A senior promoter behind the collapsed crypto platform IcomTech has been sentenced to nearly six years in federal prison for his role in a multimillion-dollar Ponzi scheme that targeted working-class, Spanish-speaking investors across the United States.

Magdaleno Mendoza was sentenced on Thursday to 71 months in prison, according to the US Attorney’s Office for the Southern District of New York.

Prosecutors said Mendoza played a central role in promoting IcomTech, a purported crypto mining and trading company that launched in mid-2018 and unraveled by the end of 2019.

IcomTech’s “Guaranteed Returns” Masked Classic MLM-Style Crypto Ponzi

IcomTech promised investors guaranteed daily returns from cryptocurrency mining and trading.

In reality, the operation functioned as a classic multi-level marketing Ponzi scheme, using funds from new investors to pay earlier participants while senior promoters diverted hundreds of thousands of dollars for personal use.

In addition to prison time, Mendoza was ordered to pay $789,218.94 in restitution and forfeit $1.5 million, along with his home in Downey, California, which prosecutors said was purchased using proceeds from the scheme.

Court filings show Mendoza was one of IcomTech’s most senior promoters and maintained close contact with founder David Carmona.

He hosted recruitment events at his own restaurant in the Los Angeles area, collecting large amounts of cash from attendees.

Crypto promoter sentenced for Ponzi scheme “IcomTech.” “Mendoza targeted Spanish-speaking investors with false promises about ‘crypto’ profits and left victims, including those here in New York, holding only losses,” said U.S. Attorney Jay Clayton.https://t.co/ZmXKRrFPBZ

— US Attorney SDNY (@SDNYnews) December 18, 2025

Promoters traveled nationwide hosting flashy expos, arriving in luxury vehicles and designer clothing, while investors were shown dashboards displaying profits they could not withdraw.

By August 2018, investors began encountering delays and excuses when attempting to cash out.

IcomTech responded by introducing a proprietary token called “Icoms,” which promoters claimed would eventually be used for payments. The token ultimately proved worthless, further compounding investor losses.

The sentencing also covered Mendoza’s illegal reentry into the United States after deportation. Prosecutors said he had been removed from the country four times, once under a false identity, and continued promoting crypto Ponzi schemes even after IcomTech collapsed.

IcomTech Mastermind Sentenced to 10 Years in Prison

Several other figures connected to IcomTech, including founder David Carmona and multiple senior promoters, have already been convicted and sentenced.

In October, Carmona, the mastermind behind IcomTech, was sentenced to 10 years in prison for conspiracy to commit wire fraud.

Gustavo Rodriguez, an IcomTech promoter, was sentenced to eight years on October 31, while David Brend received a 10-year sentence on December 2. In January, Ochoa was sentenced to five years in prison for his role in the scheme.

Between 2018 and 2019, IcomTech promised investors a 100% return every six weeks.

IcomTech promoters enacted the massive crypto scheme by attending lavish expos in luxury cars and wearing expensive clothing, giving the illusion that the sham digital asset company could offer investors financial freedom.

However, this facade began to crumble by August 2018 as investors struggled to withdraw their funds from the platform.

The post IcomTech Promoter Sentenced to Nearly Six Years in Prison Over Crypto Ponzi Scheme appeared first on Cryptonews.

Bitcoin Magazine

SEC Charges Bitcoin Miner for Duping Investors Out of $48.5 Million 

The U.S. Securities and Exchange Commission has charged Danh C. Vo, founder and CEO of bitcoin mining company VBit Technologies Corp., with defrauding investors out of $48.5 million. 

According to the SEC, Vo misused the funds for gambling, cryptocurrency purchases, and gifts to family members, while misleading investors about the operations of his business.

The complaint, filed in the U.S. District Court for the District of Delaware, alleges Vo raised over $95.6 million from approximately 6,400 investors between December 2018 and February 2022. 

He sold “hosting agreements,” which promised investors a share of profits from bitcoin mining rigs operated by VBit. Most customers chose this passive investment option rather than purchasing rigs themselves.

Vo misrepresented how many mining rigs were actually operational, effectively selling more hosting agreements than the company could support. 

“While some investors received returns, others suffered substantial losses,” the complaint stated. Vo either knew or was reckless in not knowing that the company could not meet the obligations tied to the hosting agreements.

Vo, 37, exercised complete authority over VBit, including its promotional materials, website content, and investor account information. 

The SEC said the hosting agreements qualify as securities because investors relied on Vo and VBit’s efforts to generate profits.

SEC: Family members received misappropriated funds

In addition to the misappropriation, Vo allegedly transferred $5 million to family members, including his ex-wife, mother, brother, and sister, the commission said. He reportedly left the U.S. with the remaining misappropriated funds following his divorce in November 2021. 

Several family members are named as relief defendants in the lawsuit and have consented to disgorge the funds they received, pending court approval, per the SEC.

VBit was acquired by Advanced Mining Group in 2022 and is now defunct. The action seeks disgorgement of ill-gotten gains, civil penalties, and a ban on Vo from participating in future securities offerings.

The lawsuit also comes as Congress debates federal measures to address cryptocurrency scams. A bipartisan proposal would create a dedicated task force to identify and address fraud in the digital asset sector.

The SEC said they want Vo’s alleged conduct to be a reminder that investors should carefully evaluate claims of passive income from crypto and confirm that operations are transparent and verifiable.

This post SEC Charges Bitcoin Miner for Duping Investors Out of $48.5 Million  first appeared on Bitcoin Magazine and is written by Micah Zimmerman.

A Singapore-based entrepreneur has lost a six-figure sum in cryptocurrency after unknowingly downloading malware disguised as a game-testing program.

Mark Koh, founder of victim-support organization RektSurvivor, shared details of the incident in an interview with Chinese-language outlet Lianhe Zaobao and in a LinkedIn post.

According to Koh, the scam began on Dec. 5, when he encountered a beta testing opportunity on Telegram for an online game called MetaToy.

Polished Website and Active Discord Helped Lure Victim Into Crypto Scam

Koh said he was convinced the project was legitimate due to its polished website, an active Discord server, and responsive team members.

As someone who has invested in and evaluated multiple Web3 projects, he said the setup did not initially raise red flags.

The situation changed after he downloaded MetaToy’s game launcher. Koh said the installer quietly uploaded malware onto his computer.

Although his Norton antivirus software flagged suspicious activity, Koh attempted to contain the issue by running full system scans, removing suspicious files and registries, and reinstalling Windows 11.

Despite those efforts, the damage had already been done. Within 24 hours, every software wallet connected to his Rabby and Phantom browser extensions was drained.

In total, Koh lost 14,189 USDT, or roughly 100,000 yuan, representing crypto he had accumulated over eight years.

A Singapore-based entrepreneur just lost his entire crypto stack after downloading what looked like a legit beta game.

Mark Koh joined a Telegram beta test for a game called MetaToy. The site looked real. The Discord was active. The team was responsive. So he downloaded the… pic.twitter.com/SSzwPLaW1a

— The Tech Buzz (@tbuzzdaily) December 18, 2025

Koh said the attack appeared highly targeted and urged others, particularly angel investors and developers who are more likely to download beta software, to take additional precautions.

He advised users to remove seed phrases from browser-based wallets when not actively in use and to consider using private keys instead of seed phrases to limit exposure across derivative wallets.

The fraud has been reported to Singapore police, which confirmed to Lianhe Zaobao that it has received a corresponding report.

The MetaToy incident comes amid a broader rise in malware campaigns targeting crypto users.

In October, McAfee warned that hackers were abusing GitHub repositories to keep banking malware connected to new servers.

This year has also seen fake AI tools, malicious Captchas and compromised Ethereum code extensions used to spread crypto-stealing malware.

Investor Loses $3M in Crypto Phishing Scam

In August, a cryptocurrency investor fell victim to a phishing scam, losing $3.05 million in Tether (USDT) after unknowingly signing a malicious blockchain transaction.

The loss, flagged by blockchain analytics platform Lookonchain on Wednesday, underscores the rising threat of phishing attacks targeting digital asset holders.

The attacker exploited a common habit among crypto users: validating only the first and last few characters of a wallet address while ignoring the middle.

Crypto investors lost over $2.2 billion to hacks, scams, and breaches in the first half of 2025, driven largely by wallet compromises and phishing attacks, according to CertiK’s latest security report.

Wallet breaches alone caused $1.7 billion in losses across just 34 incidents, while phishing scams accounted for over $410 million across 132 attacks.

The post Singapore Entrepreneur Loses Six Figures in Crypto to Game-Testing Scam appeared first on Cryptonews.

💾

ReversingLabs discovers 14 malicious NuGet packages, including Netherеum.All, using homoglyphs and fake downloads to steal crypto wallets and Google Ads data.

Two U.S. senators have introduced new bipartisan legislation aimed at tightening the government’s response to cryptocurrency-related fraud.

The bill follows a sharp rise in reported losses linked to investment scams that reference digital assets.

The proposal, known as the Strengthening Agency Frameworks for Enforcement of Cryptocurrency Act, or the SAFE Crypto Act, was introduced by Senator Elissa Slotkin, a Democrat from Michigan, and Senator Jerry Moran, a Republican from Kansas.

The bill seeks to create a federal task force focused on identifying, tracking, and preventing crypto-related scams while improving coordination between government agencies, law enforcement, and private-sector experts.

Crypto Scams Cost Americans $9.3B in 2024, Hitting Older Investors Hardest

The legislation comes as crypto-related scams continue to hit more Americans, with older investors particularly at risk.

The Federal Bureau of Investigation reports that U.S. residents lost around $9.3 billion to crypto investment schemes in 2024. That’s up 66% from the year before.

The FBI recorded $9.3 billion losses spread across various crypto-related investment scams, extortion, ATM and kiosks, among others, in 2024.#FBI #CryptoFraud #CryptoScamhttps://t.co/1Eb8KStAHk

— Cryptonews.com (@cryptonews) April 24, 2025

The FBI said many of these scams don’t rely on hacking crypto networks. Instead, they use tricks like social engineering, pretending to be someone else, and slowly gaining trust over time to get people to hand over their money.

U.S. Lawmakers Seek Cross-Agency Task Force to Tackle Crypto Scams

Under the SAFE Crypto Act, the Treasury Secretary would be required to establish a task force for recognizing and averting cryptocurrency scams within 180 days of the bill becoming law.

The Task Force would bring together top officials from the Treasury, the Department of Justice, the Financial Crimes Enforcement Network, the Secret Service, and other federal agencies. State and local law enforcement would also get a seat at the table.

The bill also calls for participation from digital asset service providers, stablecoin issuers, custodians, blockchain intelligence firms, consumer protection organizations, and victims’ advocacy groups.

The task force would be charged with examining trends across a wide range of crypto-related fraud, including Ponzi schemes, rug pulls, fraudulent token offerings, money laundering operations, and so-called financial grooming scams.

SAFE Crypto Act Builds on Washington’s Push to Protect Seniors From Crypto Scams

Senator Elissa Slotkin, who supports the bill, says crypto scams are getting trickier as the technology catches on, and local police just don’t have the right tools to keep up.

The legislation also emphasizes real-time collaboration between the public and private sectors to help trace and stop the flow of funds linked to scams.

It requires authorized stablecoin issuers to have the technical ability to freeze, seize, burn, or reissue digital assets tied to illegal activity, all in accordance with due process and existing laws.

The proposed task force would be mandated to meet at least three times in its first year and produce a public report for key congressional committees within that period.

Following the initial report, it would provide annual updates, and the task force would automatically disband three years after its first submission.

The SAFE Crypto Act is just one piece of a bigger push in Washington to crack down on investment scams, especially the ones that go after seniors and other people who are often targeted.

Before this, lawmakers floated the National Senior Investor Initiative Act of 2023. That bill would set up a special task force at the SEC focused on protecting older investors.

Then there’s the Fraud Prevention and Recovery Act from 2024, which tries to give the government more power to go after all kinds of fraud.

On top of that, the SEC put together a cross-border task force at the end of 2025 to deal with international securities scams hitting Americans. Clearly, people are getting more worried about fraud rings that stretch across countries.

The post SAFE Crypto Act Targets Crypto Scams After $9.3B Losses — New Federal Task Force Looms appeared first on Cryptonews.

💾

A Bitcoin investor lost his retirement savings after falling victim to a so-called “pig butchering” scam, despite repeated warnings from his advisory firm, according to a firsthand account shared by a Bitcoin wealth adviser.

Terence Michael, an author and adviser affiliated with The Bitcoin Adviser, said an unnamed client transferred his Bitcoin holdings to a scammer after being approached online by a woman posing as a trader.

The woman promised to double his Bitcoin and gradually built what appeared to be a romantic relationship, a hallmark tactic of pig butchering scams.

Bitcoin Adviser Says Client Ignored Warnings, Lost Funds to Scam

In a post shared on X, Michael said he made “numerous phone calls” and sent a “string of text messages” in an effort to stop the transfer.

The warnings went unheeded. While Michael was out to dinner, he received a message from the client confirming that the funds were gone.

“My client was falling for a pig butchering scam,” Michael wrote. “And as of last night … I received a devastating text message from him saying he had lost it all.”

Unlike traditional cyberattacks that rely on malware or direct wallet compromises, pig butchering scams depend on emotional manipulation.

I have a Bitcoin client
who just lost all his Bitcoin.

He isn't wealthy.
He finally made it to 1 BTC.
I celebrated with him over the phone.

But within days of him finally leaving Coinbase to setup a distributed multi-key security and inheritance protocol, he was approached by… pic.twitter.com/H1FK6Mbbyi

— Terence Michael (@ProofOfMoney) December 14, 2025

Victims are convinced to willingly send their assets, often after being groomed through days or weeks of conversation that blend investment advice with personal and romantic claims.

Michael said the client, who had recently divorced, went beyond sending Bitcoin. He also purchased a plane ticket for the scammer, expecting to meet her in person.

After the transfer was completed, the attacker reportedly admitted that the photos used throughout the relationship were fake and generated using artificial intelligence tools.

The case highlights the growing scale of pig butchering scams across the crypto industry. In 2024 alone, these schemes drained an estimated $5.5 billion from victims across roughly 200,000 reported cases, according to industry data.

In June, the US Department of Justice announced the seizure of more than $225 million in cryptocurrency tied to pig butchering operations, underscoring the growing enforcement response to one of crypto’s most damaging fraud trends.

AI-Driven Crypto Scams Hit $4.6B as Deepfakes Fuel New Fraud Wave

As reported, the rapid adoption of artificial intelligence is driving a new generation of crypto scams, pushing global losses to $4.6 billion in 2024, according to a 2025 Anti-Scam Research Report released on June 10.

The study, co-authored by Bitget, SlowMist, and Elliptic, found that scammers are increasingly using AI-generated deepfakes, fake video calls, and Trojan-infected job offers to deceive victims, with at least 87 AI-powered scam rings dismantled in the first quarter of 2025 alone.

The report warns that deepfake impersonations, social engineering, and Ponzi schemes disguised as DeFi or NFT projects now dominate the threat landscape.

Criminal groups are also using cross-chain bridges and obfuscation tools to launder stolen funds, complicating recovery efforts.

The post Bitcoin Adviser Reveals How Client Lost Retirement Funds to Romance Scam appeared first on Cryptonews.

A GitHub repository posing as a vulnerability scanner for CVE-2025-55182, also referred to as “React2Shell,” was exposed as…

Base co-founder Jesse Pollak is facing mounting criticism after publicly engaging with and backing activity linked to a meme token associated with rapper Soulja Boy.

The case revives long-running concerns about celebrity-driven crypto promotions and the responsibility of senior ecosystem figures.

The controversy unfolded over a sequence of posts on X in mid-December.

On December 13, Soulja Boy shared a comparison of creator payout schedules across major platforms, arguing that newer applications offered faster access to earnings than traditional social networks.

Twitch pays you once a month. TikTok pays you once a week. Favorited pays you once a day. Choose your poison wisely.

— Soulja Boy (Draco) (@souljaboy) December 13, 2025

On-Chain Research Rekindles Concerns Over Celebrity Crypto Promotions

Pollak amplified the discussion while framing Base, Coinbase’s Ethereum Layer-2 network, as an alternative monetization layer for creators.

In a direct reply to Soulja Boy, Pollak said he had just backed the rapper on Base and had “instantly earned,” describing the interaction as an example of “new internet” behavior enabled by on-chain tools.

. @baseapp pays you instantly https://t.co/0XurhOsj1H

— jesse.base.eth (@jessepollak) December 13, 2025

Although Pollak did not name or explicitly promote a specific token, many users interpreted the exchange as an endorsement of a Soulja Boy-linked meme token that had just launched on Base.

@souljaboy just backed you on @base and you instantly earned.

new internet shithttps://t.co/CQ5NCvBwXj pic.twitter.com/fmdkt8UsZy

— jesse.base.eth (@jessepollak) December 13, 2025

Developers, traders, and researchers questioned why a senior figure at a Coinbase-backed network would publicly engage with a celebrity whose crypto history has drawn repeated scrutiny.

The criticism quickly shifted from the token itself to broader concerns about trust, reputation, and showing within the Base ecosystem, which has positioned itself as a compliant, mainstream-friendly Layer-2 network.

The debate intensified after on-chain investigator ZachXBT publicly challenged Pollak’s decision to interact with Soulja Boy.

Why give SouljaBoy the platform to scam new people? https://t.co/PDxnk0Z0Za

— ZachXBT (@zachxbt) December 14, 2025

He pointed to research he published in April 2023 documenting what he described as a long pattern of exploitative crypto promotions tied to the rapper.

ZachXBT Details Pattern of Abandoned Crypto Projects Linked to Soulja Boy

According to that research, Soulja Boy was involved in at least 73 token promotions and 16 NFT launches, many of which later collapsed or were abandoned.

Why give SouljaBoy the platform to scam new people? https://t.co/PDxnk0Z0Za

— ZachXBT (@zachxbt) December 14, 2025

ZachXBT outlined several examples from past market cycles, including meme tokens such as RapDoge, which was promoted in July 2021 before quickly rug-pulling, and projects like Orion and The Life Token, which used charitable narratives before collapsing.

Beyond tokens, the investigator said Soulja Boy launched multiple NFT collections, some of which advertised future utility that never materialized.

He also referenced prior regulatory and legal issues, including SEC charges related to Tron promotions and a lawsuit connected to SafeMoon.

Growing Scrutiny Follows Base’s Rapid Rise in the Layer-2 Market

Against that backdrop, critics argued that visibility from prominent builders functions as implicit validation, particularly for new users who may not be familiar with a promoter’s history.

Supporters of open, permissionless networks countered that public blockchains do not restrict who can deploy tokens or participate, and that engagement does not necessarily equate to endorsement.

The episode arrives at a sensitive moment for Base.

According to L2beat data, Base is currently the second-largest Layer-2 network by total value locked, with approximately $12.66 billion, trailing only Arbitrum.

Its rapid growth has positioned it as one of the most visible scaling layers in the Ethereum ecosystem, increasing scrutiny around how senior figures communicate publicly.

The backlash also reflects a broader pattern in crypto discourse.

In recent months, ZachXBT has repeatedly surfaced in high-profile cases involving alleged misconduct, including claims tied to celebrity NFT launches, suspected large-scale hacks, and the exposure of organized fraud networks.

These episodes have fueled recurring debates about due diligence, accountability, and the role of influence in shaping on-chain behavior.

The post Base Co-Founder Draws Fire After Backing Soulja Boy’s Token Despite Repeated Scam Claims appeared first on Cryptonews.

A new malware called PyStoreRAT is being through fake OSINT tools on GitHub targeting IT and OSINT pros. Read Morphisec's report detailing how it uses AI and evades security.

Phishing campaign: Scammers sent over 40,000 spoofed SharePoint, DocuSign and e-sign emails to companies, hiding malicious links behind trusted redirect services.

Bitdefender researchers warn that the torrent for Leonardo DiCaprio’s One Battle After Another is a trap deploying Agent Tesla malware. Learn how the fileless LOTL attack targets unsuspecting Windows users.

Binance co-CEO Yi He’s old WeChat account was hacked on Dec. 9, allowing scammers to push a memecoin called MUBARA in a coordinated pump-and-dump. Binance co-CEO Yi He, newly appointed to serve alongside Richard Teng, became the target of a…

Ad fraud networks use bots, deepfakes and spoofed traffic to drain PPC budgets. This report shows how fake clicks distort performance data.

Europol and Eurojust led a massive international police operation that successfully dismantled a crypto fraud network that laundered over €700M using deepfake ads.

SimpleX Chat’s X account hacked to promote fake crypto site urging users to connect wallets. Site mimicked official design to steal funds.

Infoblox Threat Intel reports a campaign that used the Evilginx phishing kit to bypass Multi-Factor Authentication (MFA) and steal credentials from 18 US universities between April and November 2025.

Cleafy analysis reveals Albiriox, a new Android Malware-as-a-Service (MaaS) RAT that targets over 400 global banking and crypto apps. Learn how ODF fraud enables full device takeover.

Cybersecurity researchers have uncovered a critical ChatGPT Atlas browser attack, confirming the danger of the ongoing surge in the ClickFix threat.

CloudSEK found over 2,000 fake sites impersonating Amazon and top brands before Cyber Monday and Black Friday. Learn the key fraud signs now to stay safe.

Trustwave SpiderLabs warns of Eternidade Stealer, a new banking trojan spreading via personalised WhatsApp messages. Find out how this malicious software bypasses security checks and deploys fake login screens for major banks and wallets.