MoonPay CEO Falls Victim to Crypto Scam: Imposter Steve Witkoff Dupes Executive for $250K
Ddos 
The cryptocurrency industry is no stranger to scams, yet it’s rare to see senior executives of crypto wallet firms fall victim to such schemes. That changed recently when Ivan Soto-Wright, CEO of the cryptocurrency wallet company MoonPay, became the central figure in a notable case of executive-level deception.
The U.S. Department of Justice has revealed a cryptocurrency-related fraud in which the perpetrators impersonated the co-chairman of the Trump Inaugural Committee to dupe their targets. Among the victims were individuals with the names Ivan and Mouna, names that correspond to Ivan Soto-Wright, CEO of MoonPay, and Mouna Ammari Siala, the company’s CFO.
The court documents include Ethereum wallet addresses used in the fraudulent transaction, and investigators have confirmed that one of these addresses belongs to Ivan Soto-Wright. This connection all but confirms that the two MoonPay executives were indeed the victims.
In December 2024, the scammer sent an email to Ivan Soto-Wright, posing as Steve Witkoff, co-chair of the Trump Inaugural Committee, requesting a $250,000 donation. Despite the use of a suspicious, unofficial email domain, the deception succeeded, and the funds were transferred.
Following the transfer, the scammer sent a confirmation email stating that the $250,000 donation had been processed. As expected, no further communication followed. The DOJ’s investigation traced the scam to a Nigerian national, and the stolen funds were found to have been laundered through numerous cryptocurrency wallets.
Nigerian fraud syndicates, notorious for their business email compromise (BEC) schemes, frequently impersonate companies in emails sent to other businesses. The MoonPay incident appears to be a sophisticated variation of such tactics—though it is startling that executives of a crypto security firm would fall prey to them.
For a CEO entrusted with safeguarding digital assets, Ivan Soto-Wright’s failure to detect such an elementary scam is nothing short of an embarrassment. If one cannot discern a basic phishing attempt, how can they credibly assure users of the security and integrity of their cryptocurrency wallet platform?
Related Posts:
- U.S. and Britain investigate Facebook data breach, Zuckerberg was summoned
- APT28 Attacks International Olympic Committee & published 2018 Winter Olympics emails
- Beyond Firewalls: NCSC Explores Cyber Deception’s Potential
- Cybercriminals Go Mobile: Executives Targeted in Advanced Phishing Campaigns
- Cybercriminals Evolve Social Engineering Tactics, Exploit CVE-2022-26923 in Sophisticated Campaign
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
