European law enforcement authorities have arrested five suspects in connection with a “elaborate” online investment fraud scheme that stole more than 100 million euros from more than 100 casualties in France, Germany, Italy and Spain.
According to Eurojust, the coordinated action saw searches in Italy, Romania and Bulgaria in five locations, Spain and Portugal. Bank accounts and other financial assets related to cybercrime rings have been frozen.
The main perpetrators behind the business have been accused of massive fraud and money laundering by running an online investment platform for several years, and asserting that unsuspecting individuals should let go of their funds by pledging high returns on investments in various cryptocurrencies.
Once the deposit was created, the funds were transferred to a Lithuanian bank account and washed. Victims who tried to withdraw their assets from the platform were asked to pay an additional fee, and the websites used to commit fraud have since disappeared.
Many judicial and law enforcement agencies in Bulgaria, Italy, Lithuania, Portugal, Romania and Spain participated in investigating fraud schemes.
“The scam has been running since at least 2018, covering 23 different countries, for example as areas used to divert the revenues of fraud, or as locations on which the victims are based,” Eurojust coordinated the initiative with support from Europol.
According to the US Federal Trade Commission (FTC), Americans lost a record $12.5 billion in fraud in 2024, up 25% from the previous year, with investment fraud reaching $5.7 billion, reaching $4.6 billion in 2023 and $3.8 billion in 2022.
“The majority (79%) of those who reported investment-related fraud lost their money with a median loss of more than $9,000,” the FTC said. “People lost over $3 billion in scams that started online, compared to around $1.9 billion in ‘traditional’ communication methods, such as phone calls, texts, and emails. ”
The disclosure is because Chain Dialysis revealed how Venus protocol users were targeted on September 2, 2025 in a social engineering attack, and how early detection and Swift action allowed the recovery of stolen funds worth around $13 million.
“The attack was rooted in social engineering. The malicious actors used compromised Zoom clients to gain system access,” Chainalysis said.
Image source: Chain melting
“After infiltrating the victim’s machine, the attacker manipulated the user to submit a blockchain transaction, which granted the power of attorney status to the account.
The blockchain analytics company said Venus paused the protocol within 20 minutes of the malicious transaction, effectively preventing attackers from moving the fund further. Over the next 12 hours, Venus forced liquefaction of the attacker’s wallet, collected stolen funds, and resumed full service.
“Venus has passed a governance proposal to freeze $3 million in assets still managed by attackers,” Chain Alicis said. “The attackers not only failed profits, but they actually lost $3 million as a result of the decisive action of the community.”
The crackdown on Eurojust also coincided with similar efforts by the Seoul Metropolitan Police Agency (SMPA) earlier this month, disrupting cybercrime operations.
“The operation was sophisticated. After hacking the victim’s personal information and stealing funds, the offenders impersonate agents’ employees, approach the victim’s family, collecting more personal data and preparing for additional theft.”
Source link
