Search TorNews

Find cybersecurity news, guides, and research articles

Popular searches:

Home » News » Government & Policy » Europe Dismantles €100 (Over 114 USD) Million Crypto Scam Network With 700 Employees and 20 Call Centers

Europe Dismantles €100 (Over 114 USD) Million Crypto Scam Network With 700 Employees and 20 Call Centers

By:
Last updated:July 16, 2026
Human Written
  • Police arrested six people as part of a raid that broke up a criminal group stealing millions every month through bogus crypto investment platforms.

  • Investigators say the ringleader is Ehud T., 46, who they think is actually Ehud Tenenbaum, a notorious hacker, A.K.A “The Analyzer.”

  • This operation wasn’t a small-time crime. It ran like a multinational company, with 700+ employees working across 20 call centers and duping tens of thousands of people around the world.

Former SocialPharma Moderator Sentenced Over Role in Online Drug Operation

Dutch and Belgian police just broke up one of Europe’s biggest crypto scam rings. This group was pulling in over €100 million (more than 114 million USD approximately) every month by tricking people into fake investments.

This criminal network had more than 700 workers and 20 call centers across several countries. In a major crackdown in Poland, Cyprus, Belgium, and Greece, the authorities arrested six individuals associated with the criminal activity.

Details of the Billion-Dollar Scam Operation

The fraudsters ran their operation like a legitimate international business. They had a central headquarters that managed regional offices. Each office had teams whose role was to target the victims in certain nations and languages.

These fraudsters relied on fabricated identities and technology in an effort to cover their tracks. The dismantling of such networks is part of a larger trend; authorities have been shutting down thousands of scam accounts globally.

Investigators gathered evidence by tracing payments through the financial system, collecting information on their IP addresses, and looking up all their important data online.

The primary suspect in the case is a 46-year-old citizen of Israel and Poland. Dutch authorities described him as an online criminal who built the foundation of the operation and made it harder for the authorities to find them since 2021.

How the Fraudsters Lured in Victims

The scam used a well-written script that successfully duped numerous individuals. Initially, prospective victims noticed ads regarding cryptocurrency investments or trading opportunities. After that, an individual pretending to be a financial consultant would approach them.

The first investment was usually small, often just a few hundred euros. Victims saw fake profits on professional-looking trading platforms. Though the platforms promised the funds would yield profits, they never invested the money anywhere.

After winning the victim’s trust, they convince the victims to invest large amounts of money. One of the victims, Alext, a Dutch citizen, lost €275,000. He started with only €250 and saw his balance grow very fast in the scam platform.

“The ground falls out from under your feet,” Alex told Dutch media. He narrated how hurt he felt due to the loss. Alex panicked and called the fraudsters for help, but they blocked him.

Some victims lost so much they couldn’t afford basic necessities. Others said the financial ruin drove them to thoughts of suicide.

A Network Built Like a Real Business

The organization operated with surprising professionalism. Employees exchanged emails about victims and how much money remained to extract. The group had a ranking system they used to track who stole the most.

They even had an internal intranet through which employees asked questions and requested items like new headsets or toilet seats. Many employees worked from luxurious locations like Cyprus and Greece, living as “criminal digital nomads”.

The network employed people who spoke multiple languages and knew how to build relationships with victims. Alex said the account manager assigned to him was “very nice,” wasn’t pushy, and “didn’t promise castles in the air”. He also said the person sounded “professional and businesslike”.

The Alleged Mastermind: Ehud Tenenbaum

Dutch police haven’t officially named the suspect, but the details line up with Ehud Tenenbaum, better known online as “The Analyzer.”

Tenenbaum became popular internationally in 1998 as one of the masterminds of the Solar Sunrise hack attacks. He and his group broke into unclassified computer systems belonging to the US Pentagon, NASA, the Air Force, and the Navy.

U.S. officials briefly feared the attacks had a link to Iraqi cyber operations. The investigation eventually led to two California teenagers and then to Tenenbaum. The probe was so serious that briefings went all the way up to the President of the United States.

He was convicted in Israel in 2001 for those intrusions. Subsequently, Tenenbaum was arrested in Canada for payment card fraud and extradited to the US. Tenenbaum pleaded guilty in 2009. He received credit for serving his time, and authorities placed him under probation for three years. He was asked to restore over $503,000.

The Investigation Continues

Now, Dutch police say they’ve connected about 550 complaints in the Netherlands to this same network, with losses hitting nearly €25 million. Belgian investigators have found over 200 victims. When you add everything up, those on the case think the real number of victims around the world stretches into the tens of thousands.

Dutch police have launched “Operation Sunflower,” a public campaign publishing hundreds of aliases used by the group’s account managers. They hope this encourages additional victims and witnesses to come forward.

Authorities warn that  “recovery companies” offering to retrieve lost funds for an upfront fee may later approach some victims. Police believe many of these services are connected to the same criminal groups and are designed to steal even more money.

The financial investigation continues as authorities work to identify and freeze criminal assets that may compensate victims.

Share this article

About the Author

Joahn G

Joahn G

Cyber Threat Journalist

Joahn is a cyber threat journalist dedicated to tracking the evolving landscape of digital risks. His reporting focuses on ransomware gangs, data breach incidents, and state-sponsored cyber operations. By analyzing threat actor motives and tactics, he provides timely intelligence that helps readers understand and anticipate the security challenges of tomorrow.

View all posts by Joahn G >
Comments (0)

No comments.