Connecticut Crypto Phishing Sufferer to Get well Funds
Native media reported that the U.S. Lawyer’s Workplace for the District of Connecticut, working with the FBI’s New Haven Division and Connecticut State Police, filed a civil forfeiture criticism in January 2026 towards the seized funds. On March 31, 2026, the U.S. District Courtroom entered a decree of forfeiture transferring the USDT to the USA authorities.
The sufferer, recognized in court docket paperwork solely as T.M., acquired an unsolicited letter at their residence deal with in September 2025. The letter appeared to come back from “Ledger Safety and Compliance” and instructed the recipient to finish a compulsory safety evaluate of their Ledger {hardware} pockets.
T.M. adopted the letter’s directions, which gave the scammers entry to the pockets’s restoration seed phrase and management over the funds. Investigators traced the stolen property utilizing blockchain analytics. The scammers had moved the funds by way of a number of middleman wallets and transformed them into USDT, a stablecoin pegged to the U.S. greenback, in an try and obscure the path.
Blockchain information are public, and the clear transaction historical past allowed legislation enforcement brokers to observe the funds and establish holdings exceeding $600,000. The forfeiture criticism, filed as case 3:26-cv-28 within the District of Connecticut, alleged the USDT represented proceeds of wire fraud and was related to cash laundering violations.
Civil forfeiture allowed prosecutors to behave with out figuring out or criminally charging the perpetrators, who’re believed to be abroad. Interim U.S. Lawyer David X. Sullivan acknowledged that criminals shouldn’t anticipate to carry onto stolen proceeds. FBI Particular Agent in Cost P.J. O’Brien credited the joint effort between federal and state investigators in tracing and securing the funds.
The recovered USDT will likely be returned to T.M. by way of the Division of Justice’s asset administration course of, overseen by the Cash Laundering and Asset Restoration Part. The physical-mail phishing tactic used towards T.M. has focused Ledger clients since at the very least 2021.
Scammers obtained names and residential addresses from Ledger’s 2020 buyer database breach and used that data to ship professional-looking letters. The letters usually instruct recipients to enter their 24-word restoration phrase on a pretend web site or scan a QR code that routes to a malicious web page.
Ledger has persistently warned clients that it doesn’t ship direct mail requesting seed phrases or safety verification. Any letter or communication asking for a restoration phrase is a rip-off.
This case displays how federal companies are making use of blockchain evaluation to get better property in cryptocurrency fraud instances. Tether‘s cooperation in freezing and transferring seized USDT to government-controlled wallets performed a task in finishing the restoration.
FAQ 🔎
What was the Ledger phishing rip-off in Connecticut? A scammer mailed a pretend “Ledger Safety and Compliance” letter to a Connecticut resident, tricking them into surrendering their pockets’s restoration phrase and dropping roughly $234,000 in cryptocurrency. How did the FBI get better the stolen tether? Brokers used blockchain analytics to hint the stolen funds by way of a number of wallets, finding over $600,000 in USDT the scammers had transformed the property into. What’s civil forfeiture in a cryptocurrency case? Civil forfeiture lets federal prosecutors seize property tied to felony exercise with out a felony conviction, which is helpful when suspects are unidentified or positioned abroad. How can Ledger customers defend themselves from mail phishing? Ledger by no means sends unsolicited letters requesting seed phrases or safety verification, so any such letter ought to be handled as a rip-off and reported to the FBI at ic3.gov.
