Spanish law enforcement arrested five people suspected of running an international cryptocurrency investment fraud scheme that laundered more than €460 million ($542 million) from over 5,000 victims worldwide, according to a statement from Europol.
The suspects, based in Madrid and the Canary Islands, allegedly operated a global network of accomplices who collected money through cash deposits, wire transfers and cryptocurrency transactions.
According to Spain’s Guardia Civil, the criminal ring used a company based in Hong Kong, posing as a legitimate foreign-exchange investment firm, to lure victims into bogus crypto deals.
The arrests were carried out last week as part of an operation codenamed Borrelli. Authorities believe the network used a complex web of shell companies and bank accounts across multiple countries, as well as crypto exchange accounts registered under false or borrowed identities, to disguise the origin of the illicit funds.
The investigation began in 2023 and remains ongoing. Neither Europol or the Guardia Civil offered details about the scheme’s potential connections to known crime networks.
Cryptocurrency investment scams remain one of the costliest forms of online fraud globally. The FBI said Americans lost more than $5.8 billion to such schemes last year alone. Earlier in June, the U.S. Department of Justice announced efforts to recover over $225 million in cryptocurrency stolen through confidence and romance scams run out of Vietnam and the Philippines.
In May, the U.S. Treasury sanctioned Philippines-based infrastructure firm Funnull Technology Inc. for supporting hundreds of thousands of websites tied to so-called “pig butchering” scams — fraud operations that combine social engineering, fake investment pitches, and romance lures to drain victims’ crypto wallets.
Such scams are fueling a growing illicit cybercrime economy in Southeast Asia, where transnational criminal groups, shell companies, gambling networks, and scam compounds increasingly collaborate across borders.
Recorded Future
Intelligence Cloud.
No previous article
No new articles
Daryna Antoniuk
is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.
