Law enforcement authorities in Europe have arrested five suspects in connection with an “elaborate” online investment fraud scheme that stole more than €100 million ($118 million) from over 100 victims in France, Germany, Italy, and Spain.
According to Eurojust, the coordinated action saw searches in five places across Spain and Portugal, as well as in Italy, Romania and Bulgaria. Bank accounts and other financial assets associated with the cybercrime ring were frozen.
The main perpetrator behind the operation has been accused of large-scale fraud and money laundering by running an online investment platform for several years, tricking unsuspecting individuals into parting with their funds by promising them high returns on investments in various cryptocurrencies.
Once the deposits were made, the funds were transferred to bank accounts in Lithuania to launder them. Victims who attempted to withdraw their assets from the platform were asked to pay additional fees, after which the website used to conduct the scam went offline, leading to heavy losses.
A number of judicial and law enforcement agencies from Bulgaria, Italy, Lithuania, Portugal, Romania, and Spain participated in the fraud scheme investigation.
“This fraud had been running since at least 2018, and covered 23 different countries, for instance, either as areas used to divert proceeds of the scam or as locations where victims were based,” Eurojust, which coordinated the effort along with support from Europol, said.
According to the U.S. Federal Trade Commission (FTC), Americans lost a record $12.5 billion to fraud in 2024, a 25% increase from the previous year, with investment scams resulting in the highest losses, touching $5.7 billion, up from $4.6 billion in 2023 and $3.8 billion in 2022.
“A majority (79%) of people who reported an investment-related scam lost money, with a median loss of over $9,000,” the FTC said. “People lost over $3 billion to scams that started online, compared to approximately $1.9 billion lost to more ‘traditional’ contact methods like calls, texts, or emails.”
The disclosure comes as Chainalysis revealed how a Venus Protocol user was targeted on September 2, 2025, in a social engineering attack, and how early detection and swift action enabled the recovery of stolen funds worth approximately $13 million.
“The attack was rooted in social engineering: malicious actors used a compromised Zoom client to gain system access,” Chainalysis said.
 |
| Image Source: Chainalysis |
“After infiltrating the victim’s machine, the attackers manipulated the user into submitting a blockchain transaction, which granted them delegate status over the account. This gave them direct control to borrow and redeem assets on behalf of the victim, effectively draining funds.”
The blockchain analytics company said Venus paused its protocol within 20 minutes of the malicious transaction taking place, effectively preventing the attacker from moving the funds further. Over the next 12 hours, Venus force-liquidated the attacker’s wallet, recovered the stolen funds, and resumed full service.
“Venus passed a governance proposal to freeze $3 million in assets still controlled by the attacker,” Chainalysis noted. “Not only did the attacker fail to profit; they actually lost $3 million as a result of the community’s decisive action.”
The Eurojust crackdown also coincides with a similar effort undertaken by the Seoul Metropolitan Police Agency (SMPA) earlier this month that disrupted a cybercrime operation, which is estimated to have stolen about $30 million from 258 high-profile victims, including corporate executives.
“The operation was sophisticated: after successfully hacking victims’ personal information and stealing funds, the criminals would impersonate agency employees and approach victims’ family members to gather even more personal data, preparing for additional thefts,” Chainalysis noted.
