US Increases Reward for Capture of OneCoin Founder Ruja Ignatova

Ignatova is still at large, but Bulgaria’s Acting Prosecutor General Borislav Sarafov announced that she will be charged in absentia in Bulgaria.

The United States has increased the reward to $5 million for any information leading to the arrest and conviction of Ruja Ignatova, the founder of the OneCoin scam. She has been on the FBI's most wanted list since 2022. Meanwhile, deep fake frauds are projected to cost the crypto industry more than $25 billion in 2024. High-profile people like Michael Saylor and Elon Musk are frequent targets of these scams. This was the case yet again when Australia's 7News YouTube channel was recently hijacked and a deep fake Elon Musk was used to scam people.

US Raises Stakes in Hunt for OneCoin Scam Leader

The United States Department of State has increased its reward for information leading to the arrest and conviction of Ruja Ignatova, the founder of OneCoin. As part of an update to the FBI’s “ten most wanted fugitives” list, the State Department’s Transnational Organized Crime Rewards Program has announced a $5 million reward for information that results in Ignatova’s arrest and conviction. 

Ignatova on the FBI’s most wanted list (Source: FBI)

Ignatova was last confirmed to be in Athens in October of 2017. She was added to the FBI’s top ten list back in June 2022, and the initial reward for any information about Ignatova was $100,000. It was later increased to $250,000 in 2023.  

She is still at large, but the FBI has shared with the public that Ignatova has a German passport and may have changed her appearance through plastic surgery.

In 2017, U.S. authorities charged Ignatova with fraud and money laundering, and issued a federal warrant for her arrest. On June 26, in a joint statement with U.S. Ambassador to Bulgaria Kenneth Merten, Bulgaria’s Acting Prosecutor General Borislav Sarafov announced that Ignatova would be charged in absentia in Bulgaria. 

Several people who were involved in the OneCoin scheme have been prosecuted in the U.S., including Ignatova’s boyfriend Gilbert Armenta, lawyer Mark Scott, former head of legal and compliance Irina Dilkinska, co-founder Karl Sebastian Greenwood, and William Morro.

Ignatova’s brother, Konstantin Ignatov, pleaded guilty to fraud and money laundering charges in 2019 related to his role in the OneCoin scheme. He was released in March 2024 after serving 34 months in prison.

Deep Fake Fraud Costs Crypto Industry Billions

Although OneCoin is out of the picture, there are still plenty of other scammers wreaking havoc on the crypto community.

Crypto losses due to deep fake tricks and scams are projected to surpass $25 billion in 2024, more than doubling last year's losses, according to Bitget Research. The crypto exchange reported a 245% increase in deep fakes globally in 2024. 

Financial losses from crypto-related deepfakes with forecasted value for 2024 (Source: Bitget)

The countries with the most detected deep fakes in the first quarter of 2024 include China, Germany, Ukraine, the United States, Vietnam, and the United Kingdom. The crypto industry as a whole experienced a 217% increase in these deep fake scams compared to Q1 of 2023.

Bitget also revealed that deep fakes resulted in $6.3 billion in crypto losses in the first quarter alone. The exchange now projects that losses could hit $10 billion per quarter by 2025. 

Interestingly, the tactics used by deep fake fraudsters have stayed relatively consistent, typically involving fake projects, phishing attacks, and Ponzi schemes to gain the trust of crypto investors. These methods have accounted for more than half of all deep fake-related crypto losses over the past two years. Fraudsters often impersonate influential figures to create an illusion of credibility, leading to bigger investments from victims without thorough due diligence.

MicroStrategy executive chairman Michael Saylor has been a frequent target of these scams. He revealed that his team removes around 80 AI-generated fake videos of him every day. The deep fakes of Saylor usually promote Bitcoin-related scams. 

Besides crypto scams, deep fakes are also used for cyber extortion, identity and impersonation fraud, and market manipulation. Shockingly, Bitget predicts that without effective countermeasures, deep fakes could be involved in 70% of crypto crimes by 2026.

Bitget Research chief analyst Ryan Lee also touched on the increasing use of fake photos, videos, and audio to influence victims. One immediate concern is AI-backed voice impersonators, which scammers use to call victims pretending to be their relatives and request money. Another concern is deep fakes bypassing Know Your Customer (KYC) measures to access user funds.

Lee believes exchanges need to place much more focus on improving their 'Proof of Life' features in KYC systems to confirm that users are actually real people. 

AI-Faked Elon Musk Used in 7News YouTube Hack

The YouTube news channel of Australia's Seven Network was recently hijacked by crypto scammers, featuring videos of a deep fake Elon Musk promoting a crypto scam. The 7News channel was rebranded to resemble Tesla, displaying an AI-generated Musk promising to double any crypto sent to a specific address. 

Links to the 7News YouTube channel were broken, but the hijacked channel kept its verification tick. A Seven spokesperson informed the Sydney Morning Herald that the company was aware of the issue and was working with YouTube to resolve it. 

The scammers shared a website asking for Bitcoin (BTC), Ether (ETH), Solana (SOL), and Dogecoin (DOGE).

Interestingly, Musk is a frequent target for scams like these. In fact, earlier this month, more than 35 YouTube live streams featured fake Musks timed with SpaceX’s Starship rocket launch. Additionally, Hong Kong’s securities regulator recently shut down a firm using AI-faked Musk videos to promote an AI crypto trading service.

Social Engineering Behind CoinStats Hack

Meanwhile, CoinStats revealed that the recent hack of 1,590 crypto wallets was executed by compromising a CoinStats employee. On June 22, CoinStats temporarily suspended its services after detecting an active attack on its wallets. Luckily, their quick response limited the hacker's access to only 1.3% of all CoinStats wallets, which resulted in a loss of $2 million

Five days later, on June 26, CoinStats CEO Narek Gevorgyan shared the findings of an internal investigation, and revealed that their AWS infrastructure was hacked. Evidence suggests the hack happened through social engineering, where an employee was manipulated into downloading malicious software onto their work computer.

Although Gevorgyan did not explicitly promise refunds for all victims, the company plans to support the victims of the hack and will provide a detailed plan of action after a thorough post-mortem analysis. Some community members reported large losses due to the breach. One victim was Blurr.eth, who allegedly lost 3,657 Maker tokens that are valued at close to $8.7 million.

Security breaches have become a very serious and growing concern among crypto service providers. On June 5, CoinGecko suffered a data breach through its third-party email management platform GetResponse. Similar to the CoinStats hack, the breach at CoinGecko happened because of a compromised employee account. The compromised data included users’ names, email addresses, IP addresses, location of email opens, and other metadata like sign-up dates and subscription plans.