Belgian Police Nab Phishing Gang Leader in $572K Crypto Theft
Belgian authorities arrested a 19-year-old leader of a phishing network that stole over $572,000 using fake government emails, laundering proceeds via crypto. The investigation, launched in March, underscores phishing's growing threat to crypto investors, with $306 million lost in Q1 2026 alone.
Quick Take
19-year-old suspected gang leader arrested in Antwerp Airbnb over $572K phishing scheme.
Gang laundered stolen funds through cryptocurrencies after remotely accessing victims' devices.
Phishing caused $306M of $482M crypto losses in Q1 2026, per Hacken.
Recent Google phishing ads impersonating Uniswap stole over $400K from crypto users.
Market Impact Analysis
NeutralThe arrest has minimal direct market impact but underscores ongoing security risks that may mildly affect user confidence.
Speculation Analysis
Authorities detained the suspect in an Airbnb in Antwerp, where a second suspect was also found. The Federal Judicial Police launched the investigation in March 2026, when phishing attacks became a priority in the region, according to a Thursday police report.
The main suspect was brought before an investigating judge, who issued an arrest warrant. The gang used money mules and cash carriers and laundered the proceeds through cryptocurrencies.
The investigation shows that crypto can play multiple roles in phishing operations, including as a means of laundering illicit proceeds.
Phishing dominates crypto security losses
Phishing is also a major threat to cryptocurrency investors, accounting for the majority of the $482 million lost in the first quarter of 2026. Phishing and social engineering attacks accounted for $306 million of those losses, according to Hacken.
Phishing attacks and social engineering scams are a long-standing hurdle for the crypto industry, as attackers exploit human behavior rather than the code of a protocol.
On May 25, onchain analyst “b-block” warned that scammers used Google to deploy malicious phishing ads impersonating decentralized exchange Uniswap, reportedly stealing more than $400,000 from victims.
Data aggregator DeFiLlama said that “fake ads on Google are a common source of phishing attacks.” Crypto cybersecurity group Security Alliance also reported in April that there was a “significant uptick” in phishing activity on Google Search in March.
Related: Phantom Chat under scrutiny after $264K address poisoning loss
Related:
Related:
Phantom Chat under scrutiny after $264K address poisoning loss
Phantom Chat under scrutiny after $264K address poisoning loss
Blockchain security company CertiK’s Skynet report also highlighted phishing and social engineering as leading attack vectors for North Korea-linked malicious actors.
DPRK hacking playbook. Source: CertiK
DPRK hacking playbook. Source: CertiK
CertiK attributed the 2022 Ronin Bridge exploit that stole $600 million to a spearphishing campaign involving a fake LinkedIn recruiter and a malware-laden PDF.
Magazine: Meet the onchain crypto detectives fighting crime better than the cops
Magazine:
Magazine:
Meet the onchain crypto detectives fighting crime better than the cops
Meet the onchain crypto detectives fighting crime better than the cops
Always late to trends?
Join for the latest news, insights & more.
Disclaimer: Bytewit is an independent media outlet that delivers news, research, and data.
© 2026 Bytewit. All Rights Reserved. This article is for informational purposes only.