was highly effective. They advertised online with promises of high returns on crypto investments. Once victims showed interest, the pressure campaign began.
The mechanics of a modern scam
The fraud operation was anything but simple. Scammers showed victims inflated returns on their supposed investments. This created artificial confidence and encouraged people to invest even more money. The psychology was deliberate and devastating.
Once victims transferred their cryptocurrency, the funds vanished. The stolen funds passed through “mixing” protocols across various blockchains as well crypto exchanges. The bad guys harnessed the anonymous nature of crypto to foster this heist.
This reliance on mixers is a hallmark of large-scale crypto crime. It’s precisely the kind of infrastructure law enforcement is now targeting globally. Just recently, in a parallel operation, Europol and Swiss police dismantled a dark web cryptomixer that had processed a staggering $1.4 billion (it shows a clear strategy to attack the financial backbone of these syndicates).
The investigation this time around reached across eight nations and fished out a fraud group that worked with several schemes; every platform ran simultaneously. The financial infrastructure was sophisticated and stretched across all of Europe.
The operation unfolded in two distinct phases. The first phase resulted in nine arrests of individuals directly associated with the fraud network. Authorities confiscated over $1.8 million in cash, cryptocurrency, and online accounts. That’s just what they could immediately seize.
The second phase targeted something equally important but less obvious. Law enforcement went after the marketing infrastructure that supported the entire fraud ecosystem.
Fake ads and deepfake deception
The bad actors promoted advertisements created to look like top media organizations, celebrities and politicians. Most of these advertisements included deepfake video footage. Digital videos created using Artificial Intelligence, created the appearance that respected members of the community were promoting fraudulent cryptocurrency companies.
Europol has characterized this type of fraud as a global problem and one that has grown rapidly in the past few years. This highlights a critical need for public awareness, particularly among those most susceptible to sophisticated online impersonation and financial coercion.
Law enforcement agencies in Belgium, Bulgaria, Germany, and Israel carried out numerous searches. They targeted companies that had previously offered affiliate marketing services to the fraud network.
The marketing firms that assisted criminals in this scheme revealed that criminals had incorrectly transferred substantial amounts of money through cryptocurrency exchanges. Criminals took full advantage of the anonymity created by cryptocurrency using blockchain technology.
The use of private cryptocurrencies is not criminal in itself, those who understand how the system operates can use it as a tool to facilitate money laundering.
Mobile devices vulnerable due to hardware problems
Researchers recently discovered an issue with multiple Android phones, including the Solana Seeker phone, which calls itself a safe place to store digital currency. Experts at Ledger Donjon discovered that the MediaTek Dimensity 7300 processor can be compromised through hardware attacks, not just malware.
The researchers used electromagnetic fault injection, which sends precise electromagnetic pulses to disrupt the chip’s security. They achieved total control of devices using this method. The attack success rate sits between 0.1% and 1%, meaning full compromise takes just minutes of trying.
Ledger’s CTO Charles Guillement noted they informed MediaTek about the findings back in May 2025. MediaTek responded that hardware attacks are out of scope for consumer chipsets, stating that products with higher security requirements should use appropriate countermeasures.
The Solana Seeker smartphone is advertised as offering institutional-grade cold storage for digital assets. The security researchers emphasized that smartphones can be lost or stolen, making hardware attacks a real threat.
They concluded that true security should rely on dedicated Secure Elements, especially for self-custody of crypto assets. It’s a no-brainer that for investors looking to protect their holdings from both sophisticated scams and hardware vulnerabilities, choosing a purpose-built secure hardware wallet is a critical first line of defense.
