Young California Man Admits Role in $263M Bitcoin Theft and Laundering Scheme

• SE Enterprise used social engineering tactics, including fake calls and burglaries, to access victims’ crypto holdings.

• The group operated from October 2023 through at least May 2025, with members specializing in hacking, laundering, and theft.

• Prosecutors applied RICO charges to treat the ring as an organized criminal enterprise, similar to mafia operations, leading to multiple guilty pleas.

Discover the details of the SE Enterprise crypto theft ring and Evan Tangeman’s guilty plea in this major Bitcoin heist case. Learn how authorities are combating such sophisticated schemes—stay informed on crypto security today.

What is the SE Enterprise Crypto Theft Ring?

The SE Enterprise crypto theft ring was a sophisticated criminal operation that targeted cryptocurrency holders through social engineering and physical theft, stealing approximately $263 million in Bitcoin from a single victim in Washington, D.C., and hundreds of millions more nationwide. The group, active from no later than October 2023 through at least May 2025, functioned like an organized crime syndicate with specialized roles including hackers, callers impersonating exchange support, launderers, and burglars. Federal prosecutors invoked the Racketeer Influenced and Corrupt Organizations (RICO) Act to charge members, emphasizing the interconnected nature of their activities.

How Did the SE Enterprise Execute Their Crypto Thefts?

The SE Enterprise crypto theft ring relied on a multi-layered approach to breach victims’ defenses and launder proceeds. Members began by identifying targets through online gaming platforms, where friendships formed the basis of recruitment. Database hackers accessed personal information, while “callers” posed as representatives from major cryptocurrency exchanges or email providers to trick victims into revealing wallet credentials or two-factor authentication codes. In one prominent case, co-defendants Malone Lam and Danish Zulfiqar allegedly drained over 4,100 BTC—valued at about $263 million at the time—from a D.C. resident, a sum that has since appreciated to over $370 million.

Physical elements amplified the threat: operatives conducted in-person burglaries to steal hardware wallets directly from victims’ homes. After thefts, the group converted stolen assets into privacy-focused cryptocurrencies like Monero to obscure trails, then routed funds through opaque exchanges and cash-out brokers. Evan Tangeman’s involvement included transforming digital crypto into bulk fiat currency, securing luxury rentals under false names, and assisting in immediate cash collections post-heist. He also monitored security feeds during an FBI raid on Lam’s Miami home and directed the destruction of digital evidence to impede investigations.

According to the U.S. Justice Department, the operation’s scale justified RICO charges, originally designed for mafia and drug cartels, allowing prosecutors to prosecute the enterprise as a unified entity. A recent superseding indictment added three new defendants—Nicholas Dellecave, Mustafa Ibrahim, and Danish Zulfiqar—further expanding accountability. Authorities, aided by blockchain analysts like ZachXBT, traced funds through mixers and peel chains, leading to arrests such as Lam and Jeandiel Serrano in September 2024 on fraud and money-laundering counts.

Ari Redbord, Global Head of Policy at TRM Labs, highlighted the unique dangers: “The speed of crypto allows stolen assets to be moved at the speed of the internet, while the use of violence or threats adds an immediate physical layer of risk for victims, creating a hybrid threat model that law enforcement and the private sector are now confronting head-on.” Redbord, experienced in both violent and cyber crimes, noted that RICO’s application signals a shift toward viewing these incidents as organized operations rather than isolated events, enabling comprehensive charges under one legal framework.

Frequently Asked Questions

What Role Did Evan Tangeman Play in the SE Enterprise Crypto Theft?

Evan Tangeman, a 22-year-old from California, admitted in federal court in Washington, D.C., to participating in the racketeering conspiracy of the SE Enterprise. He specifically helped launder at least $3.5 million in stolen funds by converting cryptocurrency to cash, securing properties under aliases, and aiding in evidence destruction. Tangeman faces sentencing on April 24, 2026, before a U.S. District Judge.

How Are Authorities Tackling Crypto Theft Rings Like SE Enterprise?

Authorities are using advanced blockchain forensics and RICO statutes to dismantle groups like SE Enterprise, treating them as cohesive criminal organizations. Collaboration with experts such as ZachXBT has been key in tracing laundered funds, while arrests and indictments target leaders and specialists alike. This integrated approach addresses both digital and physical threats to enhance victim protection and deter future schemes.

Key Takeaways

• Sophisticated Social Engineering: The SE Enterprise combined online deception with real-world burglaries, stealing over $263 million from one victim alone and targeting many others.
• RICO’s Role in Prosecution: By applying organized crime laws, prosecutors can link diverse crimes like hacking, laundering, and violence into a single case, as seen with nine guilty pleas including Evan Tangeman’s.
• Ongoing Crypto Security Needs: Victims and exchanges should prioritize multi-factor authentication, hardware wallets, and awareness of social engineering to mitigate risks from hybrid threats.

Conclusion

The guilty plea of Evan Tangeman marks a significant step in dismantling the SE Enterprise crypto theft ring, underscoring the evolving threats in the cryptocurrency space where digital speed meets physical coercion. With over $263 million stolen in Bitcoin from a D.C. victim and broader national impacts, federal efforts using RICO charges demonstrate a robust response to these organized schemes. As blockchain analysis tools advance and collaborations strengthen, the crypto community can anticipate improved safeguards, encouraging holders to adopt vigilant practices for a more secure future.