India’s Directorate of Enforcement (ED) has filed formal charges against eight individuals and entities for orchestrating an elaborate phishing scam that netted over $20 million in cryptocurrency by impersonating the popular exchange Coinbase. The case highlights growing cross-border cooperation against crypto-related cybercrime.
The operation, according to the ED, involved a fake website that perfectly mimicked the official Coinbase platform. Unsuspecting users entered their login credentials and two-factor authentication (2FA) codes, which were then harvested by the attackers. The stolen funds were moved through a series of intermediary wallets to disguise their origin, before being converted into Indian rupees through peer-to-peer transactions.
As part of its probe, the ED provisionally attached assets worth Rs 64.55 crore (approximately $6.8 million), freezing both movable and immovable properties linked to the accused. The investigation was triggered by evidence received from U.S. law enforcement via a Mutual Legal Assistance Treaty (MLAT). Key conspirator Chirag Tomar was previously sentenced in the United States to 60 months in prison followed by supervised release.
The indictments signal that authorities are increasingly capable of tracing stolen crypto and prosecuting offenders internationally, while also reminding users to carefully verify website URLs, use hardware wallets, and enable advanced security features.
