Crypto Scam Defrauds Investors of 50 Million Dollars

One of the largest over-the-counter (OTC) crypto scams involving popular tokens such as SUI, NEAR, and Axelar was recently exposed. The scam, which defrauded investors of more than 50 million dollars from November 2024 to June 2025, operated through trusted Telegram channels. Despite obvious red flags, a significant number of retail traders, crypto whales, and venture capital firms were convinced by the legitimacy of the offers.

The scam began at the end of 2024 with seemingly legitimate offers of OTC deals available through invite-only Telegram groups. High-profile tokens like Aptos, GRT, SEI, and Swell were offered at steep discounts of up to 50% below market value. Buyers were informed that the tokens would be delivered after a 4 to 5-month vesting period. Early investors received their tokens without issues, creating an image of legitimacy that prompted more people to contribute.

By the beginning of 2025, the scam gained more traction as stories of sure deals and fast profits spread. Venture capital firms, key opinion leaders, and crypto whales began allocating sizable funds, further strengthening belief in the scheme. From February 2025, the volume and variety of OTC offerings expanded sharply. New tokens like SUI, NEAR, GRASS, Axelar, and Fluid were added, continuing to promise discounted prices and clear timelines, which drew even more investors.

As more users bought into the scam, some began overlooking inconsistencies. Public warnings were issued by crypto insiders, but many investors dismissed the alerts. Despite a May post on X by Eman Abio from the SUI team stating, “There is NO deal!” and a statement by Lucian Mincu of MultiversX discouraging participation in such OTC deals, confidence in past successful deliveries made most investors ignore the cautionary messages.

By June 2025, reports of missing token distributions started to surface. The final known deal was for Fluid tokens, introduced on June 1. Soon after, delivery of previously promised tokens stopped entirely. Explanations from the scam organizers included travel delays and Know Your Customer (KYC) complications, though no concrete updates followed. On June 19, Aza Ventures — one of the lead VC groups involved — publicly admitted that they too had been scammed. The firm claimed that the dealer known as “Source 1” had used new funds to cover older promises in a Ponzi-like cycle. Moreover, they revealed that other supposed sources, “Source 2” and “Source 3,” were unknowingly routing deals through the same person.

According to their latest updates, “Source 1” is suspected to be an Indian national and reportedly the founder of a project listed on Binance. His identity is known to Aza Ventures, who have chosen not to name him publicly while attempting to recover funds. Wallet addresses linked to Source 1 have now been exposed. Screenshots and transaction histories are being reviewed by on-chain investigators. The crypto community has also begun tracking transactions to understand how the scam progressed. The token list spans more than 30 crypto assets, including Celestia, LayerZero, Ronin, Sandbox, Berachain, and Conflux. Recovery efforts are underway, but many affected parties remain uncertain about reimbursement.

The fraud news comes shortly after the crypto scam of Nobitex Exchange where over 100 million of digital assets were stolen by hackers. Following the hack, hackers posted the complete source code and systems information of Nobitex publicly, putting users' funds at risk. The mastermind of the scam, dubbed as Source 1, has not been arrested, but the recovery of the funds is underway.