In an operation against a large-scale cryptocurrency fraud in Argentina, 24 people were detained across the country and a total of over 8 million USDT digital assets were seized. The Argentine prosecutor’s office announced that this investigation, carried out in different regions, stands out as one of the most comprehensive cryptocurrency operations in the country.
First findings from the operation
Authorities raided 90 different addresses simultaneously on May 31, within the scope of the operation called “Fake Coin”. At the center of the incident were three separate fraud networks targeting citizens with fake investment opportunities distributed via WhatsApp and WhatsApp Business. Within the scope of the investigation, losses amounting to approximately 3 billion Argentine pesos were detected; 60 million pesos in cash and 80 technology devices were also seized.
According to authorities, these networks developed fake applications and platforms disguised as legitimate financial institutions that promised high returns to the user. While the users directed by the suspects deposited money for so-called investment purposes, in fact every stage was part of the fraud.
Fraud methods and three separate structures detected
It was determined that three separate fraud models revealed within the scope of the investigation used technically different methods. The first network recruited investors through a fake investment application published on the Google Play Store. The app was run by unlicensed advisors, and users regularly transferred money under the guise of “investments.”
The second criminal group mainly committed fraud by taking over WhatsApp accounts and phishing on behalf of the victims with these accounts. The money obtained here was converted into USDT through Binance’s peer-to-peer (P2P) market and transferred to wallets abroad, especially in Venezuela.
Authorities traced more than 100 WhatsApp activation codes during the operation. It was stated that these codes play an important role in fraudsters reaching and communicating with victims.
The largest digital asset seizure took place in the third criminal organization based in San Isidro. The prosecutor’s office announced that malicious software known as “infostealer”, hidden in pirated software and stealing passwords and bank information, was used here.
Mini dictionary: Infostealer is a type of malicious software that steals user passwords and banking information after infecting computers. It is often used in fraud to gain access to victims’ digital assets.
Legal process and data obtained
While more than 8 million USDT of crypto assets were seized within the scope of the investigation, it was stated that this amount exceeded the amount seized in the RainbowEx case, which had a public impact in 2024. During this period, it was reported that crypto asset service providers cooperated with the police and played an important role in the seizure of digital assets. However, the authorities did not disclose the names of all the companies they collaborated with.
Various accusations were made against the suspects, such as qualified fraud, money laundering, membership in a criminal organization and violation of intellectual property rights. The court process is currently ongoing. Whether the seized funds will be used to compensate the victims will become clear during the judicial process.
“Thanks to digital monitoring and blockchain analysis carried out during the operation, it was determined step by step to which addresses the stolen funds were transferred. According to the data obtained, it was revealed that these three networks were trying to hide their traces by using different crypto wallets.”
