A scammer accidentally turned himself in by asking ZachXBT for help with frozen bitcoins.
An old truth is confirmed once again: criminals are not the smartest people. On-chain detective ZachXBT published a story about a scammer who exposed himself by complaining about an "unfair" fund freeze. A user under the nickname AmanKesar11 contacted the well-known analyst with a complaint about the blocking of 5.73 BTC (approximately $475,000) on the Changelly platform. However, an investigation showed that these funds are directly linked to a series of thefts from U.S. citizens.
After receiving the message, ZachXBT conducted his own investigation using tools for tracking Bitcoin transactions. It turned out that the origin of the funds was criminal: they were obtained through social engineering attacks targeting Americans, including retirees. The scammers operated through U.S. exchanges and Bitcoin ATMs.
How the Scammer Exposed Himself
According to ZachXBT's analysis, the entire chain of related thefts brought the attackers over $1 million starting from 2025. The 5.73 BTC themselves were frozen on Changelly back in March 2025 — which is precisely what prompted the individual to seek help. His explanations for the origin of the money kept changing: first it was a loan, then funds sent by a boss, then supposedly the boss's investments in Bitcoin "in 2014 and 2015" through an acquaintance in the U.S. Most notably: in December 2025, the individual, by his own account, even filed a complaint with the Indian police due to the freeze.
Who the Individual Worked For
In the correspondence, AmanKesar11 sent screenshots of emails that allowed ZachXBT to reconstruct the entire group's structure. The on-chain detective suggests that the individual is merely an intermediary through whom money is laundered for a boss under the pseudonym "Mr Parveen." This conclusion was also drawn from the "evidence" sent by the individual himself: bank statements turned out to be in someone else's name and at a different address.
ZachXBT addressed his followers with a warning: he can be asked for help, he respects privacy, but contacting him with the aim of recovering stolen funds is not advisable. This case is a vivid example of how greed and stupidity lead to complete exposure.
My expert commentary: This story is a classic example of how criminal elements underestimate the transparency of the blockchain and the professionalism of on-chain analysts. Any attempt to "launder" or "recover" stolen funds through public channels is a direct path to exposure. Investors should remember: if a transaction looks suspicious, it is better to conduct your own verification than to rely on "help" from outside.