Connecticut Crypto Phishing Sufferer to Recuperate Funds
Native media reported that the U.S. Legal professional’s Workplace for the District of Connecticut, working with the FBI’s New Haven Division and Connecticut State Police, filed a civil forfeiture criticism in January 2026 in opposition to the seized funds. On March 31, 2026, the U.S. District Courtroom entered a decree of forfeiture transferring the USDT to the USA authorities.
The sufferer, recognized in court docket paperwork solely as T.M., obtained an unsolicited letter at their dwelling tackle in September 2025. The letter appeared to come back from “Ledger Safety and Compliance” and instructed the recipient to finish a compulsory safety evaluation of their Ledger {hardware} pockets.
T.M. adopted the letter’s directions, which gave the scammers entry to the pockets’s restoration seed phrase and management over the funds. Investigators traced the stolen property utilizing blockchain analytics. The scammers had moved the funds via a number of middleman wallets and transformed them into USDT, a stablecoin pegged to the U.S. greenback, in an try and obscure the path.
Blockchain information are public, and the clear transaction historical past allowed regulation enforcement brokers to observe the funds and determine holdings exceeding $600,000. The forfeiture criticism, filed as case 3:26-cv-28 within the District of Connecticut, alleged the USDT represented proceeds of wire fraud and was related to cash laundering violations.
Civil forfeiture allowed prosecutors to behave with out figuring out or criminally charging the perpetrators, who’re believed to be abroad. Interim U.S. Legal professional David X. Sullivan said that criminals shouldn’t count on to carry onto stolen proceeds. FBI Particular Agent in Cost P.J. O’Brien credited the joint effort between federal and state investigators in tracing and securing the funds.
The recovered USDT can be returned to T.M. via the Division of Justice’s asset administration course of, overseen by the Cash Laundering and Asset Restoration Part. The physical-mail phishing tactic used in opposition to T.M. has focused Ledger clients since at the least 2021.
Scammers obtained names and residential addresses from Ledger’s 2020 buyer database breach and used that data to ship professional-looking letters. The letters sometimes instruct recipients to enter their 24-word restoration phrase on a pretend web site or scan a QR code that routes to a malicious web page.
Ledger has constantly warned clients that it doesn’t ship junk mail requesting seed phrases or safety verification. Any letter or communication asking for a restoration phrase is a rip-off.
This case displays how federal companies are making use of blockchain evaluation to get well property in cryptocurrency fraud circumstances. Tether‘s cooperation in freezing and transferring seized USDT to government-controlled wallets performed a task in finishing the restoration.
FAQ 🔎
What was the Ledger phishing rip-off in Connecticut? A scammer mailed a pretend “Ledger Safety and Compliance” letter to a Connecticut resident, tricking them into surrendering their pockets’s restoration phrase and dropping roughly $234,000 in cryptocurrency. How did the FBI get well the stolen tether? Brokers used blockchain analytics to hint the stolen funds via a number of wallets, finding over $600,000 in USDT the scammers had transformed the property into. What’s civil forfeiture in a cryptocurrency case? Civil forfeiture lets federal prosecutors seize property tied to legal exercise and not using a legal conviction, which is beneficial when suspects are unidentified or positioned abroad. How can Ledger customers defend themselves from mail phishing? Ledger by no means sends unsolicited letters requesting seed phrases or safety verification, so any such letter must be handled as a rip-off and reported to the FBI at ic3.gov.
