Two men arrested for $1.1 million NFT ‘rug pull’ scam

[Игорь99]

US government prosecutors have charged two men with fraud and money laundering over a cryptocurrency “rug pull” scheme. Ethan Nguyen and Andre Llacuna allegedly earned around $1.1 million by selling non-fungible tokens (or NFTs) based on cartoon-like characters called “Frosties.” After selling the NFTs, they shut down the project and transferred its funds to a series of separate crypto wallets, leaving Frosties owners bereft of promised rewards.
According to the criminal complaint, the Internal Revenue Service, Criminal Investigation (IRS-CI), and Homeland Security Investigations (HSI) began investigating Frosties in January, shortly after receiving complaints about the scam. Frosties was a buzzy project whose 8,888 NFTs — priced at the Ethereum equivalent of roughly $130 — sold out within an hour of the public launch.
But as chronicled by Protocol, the creators abandoned it almost immediately. Buyers earned only a few dollars when they tried to resell their NFTs, and they gave up any hope of seeing future promised rewards, including 3D versions of their avatars and a Frosties video game. (Some scammed community members nonetheless attempted to resurrect the Frosties as a separate NFT lineup.) Now, the two men behind Frosties have been arrested in Los Angeles, California.
They already had a plan to do the same scam with another venture called "Ember".
The reality: investigators matched Nguyen and Llacuna’s Discord account data (including Nguyen’s IP address and Llacuna’s email address and phone number) with corresponding accounts on the Coinbase cryptocurrency exchange. The Coinbase accounts were linked with a Citibank credit card and government ID that let law enforcement track the pair down.
LOL GREAT OPSEC MR FRAUDSTER - connect your IRL accounts directly to your card directly connected to your scheme!
Unfortunately - as the article astutely recognizes - this type of thing is not the first of its kind nor the last. Fraud through NFT will happen again and again, as with all cryptocurrency scams, because it's easy and quick money can be made. They might have gotten away with it had they just used a bit of OpSec; they failed this on many fronts, the largest being connecting a credit card to their real name and also not using anonymous mailers/e-mail service providers. This is how they caught Jake Davis a/k/a "topiary" of LulzSec.