惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

月光博客
月光博客
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
N
Netflix TechBlog - Medium
大猫的无限游戏
大猫的无限游戏
爱范儿
爱范儿
Martin Fowler
Martin Fowler
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
The Register - Security
The Register - Security
IT之家
IT之家
博客园_首页
Microsoft Security Blog
Microsoft Security Blog
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
博客园 - 三生石上(FineUI控件)
I
InfoQ
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
Jina AI
Jina AI
Apple Machine Learning Research
Apple Machine Learning Research
M
MIT News - Artificial intelligence
博客园 - Franky
C
Check Point Blog
T
The Blog of Author Tim Ferriss
V
Visual Studio Blog
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
T
Tailwind CSS Blog
Recent Announcements
Recent Announcements
云风的 BLOG
云风的 BLOG
美团技术团队
The Cloudflare Blog
Y
Y Combinator Blog
H
Hackread – Cybersecurity News, Data Breaches, AI and More
MyScale Blog
MyScale Blog
The GitHub Blog
The GitHub Blog
D
DataBreaches.Net
Google DeepMind News
Google DeepMind News
V
V2EX
aimingoo的专栏
aimingoo的专栏
GbyAI
GbyAI
G
Google Developers Blog
S
SegmentFault 最新的问题
Hugging Face - Blog
Hugging Face - Blog
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
U
Unit 42
罗磊的独立博客
量子位
MongoDB | Blog
MongoDB | Blog
Last Week in AI
Last Week in AI
Stack Overflow Blog
Stack Overflow Blog
小众软件
小众软件
D
Docker
人人都是产品经理
人人都是产品经理

The Register

Shadow IT has given way to shadow AI. Enter AI-BOMs Zed team releases version 1.0 of Rust-built editor: Traditional editor and AI tool Microsoft boss tells investors the company is working to 'win back fans' What type of 'C2 on a sleep cycle' do they leave behind? Novel Chinese spy group found in critical networks in Poland, Asia NASA boss: Make Pluto A Planet Again GitHub says sorry and vows to do better as uptime slips and devs complain Age checks could turn internet into an ID checkpoint, complains Proton CEO Microsoft gives your Word documents an AI co-author you didn’t ask for Datadog digs down into GPU efficiency as AI costs soar If malware via monitor cables is a matter of national security, this might be the gadget for you Thunderbird in hand worth 2 Outlooks as fresh FOSS fave and Firefox arrive Grafana offers AI assistant for free, warns users not to go mad Right to repair champ Framework punts modular 13in laptop with Core Ultra Series 3 France's 'Secure' ID agency probes breach as crooks claim 19M records Scotland Yard can keep using live facial recognition on Londoners, say judges UK tribunal sends £2B claim accusing Microsoft of overcharging for licensing to trial Nation-states want to cause harm, not just steal cash - stop handing your cyber defenses to the cheapest contractor Murder, she wrote: Ex-FBI chief wants some ransomware crims charged with homicide Phone-to-satellite use goes into orbit, growing 25% in 8 months macOS ClickFix attacks deliver AppleScript stealers to snarf credentials, wallets Anthropic bakes memory fixes into Bun 1.1.13 as developers complain of leaks The spaghettified DBMS chart that shows Oracle's crown is slowly slipping Yet another ex-ransomware negotiator admits turning rogue after payoff from crimelords FAA grounds Blue Origin's New Glenn as it probes missed satellite delivery 'mishap' AMD's Ryzen 9 9950X3D2 Dual Edition tested: Gratuitous overkill with a price to match AI-assisted intruders pwned Vercel via OAuth abuse and a pilfered employee account Crook claims to leak 'video surveillance footage' of companies Met police trials snoop tech platform in push to cuff more London shoplifters England's school phone ban gets teeth, just in time to bite no one Adaptavist Group breach spawns imposter emails as ransomware crew claims mega-haul Panasonic creates device-locked QR codes to speed facial biometric capture Iran claims US used backdoors to knock out networking equipment during war NASA Inspector fears new spacesuits won’t be ready for Moon landing Vibe coding upstart Lovable denies data leak, cites 'intentional behavior,' then throws HackerOne under the bus Trump-branded datacenter project fails to make itself great, again World's blandest man steps down from CEO job to spend more time in tastefully appointed home Chase got a spiff of $77 million to create one job with New York datacenter Scot becomes second Scattered Spider-linked crook to plead guilty in US You too can build a nuclear battery from junk you have lying around the house Schmoozebots: study finds flattery will get AI everywhere One of Europe's sovereign cloud picks may not be so-sovereign after all New Android development tool designed for robots, not humans AI is reshaping Britain's datacenter map away from London HP's remote desktop push retreats as Anyware heads for end of life 'Invisible mouse' made a mess of PC rebuild NASA working on ‘Big Bang’ upgrade to keep the Voyagers alive for longer Indonesia’s game rating system paused amid claims it leaked developer creds and glimpses of major new titles Just like phishing for gullible humans, prompt injecting AIs is here to stay Atlassian’s new data collection policy protects rich customers while AI eats the rest Intel eases reliance on TSMC with 'Merica-made Core Series 3 processors NASA gets the ball rolling on its part in Europe's jinxed Mars rover mission Attention data hoarders: Alexa loses its Plex appeal as voice feature gets canned Locked-out iPhone user tells The Reg that Apple is scrambling to fix character flaw passcode bug Would you like fries with that terminal? Capita won disastrous UK pensions gig after acing performance checks NodeWeaver says its perpetual licensing beats VMware’s perpetual price hikes Maine to pause big bit barns as local opposition spreads If you want into Anthropic's Claude club, you may have to show ID DuckDB uses RDBMS to tackle lakehouse 'small changes' issue Iran has something America can only dream of: cheap broadband Brussels tells Google to hand rivals its search crown jewels as privacy row brews Visual Studio 18.5 lands with AI debugging at a price Git identity spoof fools Claude into giving bad code the nod McGraw Hill linked to 13.5M-record data leak Microsoft announces product it doesn't want anyone to buy Obsolete Google nag drowns out vital bar information at Swedish concert hall Cops hand Motorola £25M to keep 2000-era radios alive Server-room lock was nothing but a crock QUIC will soon be as important as TCP – but it's vastly different Nobody knows how many CVEs Anthropic's Project Glasswing has actually found Allbirds shoe company moving to AI infra is the top 20-year-old Enlightenment E16 bug finally gets patched Bad teacher bots can leave hidden marks on model students Autovista blames ransomware for service disruption Networks not ready for the challenges of AI traffic Windows takes a crash dump after one McDonald's too many French cops free mother and son after crypto kidnapping US states can't account for datacenter tax breaks. Literally Salesforce debuts Headless 360 agentic platform Fission impossible: Uncle Sam wants nuclear power in space UK told its Big Tech habit is now a national security risk UKAEA lays out roadmap to take Britain closer to fusion Waymo's self-driving cars face their toughest test yet: London The only technology that died more times than VR is AI, and that seems to have worked out Boeing soars past Airbus for the first time in years Commvault has a Ctrl+Z for rogue AI agents Nvidia slaps forehead: AI, that's what quantum needs! Oracle taps Bloom for fuel cells to support datacenter binge GitHub recalls Phabricator with preview of Stacked PRs Physicist proposes two-button calculator Amazon pays $11.5B to satisfy satellite-envy while cowering in Musk's shadow No honor among thieves as 0APT threatens rival ransomware gang Krybit NASA insiders oddly relaxed about latest budget threats Microsoft raises UK Surface prices as RAM crisis reaches the checkout OpenAI CEO Sam Altman home attack suspect charged Microsoft kills off Outlook Lite as memory costs skyrocket UK state bank considers lengthening disastrous IT program Japan going back to the future by reviving its chip industry Windows Update: Torture chamber for seldom-used PCs Japanese rocket came unglued, causing mission fail
$250M crypto-robbing gang’s dirty work guy sentenced to 6.5 years behind bars
2026-05-07 · via The Register

REG AD

Add section name here

The then-teen was told to break in and steal what the keyboard warriors couldn’t

A 20-year-old described as a cybercriminal organization’s "last resort" for cryptocurrency thefts will now serve a 78-month sentence for his role in a $250 million scheme.

Marlon Ferro, of Santa Ana, California, was a member of what prosecutors called a social engineering enterprise (SEE) consisting of at least 12 other individuals, and was tasked with traveling across the US and physically stealing what other members couldn’t through online fraud.

The gang all shared different responsibilities, but Ferro was the only one who carried out physical burglaries across the US when the methods of the crew’s remote cybercriminals failed to result in a financial reward.

REG AD

“Marlon Ferro served as the criminal enterprise’s instrument of last resort,” said US Attorney Jeanine Ferris Pirro. “When his co-conspirators couldn’t deceive victims into handing over access to their cryptocurrency or hack their way into digital accounts, they turned to Ferro to break into homes and steal hardware wallets outright. 

REG AD

“This scheme blended sophisticated online fraud with old-fashioned burglary to drain victims of millions of dollars in digital assets. Today’s sentence sends a clear message: cryptocurrency fraud is not a victimless, consequence-free crime carried out safely behind a screen – it is serious criminal conduct that will lead to federal prison.”

The FBI pinned Ferro to numerous specific thefts across the US between 2023-2025 when the SEE was operating. In total, the SEE was responsible for more than $250 million worth of cryptocurrency thefts during this period.

The earliest tale of Ferro’s work came in February 2024, when he traveled to Winnsboro, Texas, and stole a hardware cryptocurrency wallet containing roughly 100 bitcoins, then valued at more than $5 million, before laundering it through online exchanges.

He relocated to California later that year, the Justice Department stated. The move allowed him to connect with and integrate himself into the SEE’s inner circle, since some members were located in California, as well as others in Connecticut, New York, Florida, and overseas territories.

Ferro began doing the SEE’s dirty, physical work. After another member identified a potential target, Ferro traveled to New Mexico and surveilled a residence for several days, and situated an iPhone in front of the property so members of the group could also watch remotely and alert Ferro if the owner returned. 

Despite several days’ worth of surveillance, Ferro seemingly failed to spot the home security system, which captured him breaking into the premises by throwing a brick through a window.

Also on the 20-year-old’s rap sheet were details of his money laundering activities. Ferro used fraudulent ID documents belonging to a foreign national via “his KYC guy” to create a digital payment card account at what prosecutors described as “a geo-blocked platform.” Court documents named it as RedotPay, which secured some licenses to process transactions in the US and elsewhere earlier this year but it is still not allowed to offer products or services to US citizens.

This payment card account allowed SEE members to spend their stolen cryptocurrency at retail stores and nightclubs, the DoJ said. 

REG AD

Ferro alone spent more than $255,000 on designer clothing on behalf of SEE members, including multiple Hermès Birkin bags for one member’s girlfriend.

He also gathered stolen cryptocurrency from group members after the SEE’s leader, Malone Lam, was arrested in September 2024, and used those funds to pay the leader’s lawyer.

Ferro also regularly passed along messages from Lam to other group members while Lam was jailed.

He was sentenced to 78 months in prison, with three years of supervised release, and ordered to repay $2.5 million in restitution.

Lam’s gang

Each member, who according to court documents [PDF] found and built relationships with each other through online gaming platforms, brought a different specialty to the crew. 

Some took responsibility for voice phishing and “database hacking,” while others looked after money laundering, among varied tasks. At least two members were involved in more than one of these operations.

The superseding indictment alleged that the SEE comprised three hackers who compromised websites and servers to gather cryptocurrency-related databases, as well as two “organizers” who also helped identify potential targets.

REG AD

Six members worked as “callers,” the individuals carrying out voice phishing attacks, attempting to convince targets they were helping to secure their accounts against cyberattack. Money launderers, of which the SEE had at least eight, including Ferro, worked to exchange stolen cryptocurrency and other goods into fiat currency through bulk cash or wire transfer.

The launderers also helped procure luxury services for group members, such as exotic car purchases, private jet rentals, international vacations, or shipping the bulk cash across the US, the Justice Department alleged. ®