On-chain investigation reveals: Canadian scam gang that defrauded $2 million in one year comes to light

TestnetNomad · 2026-01-19T09:09:12+00:00

A Canadian scam gang has stolen over $2 million in cryptocurrency assets in the past year by impersonating exchange customer service and using social engineering tactics. The gang deceives users by claiming account anomalies to obtain credentials, then splurges the funds on luxury consumption. Although law enforcement may have clues, the low prosecution rate increases the risk of similar crimes. Users need to enhance their security awareness to prevent such scams.

TestnetNomad

2026-01-19 09:09:12

Abstract generation in progress

According to a recent investigation report disclosed by on-chain detective ZachXBT, a scam group in Canada has stolen over $2 million worth of crypto assets in the past 12 months through social engineering tactics. Led by Haby (Havard), this hacker organization specializes in impersonating customer service representatives of major exchanges to trick users into revealing private keys and account control.

Scam Methods and Fund Flows

The investigation shows that the group’s scam process is carefully designed: first, they contact victims by impersonating customer service, using reasons such as account anomalies or security verification to deceive users into providing login credentials, thereby gaining control of exchange accounts and transferring assets. The stolen funds are then spent on high-consumption activities such as purchasing rare social media usernames, nightclub expenses, and gambling—typical of the “quick cash + luxury spending” pattern.

Tracking and Law Enforcement Challenges

ZachXBT’s open-source intelligence (OSINT) analysis indicates that Haby’s activity locations point to the Vancouver area near Abbotsford, British Columbia, Canada. Interestingly, the hacker has recently been trading high-value Telegram usernames frequently and suddenly deleted recent account records two days ago, suggesting they may have become aware of the risks.

Although Canadian law enforcement likely has some clues, ZachXBT notes that the prosecution rate for similar scam cases in the country is generally low, providing relatively lenient space for such criminals to operate. This also highlights the practical difficulties faced in cross-border enforcement of global crypto scam cases.

User Takeaways

This case serves as a reminder that no exchange customer service will ever proactively ask for login credentials or private keys. Strengthening security awareness, using hardware wallets, and enabling two-factor authentication remain fundamental defenses against such scams.

View Original

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.