The United States authority announced that Chirag Tomar, a 31-year-old Indian national, was sentenced to 60 months in prison for stealing over $20 million by creating fake websites mimicking the crypto exchange Coinbase. He will also serve two years of supervised release.
Dena J. King, US Attorney for the Western District of North Carolina stated that Tomar and his co-conspirators created fake URLs, copying the Coinbase Pro exchange to deceive victims. They made them think that they were using the real thing for trading in crypto.
Tomar used a fake Coinbase Pro site to steal millions
As per the release, The scheme started in June 2021 where Tomar and others spoofed hundreds of victims in stealing millions in crypto worldwide and in the United States. Spoofing involves disguising a website or email to make it appear as if it’s from a trusted source. In this case, Tomar and co-conspirators used it to defraud hundreds of crypto users.
The cybercriminals used ‘CoinbasePro.Com,’ a deceptive URL designed to look like the real Coinbase Pro site. It added that once victims entered their credentials on the fake site, fraudsters gained access to their valid Coinbase accounts through various methods. This included fake reps, remote desktop access, and phishing for 2FA codes.
The culprits even impersonated Coinbase customer service representatives and successfully tricked the users into giving in their 2FA codes to the fraudsters over the phone. Once they get access to the victims’ accounts, scammers quickly move the victims’ crypto holdings to wallets under their control.
Victim loses $240K in seconds
The court records highlighted a case from February 2022 where a victim tried to log into his Coinbase account through the fraudulent website. The spoof website notified him that his crypto account was locked and prompted him to use a phone number given to call a completely fake Coinbase representative.
The fake representative tricked the victim into getting his 2FA in order to gain access and stole $240K in crypto from their wallet instantly. After receiving the stolen crypto, the fraudster converted it to other types of digital assets. In the end, this stash was changed into cash and was distributed among all conspirators.
Tomar used the victims’ stolen log-in credentials to access the victim accounts and move crypto holdings to wallets controlled by him. He was living lavishly, purchasing luxury cars like Lamborghini, and making trips to Dubai and Thailand. He was arrested at Atlanta Airport in Dec 2023 and pleaded guilty to wire fraud conspiracy in May 2024.