Thai Police Bust $15M Crypto Scam Targeting Hundreds of South Koreans

Thai authorities have shut down a major criminal network accused of scamming hundreds of South Koreans out of $15 million. The group, called the “Lungo Company,” ran a complex scheme involving cryptocurrency fraud, romance scams, and fake lottery payouts.

The operation, which lasted for a year, ended with the arrest of 25 suspects in South Korea and nine key members in Thailand, including the ringleader. All nine remain in custody in Thailand while awaiting extradition to South Korea.

Authorities say the case shows how fast cybercriminals are evolving, using advanced techniques to steal money and hide their tracks across countries and currencies.

A Scam Built on Multiple Tricks

Police in Seoul first uncovered the Lungo Company after victims reported losing money to what seemed like unrelated scams. On closer inspection, investigators found that a single network was behind them all.

The group used several tricks at once. Some victims were told they could get compensation for supposed data breaches if they sent money first. Others were lured into fake romances and convinced to “help” their online partners financially. 

Many were directed to fraudulent crypto platforms promising high returns on investments, only to find out the tokens they bought were worthless. “This group used multiple tactics in a systematic way,” a police official explained. “It wasn’t a one-dimensional scam, it was structured and layered.”

The criminals reportedly operated from a luxury resort in Pattaya, Thailand. Using encrypted apps like Telegram and WeChat, they coordinated daily activities while staying off law enforcement radar.

Victims sent money thinking they were dealing with legitimate businesses or trusted partners. In reality, their funds were quickly moved through complex layers of laundering techniques designed to make recovery nearly impossible.

How They Hid the Money

The Lungo Company was not just good at stealing money; it was also skilled at making the money disappear. Investigators say the group used methods rarely seen in smaller fraud cases.

For example, they split stolen money into thousands of tiny transactions to stay under banking detection limits. Some funds were converted into prepaid cards that could be cashed out at ATMs. Others were laundered through casinos to make the money look like gambling winnings.

Experts believe the criminals used “chain-hopping” tactics too, quickly moving crypto assets across different blockchains to make it harder for anyone to follow the digital trail.

Cybercrime consultant, David Sehyeon Baek, explained, “Cross-chain crime has surged globally, tripling in the past two years.” He said decentralized exchanges and no-KYC swap services allow criminals to move money fast and anonymously.

Another trick involved “parasite exchanges.” These are secret trading platforms hidden inside legitimate exchanges. According to Baek, shell companies open accounts on big exchanges using fake documents. Then, they create private interfaces for criminal clients, letting them trade without leaving obvious traces.

“Technically, these schemes involve shell companies opening accounts across multiple major exchanges using fraudulent credentials, then offering custom interfaces that allow clients to trade while hiding any connection to the underlying regulated infrastructure,” Baek said.

He added that these hidden platforms often process “nearly 100 times more illicit volume than their mainstream host platforms” and charge high fees, sometimes between 7% and 15%, in exchange for secrecy.

Finally, for cashing out large sums, the Lungo Company relied on unlicensed OTC (over-the-counter) brokers in Thailand and nearby countries. These brokers handle big crypto-to-cash transactions with minimal scrutiny, especially in tourist hubs like Pattaya.

Links to Other Cybercrime Cases

This crackdown comes just weeks after Seoul police broke up another international ring that stole $28.1 million from South Korea’s richest citizens. That group hacked into financial and cryptocurrency accounts belonging to celebrities, executives, and business leaders.

In another major case, investigators confirmed that a December 2020 hack of Chinese Bitcoin mining pool LuBian was the largest crypto theft ever recorded.

Back in 2020, LuBian was one of the fastest-growing Bitcoin mining pools, presenting itself as a safe, high-return platform. But Arkham Intelligence, a blockchain analytics firm, found that hackers exploited weaknesses in LuBian’s private key system, stealing 127,426 BTC in just two days.

At the time, the stolen Bitcoin was worth $3.5 billion. Today, the same amount is valued at nearly $14.5 billion. Over 90% of the funds were drained in a single day, with the rest taken through Bitcoin and USDT transfers on the Omni layer shortly after.

By early 2021, LuBian had completely disappeared. Many speculated it was shut down by regulators or taken private, but Arkham’s findings suggest the hack destroyed the platform.

Interestingly, the stolen Bitcoin has stayed inactive since July 2024. LuBian even tried to communicate with the hacker through Bitcoin’s OP_RETURN function, offering a reward for the funds’ return, but there has been no response.

While the Mt. Gox collapse years ago involved more Bitcoin overall, the LuBian incident remains the largest confirmed crypto hack in terms of value at the time it happened.

Investigations Still Ongoing

Thai and South Korean authorities are now working together to trace any remaining assets and uncover possible links between the Lungo Company and other fraud networks.

Experts warn that cases like this highlight the increasing complexity of cybercrime. With cross-border coordination, encrypted apps, and advanced money-laundering techniques, criminal groups can steal and hide millions before law enforcement even knows what happened.

David Sehyeon Baek said investigators often spend “countless hours manually tracing funds across multiple protocols,” especially when criminals move assets across different blockchains and platforms.

As for the Lungo Company, its members remain in custody, with extradition proceedings underway. More arrests could follow as authorities dig deeper into the group’s operations and funding sources.

For victims, though, recovery may be difficult. Once stolen funds are split, swapped, and laundered through multiple channels, tracking them becomes a massive challenge, even with modern blockchain analytics tools.

A Growing Problem for Law Enforcement

Cases like this underline how fast financial crime is changing. In the past, many fraud rings used a single tactic, such as phishing emails or one fake investment platform. But groups like the Lungo Company now combine romance scams, lottery fraud, crypto tricks, and complex laundering in one operation.

Investigators say this “multi-layered” approach forces police to work across borders and cooperate with multiple agencies and financial institutions.

The use of encrypted apps like Telegram and WeChat adds another hurdle. These platforms make communication fast and anonymous, while unlicensed OTC brokers and decentralized exchanges allow money to move outside traditional banking rules.

As a result, law enforcement faces a tough battle. Each time authorities develop new tools to track money, criminals adapt with even more advanced tactics.

For now, the arrest of the Lungo Company is a major win for Thai and South Korean authorities. But experts believe it is only one piece of a much larger global puzzle involving cybercrime, cryptocurrency, and cross-border money laundering.