Inzamam Nizam
Jul 06, 2026
Dubai Police, in collaboration with the U.S. FBI and China's Ministry of Public Security, dismantled nine scam centers and arrested at least 276 suspects involved in fake cryptocurrency investment scams targeting Americans. Thai authorities also helped arrest suspects from Burma and Indonesia.
Four defendants: Thet Min Nyi (27), Wiliang Awang (23), Andreas Chandra (29), and Lisa Mariam (29), along with two fugitive co-conspirators, have been charged in the U.S. with fraud and money laundering. Prosecutors allege they operated scam centers through Ko Thet Company, Sanduo Group, and Giant Company, with Thet Min Nyi identified as a manager and recruiter for Ko Thet Company.
The group allegedly used "pig butchering" tactics, building trust through fake relationships before persuading victims to invest in fraudulent cryptocurrency platforms. Authorities also linked the operation to human trafficking, with workers allegedly forced to carry out the scams. The U.S. Department of Justice said Operation Level Up has warned nearly 9,000 people and prevented an estimated $562 million in losses as of April 2026.
Days before the Dubai-led crackdown, the U.S. Department of Justice charged Jiang Wen Jie (Jiang Nan) and Huang Xingshan (Ah Zhe/Huang Xing Saan) for operating the Shunda scam compound in Min Let Pan, Myanmar. Huang allegedly managed the operation and personally abused trafficked workers, while Jiang led teams targeting U.S. victims. Both were arrested by Thai authorities in early 2026 while travelling from Cambodia to Burma and were reportedly planning another scam compound in Cambodia after Burmese authorities shut down the Shunda site in November 2025.
The U.S. Treasury sanctioned Cambodian Senator Kok An, businessman Rithy Raksmei, and the K99 Group for operating scam centers from casinos and converted office parks. Kok An reportedly fled Thailand after an arrest warrant was issued for him and his children. The U.S. State Department also announced rewards of up to $10 million for information leading to the recovery of funds linked to Burma's Tai Chang scam center. Meanwhile, Cambodia passed its first law targeting scam centers, introducing prison terms of 5–10 years and fines of up to $250,000.
Authorities seized a Telegram recruitment channel with 6,500+ followers, 503 fake investment websites, and restrained more than $701 million in cryptocurrency linked to scam networks. In a separate operation, Operation Atlantic froze $12 million tied to approval-phishing attacks that affected over 20,000 victims across 30 countries, while more than 120 phishing domains were confiscated. Researchers also uncovered an Android banking trojan linked to the K99 Group, which used fake banking and government apps to steal credentials, monitor devices in real time, and drain victims' accounts.
Despite the scale of this crackdown, the numbers point to a threat that is still outpacing enforcement. The malware operation tied to the K99 compound is registering around 35 new scam domains every month, with 400 targeted lure domains created in 2025 alone, and its reach is actively expanding beyond Southeast Asia into Africa and Latin America, as well as into new lures such as airlines and e-commerce platforms. The human trafficking dimension also remains largely unresolved: workers inside compounds like Shunda were reportedly held against their will and forced to commit fraud under threat of violence, and new compounds continue to be planned even after existing ones are seized.
These developments also highlight what is cybersecurity in practice, not just protecting systems from malware, but understanding and defending against complex cyber-enabled crimes that combine social engineering, financial fraud, and organised criminal networks. Meanwhile, the money recovered, roughly $12 million in Operation Atlantic and $701 million restrained by the Strike Force, is set against tens of thousands of identified victims across 30 countries and an ecosystem researchers describe as agile, experimental, and commercially driven, one that continuously repurposes and rebrands its tools and infrastructure.
“Fraudsters who target Americans from overseas cannot operate with impunity...In contemporary society, fraud is borderless, and law enforcement activity to combat it and eliminate it is as well.”
— A. Tysen Duva, Assistant Attorney General, U.S. Department of Justice Criminal Division
"Every major cyberattack reinforces the same lesson: prevention starts with education. Investing in cybersecurity training empowers individuals and businesses to stay one step ahead of increasingly sophisticated threats."
— Inzamam Nizam, Cyber Security & Security Engineer, Edoxi Training Institute
For executives and finance teams, the lesson goes beyond crypto scams: the same tactics behind pig-butchering fraud—trust-building, spoofed channels, and convincing fake platforms are increasingly being used in CEO fraud and deepfake impersonation attacks. As attack tools become easier to access, organisations need stronger verification practices, including confirming payment requests through a second channel and scrutinizing urgent or emotionally charged instructions.
Building these capabilities requires continuous upskilling, and professionals can benefit from specialised training such as Edoxi's Cyber Security Course, Certified Ethical Hacking (CEH) Course, CompTIA Security+ Course, and Certified Information Systems Security Professional (CISSP) Course, which equip learners with practical skills to identify emerging threats, strengthen organisational defences, and implement robust security practices.
Cyber Security & Security Engineer
Inzamam Nizam is a Cyber Security & Security Engineer with over six years of experience in offensive cybersecurity, vulnerability research, and application security. His expertise includes mobile (iOS/Android), web, and network penetration testing, secure code review, red teaming, exploit development, and secure architecture assessments. Recognised in the SynAck Hall of Fame for discovering critical security vulnerabilities, he is passionate about helping organisations strengthen their security posture through practical, research-driven approaches.
Throughout his career, Inzamam has led security assessments, adversary emulation exercises, and secure development initiatives across diverse industries, including banking and enterprise environments. He has contributed to innovative cybersecurity projects such as SPELL-BOUND, an open-source adversary emulation framework, GHOSTWARE AI, an AI-powered security assessment platform, and KAEDAE, a behaviour-based keylogger detection solution. Through his writing, he shares practical insights, emerging attack techniques, and defensive strategies to help security professionals stay ahead of the evolving threat landscape.