Business Sandesh Indian Newspaper | Articles | Opinion Pieces | Research Studies | Findings & News | Sandesh News
Renowned on-chain investigator ZachXBT dropped a bombshell on December 5, 2025, alleging that British cybercriminal Danny Khan—known online as “Meech” or “Danish Zulfiqar”—has likely been detained in Dubai over his role in the massive $243 million Genesis creditor theft. While UAE authorities haven’t confirmed the raid or arrest, ZachXBT’s analysis points to law enforcement action, including a villa bust and seizure of $18.58 million in crypto from wallet 0xb37d6…9f768.
The Genesis Heist: A Social Engineering Masterclass
The saga traces to August 19, 2024, when hackers drained 4,064 BTC—valued at $243 million—from a single Genesis Global Trading creditor’s Gemini-linked wallet. ZachXBT’s September 2024 exposé revealed a coordinated social engineering plot: Attackers, including U.S.-based Malone Lam (“Greavys”), Veer Chetal (“Wiz”), and Jeandiel Serrano (“Box”), impersonated Gemini support to phish credentials and authorize transfers. The FBI arrested Lam and Serrano in September 2024 on conspiracy and money laundering charges, freezing millions, but Danny evaded capture—until now.
Khan’s fingerprints? ZachXBT linked him via Discord logs, IP traces, and fund flows to mixers like Tornado Cash. He’s also implicated in the August 2023 Kroll SIM swap, exposing BlockFi, Genesis, and FTX creditor data—fueling over $300 million in follow-on scams.
Clues Pointing to Custody
ZachXBT spotted red flags: Wallets tied to Danny consolidated 3,670 ETH into one address in a “seizure pattern” he’s seen in prior busts. Contacts went radio silent days before, and sources whispered of a Dubai villa raid netting others. No official word from Dubai Police, but this fits a wave of crypto crackdowns—echoing Thailand’s October 2025 arrest of a $31M Ponzi kingpin ZachXBT exposed.
Ripple Effects on Crypto Security
X erupted with reactions: Hopes for fund recovery, cheers for accountability, and memes dubbing it “karma for the Krolls.” This saga spotlights vulnerabilities in custodial platforms: Social engineering, not code hacks, stole the loot. For users, takeaways include hardware wallets, 2FA vigilance, and avoiding unverified support chats.
ZachXBT’s dogged tracing—spanning months—underscores blockchain’s double edge: Transparent trails empower sleuths and cops alike. If confirmed, Danny’s fall could unlock more recoveries, but extradition hurdles loom for U.S. charges.
In crypto’s wild west, this “likely” bust signals the sheriffs are saddling up. Stay vigilant—your keys, your coins.
