Chirag Tomar, a 30-year-old citizen of the Republic of India, appeared before U.S. Magistrate Judge Susan C. Rodriguez today and pleaded guilty to federal charges for orchestrating a sophisticated spoofing scheme that defrauded victims of more than $37 million.
Dena J. King, U.S. Attorney for the Western District of North Carolina, and Jason Byrnes, Special Agent in Charge of the United States Secret Service, Charlotte Field Office, made the announcement.
Elaborate Spoofing Scheme Unveiled
According to court documents and today’s plea hearing, Tomar and his co-conspirators initiated the fraudulent scheme in June 2021.
They targeted hundreds of victims worldwide, including individuals in the Western District of North Carolina, by spoofing the Coinbase Pro website. Coinbase, a leading virtual currency exchange, allows users to buy, sell, and trade cryptocurrencies.
The fraudsters created a fake URL, CoinbasePro.Com, which closely mimicked the legitimate Pro.Coinbase.Com site.
ANYRUN malware sandbox’s 8th Birthday Special Offer: Grab 6 Months of Free Service
Unsuspecting users were deceived into entering their login credentials, which were then used to access their real Coinbase accounts.
The fraudsters employed various tactics to gain control of victims’ accounts, including tricking users into providing their two-factor authentication codes over the phone and using remote desktop software to access victims’ computers.
Once inside the accounts, the fraudsters swiftly transferred the cryptocurrency holdings to wallets under their control.
Victims’ Cryptocurrency Holdings Stolen
One notable incident involved a victim from the Western District of North Carolina who, in February 2022, attempted to log into his Coinbase account through the fraudulent website.
The spoof site notified the victim that his account was locked and prompted him to call a fake Coinbase representative.
The victim was then tricked into providing his two-factor authentication information, allowing the fraudsters to steal over $240,000 worth of cryptocurrency from his account.
Tomar admitted in court that he controlled several cryptocurrency wallets that received hundreds of transactions of stolen cryptocurrency, totaling tens of millions of dollars.
He quickly converted the stolen funds into other forms of cryptocurrency or moved them among various wallets.
Ultimately, the cryptocurrency was converted into cash and distributed among Tomar and his co-conspirators.
Court documents revealed that Tomar used the stolen funds to finance a lavish lifestyle.
He purchased luxury items, including Rolex watches and high-end vehicles like Lamborghinis and Porsches. Additionally, he funded extravagant trips to destinations such as Dubai and Thailand.
Tomar pleaded guilty to wire fraud conspiracy, a charge with a maximum sentence of 20 years in prison and a $250,000 fine.
A sentencing date has not yet been set.
U.S. Attorney King commended the U.S. Secret Service for their diligent investigation and thanked the FBI in Nashville for their invaluable assistance.
Assistant U.S. Attorney Matthew T. Warren of the U.S. Attorney’s Office in Charlotte prosecutes the case.
Free Webinar on Live API Attack Simulation: Book Your Seat | Start protecting your APIs from hackers