Connecticut Crypto Phishing Sufferer to Recuperate Funds
Native media reported that the U.S. Legal professional’s Workplace for the District of Connecticut, working with the FBI’s New Haven Division and Connecticut State Police, filed a civil forfeiture grievance in January 2026 in opposition to the seized funds. On March 31, 2026, the U.S. District Court docket entered a decree of forfeiture transferring the USDT to america authorities.
The sufferer, recognized in courtroom paperwork solely as T.M., obtained an unsolicited letter at their residence deal with in September 2025. The letter appeared to return from “Ledger Safety and Compliance” and instructed the recipient to finish a compulsory safety overview of their Ledger {hardware} pockets.
T.M. adopted the letter’s directions, which gave the scammers entry to the pockets’s restoration seed phrase and management over the funds. Investigators traced the stolen property utilizing blockchain analytics. The scammers had moved the funds via a number of middleman wallets and transformed them into USDT, a stablecoin pegged to the U.S. greenback, in an try and obscure the path.
Blockchain information are public, and the clear transaction historical past allowed regulation enforcement brokers to comply with the funds and determine holdings exceeding $600,000. The forfeiture grievance, filed as case 3:26-cv-28 within the District of Connecticut, alleged the USDT represented proceeds of wire fraud and was linked to cash laundering violations.
Civil forfeiture allowed prosecutors to behave with out figuring out or criminally charging the perpetrators, who’re believed to be abroad. Interim U.S. Legal professional David X. Sullivan acknowledged that criminals mustn’t count on to carry onto stolen proceeds. FBI Particular Agent in Cost P.J. O’Brien credited the joint effort between federal and state investigators in tracing and securing the funds.
The recovered USDT might be returned to T.M. via the Division of Justice’s asset administration course of, overseen by the Cash Laundering and Asset Restoration Part. The physical-mail phishing tactic used in opposition to T.M. has focused Ledger clients since not less than 2021.
Scammers obtained names and residential addresses from Ledger’s 2020 buyer database breach and used that data to ship professional-looking letters. The letters usually instruct recipients to enter their 24-word restoration phrase on a faux web site or scan a QR code that routes to a malicious web page.
Ledger has persistently warned clients that it doesn’t ship junk mail requesting seed phrases or safety verification. Any letter or communication asking for a restoration phrase is a rip-off.
This case displays how federal companies are making use of blockchain evaluation to recuperate property in cryptocurrency fraud instances. Tether‘s cooperation in freezing and transferring seized USDT to government-controlled wallets performed a job in finishing the restoration.
FAQ 🔎
- What was the Ledger phishing rip-off in Connecticut? A scammer mailed a faux “Ledger Safety and Compliance” letter to a Connecticut resident, tricking them into surrendering their pockets’s restoration phrase and dropping roughly $234,000 in cryptocurrency.
- How did the FBI recuperate the stolen tether? Brokers used blockchain analytics to hint the stolen funds via a number of wallets, finding over $600,000 in USDT the scammers had transformed the property into.
- What’s civil forfeiture in a cryptocurrency case? Civil forfeiture lets federal prosecutors seize property tied to legal exercise with no legal conviction, which is helpful when suspects are unidentified or positioned abroad.
- How can Ledger customers defend themselves from mail phishing? Ledger by no means sends unsolicited letters requesting seed phrases or safety verification, so any such letter ought to be handled as a rip-off and reported to the FBI at ic3.gov.
