The great $386 million Bitcoin heist: Inside the minds of the young masterminds
‘Psychological priming’: How fake Google employees scammed Bitcoin owner
It’s the kind of story you’d expect from a Hollywood thriller, except it’s all too real.
Meet Malone Lam, a 20-year-old from Singapore who masterminded one of the largest person-to-person cryptocurrency heists in history.
By August 2024, he and his partner-in-crime, Jeandiel Serrano, had scammed an anonymous crypto investor out of 4,100 Bitcoin (BTC) — worth $385.9 million as of January 2, 2025.
What Malone did next
He went on a supercar shopping spree, acquiring a fleet of 31 luxury rides, and hosted parties at big clubs in the US.
Lam has been described as a modern-day "Robinhood".
How did he pull off a heist of this magnitude? Let’s break it down:
Step 1: The “Unauthorised Access” bait
It all started with a seemingly harmless email. Malone and Jeandiel triggered an “unauthorised Google account access” alert to be sent to the victim.
This wasn’t just phishing — it was psychological priming.
Step 2: Enter the fake Google employee
A few days later, Malone played the part of a concerned Google representative. In a series of calls, he convinced the victim that his account was at risk and gained their trust. It was a classic move: exploit panic and offer help.
Step 3: Cracking the crypto safe on Google Drive
The trust Malone built paved the way for the next stage. Using information gleaned from these calls, he accessed the victim’s Google Drive, where crucial personal details were stored — including information about the victim’s crypto holdings on Gemini, a major exchange.
Step 4: The “Gemini employee” gambit
Now it was Jeandiel’s turn to shine. Posing as a Gemini representative, he called the victim with a simple yet sinister plan.
Under the guise of safeguarding their funds, he convinced the victim to download software purportedly designed to protect their crypto.
In reality, this was malware that gave the scammers full access to the victim’s assets.
The aftermath: Living large, briefly
With the stolen crypto in their hands, Malone wasted no time flaunting his newfound fortune.
His purchase of 31 supercars became the stuff of legend—an audacious display of wealth that only served to hasten his downfall.
When they were arrested in September (Malone Lam in Florida and Jeandiel Serrano in Los Angeles), their short-lived crypto empire crumbled around them.
Lessons from the heist
While this tale might seem extraordinary, it highlights some critical cybersecurity lessons:
Beware of unsolicited calls or emails: No legitimate company will ask for sensitive information over the phone.
Secure your data: Avoid storing private keys or sensitive crypto information in cloud storage.
Use multi-factor authentication (MFA): Always enable MFA for added account protection.
Think before you click: Be cautious about downloading software or clicking links from unknown sources.
Psychological priming is a technique in psychology where exposure to a specific stimulus influences a person’s response to a subsequent stimulus, often without their conscious awareness. It occurs when prior experiences or environmental cues subtly "prime" the brain to perceive, think, or behave in a certain way.
A heist for the history books
Malone Lam’s story is a cautionary tale about the lengths scammers will go to exploit human psychology and technology. While he may have bought 31 supercars, his joyrides were short-lived.
As the crypto world grows, so do the schemes—stay vigilant, and don’t let the next heist have your name on it.
How 2 scammers pulled off a $385.9 million crypto theft
Here’s where the con took a sinister twist:
Jeandiel Serrano, playing the role of a smooth-talking Gemini employee, made his move and calmly assured the victim that their crypto holdings were at risk and urgently needed protection.
The solution? A piece of software, deceptively presented as a “shield” for their assets.
Little did the victim know, this “protective software” was a Trojan horse.
Once installed, it silently handed over access to the victim’s private keys — crypto’s equivalent of the combination to a bank vault.
And just like that, the scammers drained the vault.
In a blink, 4,100 bitcoins vanished, worth $230 million at the time but a staggering $385.9 million by today’s Bitcoin valuation.
It wasn’t just theft — it was larceny on a grand digital scale.
Covering their tracks
But these weren’t amateurs; Malone Lam and Jeandiel Serrano knew the game wasn’t over.
To cover their tracks, they orchestrated an elaborate laundering operation, sending the stolen funds through a labyrinth of crypto exchanges and mixing services.
Their goal? Bury any trace of the loot.
For a brief, audacious moment, the duo believed they had pulled off the perfect crime. But the digital underworld has its own rules, and the net was closing in.
A professor’s take Alan (Thian Seng) Go, a Singapore-based educator and associate professor, rued on LinkedIn how “talent without integrity breeds fraud”. He blames society’s “obsession” with quick success. “It is both saddening and thought-provoking to see such immense digital capabilities misused. This young individual clearly possessed significant skills, yet instead of creating value, he chose a path of deception. “His actions may reflect societal pressures that glorify shortcuts to success — where wealth accumulation and rapid career advancement are often seen as the ultimate measures of achievement.”
What's next for Lam and Serrano
Lam and Serrano, charged with conspiracy to steal and launder cryptocurrency, face trials in Florida and California.
If convicted, they risk severe penalties, including hefty prison time and asset forfeiture.
Authorities, tight-lipped on the details, hint this case is part of a larger crackdown on an elusive network of crypto thieves.
Sign up for the Daily Briefing
Get the latest news and updates straight to your inbox
