WEBVTT

00:00:00.000 --> 00:00:03.500
OK, so it is February 2026. And if you've been

00:00:03.500 --> 00:00:06.700
anywhere near a financial news feed or honestly

00:00:06.700 --> 00:00:09.099
just scrolling X for five minutes. Yeah. You

00:00:09.099 --> 00:00:11.179
definitely know the vibe. Oh, yeah. The last

00:00:11.179 --> 00:00:13.160
two years in crypto haven't just been, you know,

00:00:13.160 --> 00:00:16.500
volatile. They've been I think exhausting is

00:00:16.500 --> 00:00:18.879
the word. Exhausting is a good word for it. It

00:00:18.879 --> 00:00:20.719
feels like the stakes have just fundamentally

00:00:20.719 --> 00:00:24.399
changed. We've seen Bitcoin break records. Sure.

00:00:24.480 --> 00:00:27.670
But we've also seen this. this dark side of the

00:00:27.670 --> 00:00:31.070
moon just expand in a way that feels, I don't

00:00:31.070 --> 00:00:33.049
know, different. It feels different because it

00:00:33.049 --> 00:00:35.090
is different. We aren't just talking about, you

00:00:35.090 --> 00:00:36.969
know, teenagers buying stuff on the Silk Road

00:00:36.969 --> 00:00:39.109
anymore. That was chapter one. Right. Now we

00:00:39.109 --> 00:00:41.350
are talking about nation states funding nuclear

00:00:41.350 --> 00:00:43.770
programs. We're talking about industrial scale

00:00:43.770 --> 00:00:47.109
fraud factories and digital bank robberies that

00:00:47.109 --> 00:00:49.590
make Ocean's Eleven look like, I don't know,

00:00:49.609 --> 00:00:51.990
a convenience store petty theft. That's exactly

00:00:51.990 --> 00:00:54.170
the tension we need to unpack today. I'm looking

00:00:54.170 --> 00:00:56.740
at this huge stack of... research we have on

00:00:56.740 --> 00:00:59.000
the virtual table here. We've got the latest

00:00:59.000 --> 00:01:02.039
analysis reports, FBI assessments from the last

00:01:02.039 --> 00:01:06.140
24 months, new Europol data on organized crime.

00:01:06.319 --> 00:01:09.400
And when you read through it, you get this crazy

00:01:09.400 --> 00:01:11.900
split screen effect. On one side, you've got

00:01:11.900 --> 00:01:14.239
the tech evangelists still telling you this is

00:01:14.239 --> 00:01:16.280
the future of financial freedom, the unhackable

00:01:16.280 --> 00:01:19.319
ledger, the revolution. And on the other screen,

00:01:19.420 --> 00:01:22.780
you have... regulators and skeptics just screaming

00:01:22.780 --> 00:01:25.459
that it's the currency of crime. And, you know,

00:01:25.480 --> 00:01:27.560
usually the truth is somewhere in the messy middle.

00:01:27.680 --> 00:01:30.180
But what really stands out in this specific data

00:01:30.180 --> 00:01:34.099
set, especially looking at 2024 and 2025, is

00:01:34.099 --> 00:01:36.260
the professionalization of the criminal element.

00:01:36.540 --> 00:01:39.500
Yes. This isn't a hobby anymore for a few coders

00:01:39.500 --> 00:01:42.180
in a basement. It's an industry. It really, really

00:01:42.180 --> 00:01:43.620
is. I was going through those chain analysis

00:01:43.620 --> 00:01:48.299
numbers and the scale is just. It's hard to wrap

00:01:48.299 --> 00:01:51.920
your head around. In 2024 alone, illicit addresses

00:01:51.920 --> 00:01:55.180
received over $40 .9 billion. And they're always

00:01:55.180 --> 00:01:57.200
clear that that's a lower bound estimate. That's

00:01:57.200 --> 00:01:59.079
the floor. That's the floor. That's what they

00:01:59.079 --> 00:02:01.980
can definitively prove. $40 billion slowing through

00:02:01.980 --> 00:02:03.700
the digital underground. That's not a rounding

00:02:03.700 --> 00:02:05.939
error. I mean, that's the GDP of a mid -sized

00:02:05.939 --> 00:02:08.659
European nation just vanishing into the shadow

00:02:08.659 --> 00:02:12.090
economy. And that number, as big as it is, doesn't

00:02:12.090 --> 00:02:14.270
even capture the full psychological toll. We're

00:02:14.270 --> 00:02:16.270
going to talk about the money, obviously. The

00:02:16.270 --> 00:02:19.729
$1 .5 billion Bybit hack. The massive ransomware

00:02:19.729 --> 00:02:23.099
payments. But the mission for this deep dive

00:02:23.099 --> 00:02:25.740
is really to look under the hood. Mechanics.

00:02:26.060 --> 00:02:28.319
Exactly. I don't want to just list off the crimes.

00:02:28.360 --> 00:02:30.219
I want to understand the mechanics. How does

00:02:30.219 --> 00:02:33.120
a North Korean hacker actually trick a billion

00:02:33.120 --> 00:02:36.240
dollar exchange? Or how does a pig butchering

00:02:36.240 --> 00:02:39.460
scam operation in Southeast Asia manage to liquidate

00:02:39.460 --> 00:02:42.919
millions without getting caught? It is so much

00:02:42.919 --> 00:02:45.000
like a heist movie. But the scary part is how

00:02:45.000 --> 00:02:47.419
often the really high tech exploit turns out

00:02:47.419 --> 00:02:51.090
to be just, well, human error. Always. We have

00:02:51.090 --> 00:02:53.530
stories in here about spies, hidden wallets literally

00:02:53.530 --> 00:02:57.069
buried under floorboards, fake romances and code

00:02:57.069 --> 00:02:58.810
that was supposed to be law but ended up being

00:02:58.810 --> 00:03:01.270
a welcome mat for thieves. It's this incredible

00:03:01.270 --> 00:03:03.710
collision of sophisticated digital infrastructure

00:03:03.710 --> 00:03:07.110
and, you know, Stone Age human psychology. That's

00:03:07.110 --> 00:03:08.569
where the sparks fly. That's what the danger

00:03:08.569 --> 00:03:11.949
is. OK, so let's ground this for a second before

00:03:11.949 --> 00:03:15.150
we dive into the really crazy stories. We know

00:03:15.150 --> 00:03:16.990
the listener understands the basics of crypto,

00:03:17.050 --> 00:03:19.229
but let's just quickly recap why it's the tool

00:03:19.229 --> 00:03:21.229
of choice. for this specific breed of criminal.

00:03:21.669 --> 00:03:24.729
If I'm planning a heist, why am I choosing Monero

00:03:24.729 --> 00:03:29.090
or Ether over, say, a suitcase full of non -sequential

00:03:29.090 --> 00:03:31.770
bills? It really comes down to a triad of features

00:03:31.770 --> 00:03:34.389
that are, at the same time, the technology's

00:03:34.389 --> 00:03:37.270
greatest strengths and its most dangerous liabilities.

00:03:37.469 --> 00:03:39.650
Okay. First, and this is the big one, you have

00:03:39.650 --> 00:03:42.610
irreversibility. In the traditional banking world,

00:03:42.810 --> 00:03:45.430
the fiat world, the whole system is designed

00:03:45.430 --> 00:03:48.090
with a safety net. If someone clones your credit

00:03:48.090 --> 00:03:50.210
card and buys a speedboat in Miami. You call

00:03:50.210 --> 00:03:52.650
your bank. You call Chase or Barclays. You dispute

00:03:52.650 --> 00:03:55.629
the charge. And that centralized authority, the

00:03:55.629 --> 00:03:58.169
bank hits undo. Right. It's just a database entry

00:03:58.169 --> 00:04:00.669
they can edit or delete. Precisely. In crypto,

00:04:00.770 --> 00:04:02.650
the blockchain is what we call an append -only

00:04:02.650 --> 00:04:05.189
ledger. Once a transaction is signed with a private

00:04:05.189 --> 00:04:07.650
key and broadcast to the network, then the blocks

00:04:07.650 --> 00:04:10.129
are confirmed. Yeah. That's it. It is etched

00:04:10.129 --> 00:04:13.469
in digital stone. Forever. There is no admin.

00:04:13.650 --> 00:04:16.129
There is no customer support line for the Bitcoin

00:04:16.129 --> 00:04:18.970
network. If you send a million dollars to a scammer

00:04:18.970 --> 00:04:21.189
or if a hacker signs that transaction for you,

00:04:21.250 --> 00:04:23.930
the money is gone. Mathematically, it belongs

00:04:23.930 --> 00:04:27.250
to the new key holder. End of story. Which effectively

00:04:27.250 --> 00:04:29.589
makes it digital cash. You know, if I drop a

00:04:29.589 --> 00:04:31.370
bag of gold bars on the sidewalk and you pick

00:04:31.370 --> 00:04:33.889
them up, possession is nine -tenths of the law.

00:04:34.069 --> 00:04:36.829
In crypto, possession of the private key is ten

00:04:36.829 --> 00:04:39.910
-tenths of the law. Full stop. Exactly. The second

00:04:39.910 --> 00:04:42.319
feature is pseudonymity. And I really want to

00:04:42.319 --> 00:04:44.819
emphasize pseudonymity, not anonymity. This is

00:04:44.819 --> 00:04:47.920
a massive misconception that criminals, especially

00:04:47.920 --> 00:04:52.100
the, let's say, less sophisticated ones. often

00:04:52.100 --> 00:04:54.160
learn the hard way. Yeah, Bitcoin isn't anonymous

00:04:54.160 --> 00:04:56.600
at all. In fact, it's probably the most transparent

00:04:56.600 --> 00:04:58.860
accounting system ever invented. It's a glass

00:04:58.860 --> 00:05:01.800
vault. Yeah. A perfect analogy. You can see every

00:05:01.800 --> 00:05:03.959
single transaction moving from address A to address

00:05:03.959 --> 00:05:06.579
B, but address A isn't labeled John Smith. It's

00:05:06.579 --> 00:05:09.920
labeled 0x7E4 and a long string of characters.

00:05:10.180 --> 00:05:11.800
So it's like writing a book under a pen name.

00:05:12.000 --> 00:05:15.040
Perfect. You don't need your government ID to

00:05:15.040 --> 00:05:17.720
open a wallet, which lowers the barrier to entry

00:05:17.720 --> 00:05:20.980
for criminals. But... And this is the big but.

00:05:21.220 --> 00:05:24.800
If law enforcement can ever link your real world

00:05:24.800 --> 00:05:27.399
identity to that pen name. Maybe you used an

00:05:27.399 --> 00:05:30.120
exchange that has your passport on file. Or you

00:05:30.120 --> 00:05:32.639
paid for a pizza delivery with it 10 years ago.

00:05:32.699 --> 00:05:35.139
Then they can retroactively see everything you've

00:05:35.139 --> 00:05:37.100
ever done on that address. The whole history

00:05:37.100 --> 00:05:39.220
is public. So it's just privacy by obscurity

00:05:39.220 --> 00:05:41.879
until the spotlight hits you. OK. And the third

00:05:41.879 --> 00:05:44.939
factor? Speed and the borderless nature of the

00:05:44.939 --> 00:05:47.879
network. This is the absolute killer app for

00:05:47.879 --> 00:05:50.259
international crime. Think about it. If you want

00:05:50.259 --> 00:05:52.740
to move $50 million from a bank in London to

00:05:52.740 --> 00:05:55.199
a bank in Pyongyang, you have to go through SWIFT.

00:05:55.279 --> 00:05:57.360
And all the correspondent banks and compliance

00:05:57.360 --> 00:06:00.180
officers? Compliance officers asking, hey, why

00:06:00.180 --> 00:06:02.540
are you sending $50 million to a sanctioned regime?

00:06:02.920 --> 00:06:05.740
It takes days. It might get blocked. In crypto,

00:06:05.779 --> 00:06:08.939
you hit send, pay a gas fee. And it's there in,

00:06:09.100 --> 00:06:11.790
what, 12 seconds for Ether? or 10 minutes for

00:06:11.790 --> 00:06:14.769
Bitcoin without a single human being in the middle

00:06:14.769 --> 00:06:17.589
to say no. That lack of censorship, which is

00:06:17.589 --> 00:06:20.149
the libertarian dream, is the regulator's nightmare.

00:06:20.490 --> 00:06:23.550
OK, so we have the motive and the means. Now

00:06:23.550 --> 00:06:25.589
let's get into the method. The research breaks

00:06:25.589 --> 00:06:27.730
this all down into different genres of crime.

00:06:27.829 --> 00:06:29.730
And I want to start with the one that feels the

00:06:29.730 --> 00:06:32.670
most personal to the average user. Section one,

00:06:32.810 --> 00:06:36.379
the art of the con. Fraud and scams. This is

00:06:36.379 --> 00:06:38.259
really where the bulk of the victim count comes

00:06:38.259 --> 00:06:40.459
from. It's not necessarily the hackers breaking

00:06:40.459 --> 00:06:43.709
code, it's the con artists breaking trust. And

00:06:43.709 --> 00:06:45.329
looking back at the history, it seems like we

00:06:45.329 --> 00:06:47.189
go through these huge cycles of this stuff. We

00:06:47.189 --> 00:06:50.329
had the what you could call the golden era of

00:06:50.329 --> 00:06:53.589
Stams back in 2017 with the ICO boom. Oh, the

00:06:53.589 --> 00:06:57.029
ICO mania. I remember this so vividly. You couldn't

00:06:57.029 --> 00:06:59.629
go five minutes without seeing a new coin promising

00:06:59.629 --> 00:07:01.889
to revolutionize, I don't know, dental hygiene

00:07:01.889 --> 00:07:04.569
or banana farming or something. The initial coin

00:07:04.569 --> 00:07:08.490
offering the ICO was the Wild West. There was

00:07:08.490 --> 00:07:11.470
a Citus Group report from back then that was

00:07:11.470 --> 00:07:14.810
just staggering. It estimated nearly 80 % of

00:07:14.810 --> 00:07:17.870
all those projects were outright scams. 80%.

00:07:17.870 --> 00:07:19.889
And the mechanic was almost always the same.

00:07:19.990 --> 00:07:22.269
The rug pull. Which is such a perfectly descriptive

00:07:22.269 --> 00:07:24.529
term. You're standing there all comfortable and

00:07:24.529 --> 00:07:26.470
confident and suddenly the floor is just gone.

00:07:26.730 --> 00:07:29.370
And the setup is so simple. You create a flashy

00:07:29.370 --> 00:07:31.209
website, you write a white paper filled with

00:07:31.209 --> 00:07:34.329
all the right buzzwords, decentralized, synergy,

00:07:34.610 --> 00:07:37.430
paradigm shift. You hire a few influencers on

00:07:37.430 --> 00:07:40.149
YouTube and Twitter to hype it up. This is the

00:07:40.149 --> 00:07:43.129
next Bitcoin, they say. Don't miss the moon mission.

00:07:43.410 --> 00:07:46.069
And people get FOMO. They get scared of missing

00:07:46.069 --> 00:07:48.050
out, so they pour in their Ethereum or their

00:07:48.050 --> 00:07:50.850
Bitcoin to buy these new shiny tokens. And all

00:07:50.850 --> 00:07:53.110
the while, the developers are the ones who control

00:07:53.110 --> 00:07:55.540
the liquidity pool. That's the key. Once that

00:07:55.540 --> 00:07:57.920
pot gets big enough, the developers dump all

00:07:57.920 --> 00:07:59.879
of their tokens on the market. They withdraw

00:07:59.879 --> 00:08:02.620
all the real liquidity, the actual valuable assets

00:08:02.620 --> 00:08:06.019
like ETH or BTC, and they vanish. The website

00:08:06.019 --> 00:08:09.300
goes 404. The Telegram group gets deleted. The

00:08:09.300 --> 00:08:12.019
token price instantly goes to zero. Rug pulled.

00:08:12.279 --> 00:08:14.680
We have a case study here from the notes that

00:08:14.680 --> 00:08:19.720
is just audacious. Modern tech. In Vietnam, the

00:08:19.720 --> 00:08:23.040
PinCoin and iFan scandal. Oh, this one hurts

00:08:23.040 --> 00:08:25.560
to read about because the promise was so obviously

00:08:25.560 --> 00:08:29.560
transparently fraudulent, and yet it worked on

00:08:29.560 --> 00:08:32.059
a massive scale. What were they promising? They

00:08:32.059 --> 00:08:35.620
were promising monthly returns of 48%. 48 % a

00:08:35.620 --> 00:08:39.080
month. That's nearly 600 % a year. If anyone

00:08:39.080 --> 00:08:40.899
offers you that, you don't even need to do due

00:08:40.899 --> 00:08:43.639
diligence. You just run. You'd think so. But

00:08:43.639 --> 00:08:46.980
greed is a powerful drug. It blinds people. They

00:08:46.980 --> 00:08:49.179
see their neighbor making money, or at least

00:08:49.179 --> 00:08:51.379
they see a number going up on a screen, and they

00:08:51.379 --> 00:08:55.419
jump in. Modern tech raised $660 million. From

00:08:55.419 --> 00:08:58.320
how many people? 32 ,000 investors. And they

00:08:58.320 --> 00:09:00.799
put on a show. They held these huge gala events

00:09:00.799 --> 00:09:05.200
with fireworks, champagne. It looked like a legitimate

00:09:05.200 --> 00:09:08.139
thriving empire. Until it wasn't. Until the founders

00:09:08.139 --> 00:09:10.059
packed their bags and ghosted with two thirds

00:09:10.059 --> 00:09:12.360
of a billion dollars. Wow. And, you know, we

00:09:12.360 --> 00:09:14.200
can't talk about this era without mentioning

00:09:14.200 --> 00:09:16.659
BitConnect. Of course. It's basically a meme

00:09:16.659 --> 00:09:19.820
now. Everyone knows the hey, hey, hey. guy screaming

00:09:19.820 --> 00:09:22.820
on stage. But underneath that meme, it was just

00:09:22.820 --> 00:09:25.879
devastating financial ruin for thousands and

00:09:25.879 --> 00:09:28.700
thousands of people. BitConnect was the archetypal

00:09:28.700 --> 00:09:31.159
Ponzi scheme. They reached a market cap of $3

00:09:31.159 --> 00:09:35.139
.4 billion. Think about that for a second. A

00:09:35.139 --> 00:09:38.399
completely fake project worth more than many

00:09:38.399 --> 00:09:41.580
legitimate S &amp;P 500 companies at the time. And

00:09:41.580 --> 00:09:43.840
what was their pitch? What was the lie? Their

00:09:43.840 --> 00:09:46.139
pitch was that they had a proprietary trading

00:09:46.139 --> 00:09:49.210
bot. You lend them your Bitcoin, the bot trades

00:09:49.210 --> 00:09:51.669
the market's volatility, and it pays you a consistent

00:09:51.669 --> 00:09:55.460
1 % a day. Spoiler alert. There was no bot. There

00:09:55.460 --> 00:09:57.299
was never a bot. It was never about a bot. They

00:09:57.299 --> 00:09:59.620
were just taking money from new investors to

00:09:59.620 --> 00:10:02.279
pay the interest to the old investors. It's the

00:10:02.279 --> 00:10:05.100
classic Bernie Madoff structure, just accelerated

00:10:05.100 --> 00:10:07.240
by the speed and reach of the blockchain. So

00:10:07.240 --> 00:10:09.740
those are the big wide net financial frauds.

00:10:09.740 --> 00:10:11.840
But the research really highlights a shift in

00:10:11.840 --> 00:10:13.960
the last few years to something much more targeted

00:10:13.960 --> 00:10:16.639
and frankly, much darker. Pig butchering. Pig

00:10:16.639 --> 00:10:19.379
butchering. The name alone just makes my skin

00:10:19.379 --> 00:10:22.019
crawl. It should. It's a direct translation from

00:10:22.019 --> 00:10:26.120
the Chinese term Sha Zupan. The metaphor is gruesome

00:10:26.120 --> 00:10:29.360
for a reason. You take a pig, you feed it, you

00:10:29.360 --> 00:10:32.200
groom it, you fatten it up, and then you slaughter

00:10:32.200 --> 00:10:34.919
it. And in this analogy, the pig is the victim

00:10:34.919 --> 00:10:37.720
and the fattening is a completely fabricated

00:10:37.720 --> 00:10:40.220
romance. This is where crypto crime intersects

00:10:40.220 --> 00:10:43.139
with modern slavery and human trafficking. Unlike

00:10:43.139 --> 00:10:46.460
the ICO scams, which just cast a wide net, pig

00:10:46.460 --> 00:10:49.519
butchering is sniper focused. How does it usually

00:10:49.519 --> 00:10:52.179
start? It often starts with a simple wrong number

00:10:52.179 --> 00:10:54.440
text or a match on a dating app. Oh, sorry, I

00:10:54.440 --> 00:10:56.139
thought this was my yoga teacher's number. You

00:10:56.139 --> 00:10:58.720
reply, no, wrong number. And they say, oh, well,

00:10:58.779 --> 00:11:01.080
you seem nice, though. Let's chat. And they don't

00:11:01.080 --> 00:11:03.539
ask for money. Not at first. That's the key.

00:11:03.720 --> 00:11:05.700
No, no, that's the amateur move. Yeah. These

00:11:05.700 --> 00:11:07.539
people are professionals. They will talk to you

00:11:07.539 --> 00:11:10.139
for weeks, sometimes months. They build a relationship.

00:11:10.460 --> 00:11:13.159
They simulate a real emotional connection. They

00:11:13.159 --> 00:11:16.220
send voice notes, photos. Often stolen or...

00:11:16.480 --> 00:11:19.379
these days, generated by AI. They talk about

00:11:19.379 --> 00:11:22.919
their life, their dreams, and then just casually,

00:11:23.059 --> 00:11:25.379
so casually, they'll mention how well they're

00:11:25.379 --> 00:11:27.720
doing with their investments. Oh, I just bought

00:11:27.720 --> 00:11:30.659
a new car thanks to this amazing liquidity mining

00:11:30.659 --> 00:11:33.840
node I'm in. Exactly that. And eventually, the

00:11:33.840 --> 00:11:36.500
victim asks how it works. The scammer says, oh,

00:11:36.559 --> 00:11:39.139
it's easy. I can show you. They direct the victim

00:11:39.139 --> 00:11:42.240
to a website that looks completely indistinguishable

00:11:42.240 --> 00:11:45.629
from a real exchange. It has charts, Tickers,

00:11:45.889 --> 00:11:48.929
customer support chatbots, the works. And they

00:11:48.929 --> 00:11:51.289
encourage the victim to start small. Always.

00:11:51.669 --> 00:11:54.090
Just put in a little money, they say. Maybe $1

00:11:54.090 --> 00:11:56.649
,000. And the victim does. And they let them

00:11:56.649 --> 00:11:59.389
win. They rig the numbers. The screen shows a

00:11:59.389 --> 00:12:02.009
profit. They even let the victim withdraw, say,

00:12:02.090 --> 00:12:04.490
$200 or $500 back to their bank account. And

00:12:04.490 --> 00:12:06.509
that's the hook. That's the moment the trap is

00:12:06.509 --> 00:12:08.789
set. That is the hook. The victim thinks, it's

00:12:08.789 --> 00:12:11.690
real. I got money out. This person really cares

00:12:11.690 --> 00:12:15.019
about me. And then they go all in. Life savings,

00:12:15.259 --> 00:12:17.519
retirement funds, they take out second mortgages.

00:12:17.720 --> 00:12:19.399
And that's the slaughter. That's the slaughter.

00:12:19.620 --> 00:12:21.940
When they try to withdraw the big amount, the

00:12:21.940 --> 00:12:25.860
trap slams shut. The site suddenly says, account

00:12:25.860 --> 00:12:28.500
frozen due to suspicious activity. You must pay

00:12:28.500 --> 00:12:31.100
a 20 % tax to unlock it. So they're bleeding

00:12:31.100 --> 00:12:33.980
them even more. They bleed them dry. Desperate.

00:12:33.980 --> 00:12:36.480
The victim pays the tax. Then it's a security

00:12:36.480 --> 00:12:39.059
deposit. Then it's an expedited withdrawal fee.

00:12:39.220 --> 00:12:41.879
They keep going until there is absolutely nothing

00:12:41.879 --> 00:12:44.639
left. But the twist here, and this is why you

00:12:44.639 --> 00:12:46.519
mentioned human trafficking, is that the person

00:12:46.519 --> 00:12:49.240
on the other end of that text message often isn't

00:12:49.240 --> 00:12:52.019
the mastermind. They're a victim too. That's

00:12:52.019 --> 00:12:54.019
the most horrific part of it. We call them fraud

00:12:54.019 --> 00:12:57.309
factories. There are these massive guarded compounds

00:12:57.309 --> 00:13:00.909
in places like Myanmar, Cambodia and Laos. People

00:13:00.909 --> 00:13:03.250
are lured there with legitimate job offers for

00:13:03.250 --> 00:13:05.450
call centers or casinos. And when they arrive,

00:13:05.610 --> 00:13:07.669
their passports are taken and they are forced

00:13:07.669 --> 00:13:10.090
to run these scams under the threat of extreme

00:13:10.090 --> 00:13:12.570
physical violence. So when you're interacting

00:13:12.570 --> 00:13:15.330
with a pig butchering scammer, you are often

00:13:15.330 --> 00:13:18.190
talking to a victim of modern slavery who is

00:13:18.190 --> 00:13:20.980
victimizing you just to survive. It's a tragedy

00:13:20.980 --> 00:13:22.740
on both sides of the screen. It really changes

00:13:22.740 --> 00:13:26.120
the calculus from just a greedy criminal to something

00:13:26.120 --> 00:13:29.639
far more systemic and, frankly, horrific. Yeah,

00:13:29.700 --> 00:13:31.539
it creates a moral complexity that I imagine

00:13:31.539 --> 00:13:33.460
law enforcement really struggles to deal with.

00:13:33.620 --> 00:13:36.039
Okay, let's pivot to something slightly less

00:13:36.039 --> 00:13:40.299
heavy but equally pervasive. The giveaway scam.

00:13:40.700 --> 00:13:42.620
This feels like the cockroach of the internet.

00:13:42.779 --> 00:13:44.539
It just survives everything. It really does.

00:13:44.679 --> 00:13:47.100
The classic, send me one ETH, I'll send you two

00:13:47.100 --> 00:13:50.309
ETH back. It seems so obvious. But it relies

00:13:50.309 --> 00:13:52.490
on the suspension of disbelief that's triggered

00:13:52.490 --> 00:13:55.429
by authority. If a random account tweets that,

00:13:55.570 --> 00:13:58.549
you block them. But what if Elon Musk tweets

00:13:58.549 --> 00:14:01.110
it? Or what if Apple's official account tweets

00:14:01.110 --> 00:14:04.289
it? The 2020 Twitter hack. That was such a wild

00:14:04.289 --> 00:14:06.850
day. I remember just refreshing my feed and seeing

00:14:06.850 --> 00:14:11.029
Obama, Biden, Bill Gates and Kanye West all tweeting

00:14:11.029 --> 00:14:13.629
about a Bitcoin giveaway at the exact same time.

00:14:13.769 --> 00:14:15.909
That was a massive, massive failure of centralized

00:14:15.909 --> 00:14:18.110
security. The hackers didn't break Bitcoin. They

00:14:18.110 --> 00:14:20.529
break Twitter. They used social engineering to

00:14:20.529 --> 00:14:22.629
get access to Twitter's internal administrative

00:14:22.629 --> 00:14:25.970
tools. And from there, they hijacked 130 high

00:14:25.970 --> 00:14:28.289
profile accounts. And the scam itself was so

00:14:28.289 --> 00:14:30.830
dumb. I'm feeling generous. I'm doubling all

00:14:30.830 --> 00:14:33.129
payments sent to my address for the next 30 minutes.

00:14:33.429 --> 00:14:36.429
It's dumb to us because we're looking at it with

00:14:36.429 --> 00:14:39.429
a cool head. But in the moment, with that blue

00:14:39.429 --> 00:14:41.470
checkmark, back when the blue checkmark actually

00:14:41.470 --> 00:14:44.169
meant identity verification, people panicked.

00:14:44.169 --> 00:14:47.330
They thought, this is it. My chance. How much

00:14:47.330 --> 00:14:50.139
did they actually get? They raked in about $110

00:14:50.139 --> 00:14:54.539
,000 in just a few minutes, which honestly feels

00:14:54.539 --> 00:14:57.240
low for hacking the president's account. It could

00:14:57.240 --> 00:15:00.120
have been so much worse. So much worse. But the

00:15:00.120 --> 00:15:02.139
modern version of this is even more insidious

00:15:02.139 --> 00:15:04.860
because it uses deepfakes. We've seen this plague

00:15:04.860 --> 00:15:07.539
YouTube. They'll take an old interview of Steve

00:15:07.539 --> 00:15:09.960
Wozniak or Michael Saylor, and they'll use AI

00:15:09.960 --> 00:15:12.899
to loop it or alter the audio so it sounds like

00:15:12.899 --> 00:15:15.340
they're promoting a new giveaway live on stream.

00:15:15.710 --> 00:15:18.070
I remember Wozniak actually sued YouTube over

00:15:18.070 --> 00:15:20.049
this. He was furious because they just couldn't

00:15:20.049 --> 00:15:22.090
take the streams down fast enough. His reputation

00:15:22.090 --> 00:15:24.389
was being used to rob people in real time. And

00:15:24.389 --> 00:15:26.850
it gets even more targeted. Look at this example

00:15:26.850 --> 00:15:30.049
from the notes. The 2025 Trump -Vance inauguration

00:15:30.049 --> 00:15:33.309
scam. This wasn't a broad public broadcast. This

00:15:33.309 --> 00:15:35.710
was a spear phishing attack. Right. They impersonated

00:15:35.710 --> 00:15:38.289
Steve Witkoff, the real estate guy. Exactly.

00:15:39.129 --> 00:15:41.470
Witkoff is a well -known real estate mogul and

00:15:41.470 --> 00:15:45.230
a close ally of Donald Trump. The scammers spoofed

00:15:45.230 --> 00:15:47.289
an email domain that looked almost identical

00:15:47.289 --> 00:15:50.269
to his real business. They reached out to a specific

00:15:50.269 --> 00:15:53.129
political donor and said, we need a last minute

00:15:53.129 --> 00:15:55.649
contribution for the inauguration committee and

00:15:55.649 --> 00:15:58.370
we need it in crypto for speed. And the donor,

00:15:58.490 --> 00:16:01.230
trusting the source, just sent it. Transferred

00:16:01.230 --> 00:16:05.850
$250 ,000 in USDT. The FBI actually managed to

00:16:05.850 --> 00:16:07.950
work with Tether to freeze about $40 ,000 of

00:16:07.950 --> 00:16:10.299
it, but the rest was gone. Wash through mixers

00:16:10.299 --> 00:16:12.879
in minutes. It just goes to show that whether

00:16:12.879 --> 00:16:15.840
you're a grandmother on Facebook or a high roller

00:16:15.840 --> 00:16:18.259
political donor, the vulnerability is the same.

00:16:18.580 --> 00:16:20.759
Trust. OK, so let's move on from the con where

00:16:20.759 --> 00:16:22.600
they trick you into giving them the money to

00:16:22.600 --> 00:16:24.559
the heist where they just kick the door down.

00:16:24.639 --> 00:16:26.539
This is section two, the exchange hacks, the

00:16:26.539 --> 00:16:29.019
infrastructure exploits, the bank robberies of

00:16:29.019 --> 00:16:31.299
the digital age. And you have to start by paying

00:16:31.299 --> 00:16:34.299
homage to the original disaster, Mount Gox. If

00:16:34.299 --> 00:16:37.059
you were around in crypto in 2013, 2014, this

00:16:37.059 --> 00:16:39.379
was the event. It was the Cambrian explosion

00:16:39.379 --> 00:16:42.980
and the extinction event all at once. Mt. Gox

00:16:42.980 --> 00:16:46.279
handled something like 70 % of all Bitcoin transactions

00:16:46.279 --> 00:16:48.759
at one point. It was the center of the universe.

00:16:49.059 --> 00:16:51.179
And the hack itself wasn't a one -time smash

00:16:51.179 --> 00:16:53.980
and grab, right? It was a slow bleed over years.

00:16:54.379 --> 00:16:56.820
That's what was so crazy. Hackers had access

00:16:56.820 --> 00:17:00.340
to the exchange's hot wallet for years. By the

00:17:00.340 --> 00:17:02.360
time the exchange finally collapsed and filed

00:17:02.360 --> 00:17:05.900
for bankruptcy, 850 ,000 Bitcoin were missing.

00:17:06.400 --> 00:17:10.039
850 ,000 Bitcoin at today's prices. I mean, don't

00:17:10.039 --> 00:17:11.920
even do the math. It's just... too depressing.

00:17:12.059 --> 00:17:13.740
It's hundreds of billions of dollars. It was

00:17:13.740 --> 00:17:16.480
the event that birthed the mantra we all know

00:17:16.480 --> 00:17:19.420
now, not your keys, not your coins. It taught

00:17:19.420 --> 00:17:21.920
an entire generation of users that a centralized

00:17:21.920 --> 00:17:24.920
exchange is just a bank, but with much, much

00:17:24.920 --> 00:17:27.259
worse insurance. But you'd think we would have

00:17:27.259 --> 00:17:28.740
learned from that. Yeah, here we are looking

00:17:28.740 --> 00:17:31.480
at the notes for February 2025 last year, the

00:17:31.480 --> 00:17:36.099
Bybit heist, $1 .5 billion in Ether stolen. How

00:17:36.099 --> 00:17:38.700
does that happen 10 years after Mt. Gox? Are

00:17:38.700 --> 00:17:41.430
security teams just sleeping? No, not at all.

00:17:41.490 --> 00:17:44.589
The security is exponentially better, but the

00:17:44.589 --> 00:17:46.430
attackers are exponentially more sophisticated.

00:17:47.150 --> 00:17:49.730
The Bybit attack has been attributed with high

00:17:49.730 --> 00:17:52.029
confidence to the Lazarus Group. Which means

00:17:52.029 --> 00:17:55.329
North Korea. Yes. And we need to pause on this

00:17:55.329 --> 00:17:57.369
for a second because it's a crucial geopolitical

00:17:57.369 --> 00:18:00.589
point. For North Korea, crypto theft isn't just

00:18:00.589 --> 00:18:04.029
crime, it's foreign policy. It's a revenue stream.

00:18:04.210 --> 00:18:06.410
It's a primary revenue stream for the state.

00:18:06.759 --> 00:18:09.119
They use it to fund their missile program and

00:18:09.119 --> 00:18:11.819
to evade crushing international sanctions. They

00:18:11.819 --> 00:18:14.140
have a literal army of state -trained hackers

00:18:14.140 --> 00:18:16.480
who do nothing all day but look for vulnerabilities

00:18:16.480 --> 00:18:19.380
in Western and Asian financial infrastructure.

00:18:19.700 --> 00:18:22.920
How did they do it? How did they hit Bybit? It

00:18:22.920 --> 00:18:25.119
wasn't a simple password guess or anything like

00:18:25.119 --> 00:18:27.880
that. They exploited a very subtle discrepancy

00:18:27.880 --> 00:18:30.839
in the exchange's hot wallet management system.

00:18:31.200 --> 00:18:33.519
A hot wallet, as you know, is connected to the

00:18:33.519 --> 00:18:35.579
internet for quick withdrawals. Right, as opposed

00:18:35.579 --> 00:18:37.920
to a cool wallet, which is offline. Exactly.

00:18:38.359 --> 00:18:41.160
The hackers found a way to manipulate the internal

00:18:41.160 --> 00:18:44.220
ledger of the exchange versus the actual blockchain

00:18:44.220 --> 00:18:47.519
execution. They effectively tricked the system

00:18:47.519 --> 00:18:49.880
into processing the same large withdrawal request

00:18:49.880 --> 00:18:53.180
multiple times across different transaction batches

00:18:53.180 --> 00:18:55.819
before the internal balance had a chance to update.

00:18:56.019 --> 00:18:58.500
A kind of race condition. A very, very complex

00:18:58.500 --> 00:19:01.269
and well -timed race condition. By the time the

00:19:01.269 --> 00:19:04.609
automated alarms finally triggered, $1 .5 billion

00:19:04.609 --> 00:19:07.809
had been siphoned out to thousands of newly created,

00:19:07.950 --> 00:19:10.809
unidentified addresses. And it's not always pure

00:19:10.809 --> 00:19:14.250
code exploits either. The DMM Bitcoin hack in

00:19:14.250 --> 00:19:17.880
2024, $300 million lost. That was pure social

00:19:17.880 --> 00:19:20.160
engineering again, but corporate style. That

00:19:20.160 --> 00:19:22.680
one was just brutal. The hackers posed as recruiters

00:19:22.680 --> 00:19:25.000
on LinkedIn. They targeted specific engineers

00:19:25.000 --> 00:19:27.339
working at DMM. They went through a weeks -long,

00:19:27.400 --> 00:19:30.099
totally convincing interview process, built a

00:19:30.099 --> 00:19:32.440
rapport, and then for the final stage, they sent

00:19:32.440 --> 00:19:34.299
a coding challenge for the engineer to complete.

00:19:34.480 --> 00:19:36.200
Just download this file and solve the puzzle.

00:19:36.460 --> 00:19:39.740
And the file was malware. The moment the engineer

00:19:39.740 --> 00:19:42.299
ran it on their work laptop, the hackers had

00:19:42.299 --> 00:19:44.900
a backdoor into the exchange's internal network.

00:19:45.480 --> 00:19:48.059
From there, they pivoted to the key management

00:19:48.059 --> 00:19:50.720
server and systematically drained the wallets.

00:19:50.819 --> 00:19:53.819
That's terrifying because it weaponizes ambition.

00:19:54.259 --> 00:19:58.000
It exploits the very normal human desire to get

00:19:58.000 --> 00:20:00.660
a better job. State -sponsored actors are just

00:20:00.660 --> 00:20:02.519
playing a different game. And sometimes it's

00:20:02.519 --> 00:20:04.619
not even about the money. Look at the predatory

00:20:04.619 --> 00:20:08.279
sparrow incident in 2025. This was the Iran -Israel

00:20:08.279 --> 00:20:10.880
cyber warfare component that we saw flare up.

00:20:10.960 --> 00:20:13.500
Exactly. During that heightened conflict, a hacking

00:20:13.500 --> 00:20:16.170
group linked to Israel. known as Predatory Sparrow

00:20:16.170 --> 00:20:18.930
targeted Nobitex, which is Iran's largest crypto

00:20:18.930 --> 00:20:22.410
exchange. They drained $90 million. But the goal

00:20:22.410 --> 00:20:24.769
there arguably wasn't just theft. It was economic

00:20:24.769 --> 00:20:27.069
disruption. It was about causing panic in the

00:20:27.069 --> 00:20:29.150
Iranian financial sector. It turns the blockchain

00:20:29.150 --> 00:20:31.349
into just another battlefield. Literally. Now,

00:20:31.430 --> 00:20:33.750
we also need to talk about DeFi decentralized

00:20:33.750 --> 00:20:36.529
finance. This is where that code is law philosophy

00:20:36.529 --> 00:20:39.529
really gets stress tested. And the biggest single

00:20:39.529 --> 00:20:41.529
point of failure seems to be these things called

00:20:41.529 --> 00:20:44.390
bridges. Bridges are the choke points of the

00:20:44.390 --> 00:20:48.019
multi -chain world. To understand why, you have

00:20:48.019 --> 00:20:50.940
to picture blockchains like Bitcoin and Ethereum

00:20:50.940 --> 00:20:53.880
as separate islands. They don't speak the same

00:20:53.880 --> 00:20:56.279
language. They can't interact directly. So if

00:20:56.279 --> 00:20:58.440
you want to move gold from Bitcoin Island to

00:20:58.440 --> 00:21:00.500
Ethereum Island, you can't just throw it across

00:21:00.500 --> 00:21:03.559
the ocean. Right. You need a ferry, a bridge.

00:21:04.019 --> 00:21:07.109
You give your Bitcoin to a bridge protocol. The

00:21:07.109 --> 00:21:09.809
protocol locks your Bitcoin in a vault on the

00:21:09.809 --> 00:21:12.170
Bitcoin island, and then it issues you a receipt,

00:21:12.309 --> 00:21:14.970
a wrapped Bitcoin or WBTC on the Ethereum island.

00:21:15.089 --> 00:21:17.069
So the bridge itself is holding all the real

00:21:17.069 --> 00:21:19.769
underlying assets in one big pile. And that's

00:21:19.769 --> 00:21:23.269
the problem. It's a massive honeypot, a huge,

00:21:23.289 --> 00:21:26.109
tempting target. If a hacker can find a single

00:21:26.109 --> 00:21:28.390
bug in a smart contract that governs that vault,

00:21:28.529 --> 00:21:30.849
they can unlock everything. And that's exactly

00:21:30.849 --> 00:21:32.849
what happened with Poly Network, which lost $611

00:21:32.849 --> 00:21:35.309
million. And Wormhole. Wormhole, which lost over

00:21:35.309 --> 00:21:37.609
$300 million. That's a recurring nightmare. The

00:21:37.609 --> 00:21:40.730
Quibbit Finance one is almost darkly funny. Quibbit

00:21:40.730 --> 00:21:44.470
was a tragedy of pure logic. The hacker exploited

00:21:44.470 --> 00:21:46.809
a function in the bridge code that had a flaw.

00:21:47.369 --> 00:21:49.869
They realized that if they told the contract

00:21:49.869 --> 00:21:53.309
they wanted to deposit zero ETH, the code didn't

00:21:53.309 --> 00:21:55.029
reject it properly. We didn't have a check for

00:21:55.029 --> 00:21:58.599
zero. No. Instead, through this logic flaw, it

00:21:58.599 --> 00:22:01.460
accepted the zero deposit and credited them as

00:22:01.460 --> 00:22:03.660
if they had deposited millions of dollars. So

00:22:03.660 --> 00:22:06.000
they deposited literally nothing and the computer

00:22:06.000 --> 00:22:08.119
said, OK, cool, here's 80 million dollars in

00:22:08.119 --> 00:22:11.240
credit for you. And they then borrowed real assets

00:22:11.240 --> 00:22:13.720
against that completely fake collateral and just

00:22:13.720 --> 00:22:16.259
walked away. It perfectly highlights the risk

00:22:16.259 --> 00:22:20.329
of pure DeFi. There is no human backstop. If

00:22:20.329 --> 00:22:22.170
the code allows it, the blockchain will execute

00:22:22.170 --> 00:22:24.269
it, no matter how absurd the outcome. Before

00:22:24.269 --> 00:22:26.589
we leave this heist section, I have to ask about

00:22:26.589 --> 00:22:28.349
the attacks that hit the little guy. We've talked

00:22:28.349 --> 00:22:30.509
about these huge exchanges, but what about wallet

00:22:30.509 --> 00:22:33.109
drainers? I feel like I see people on Twitter

00:22:33.109 --> 00:22:34.970
crying about this every single day. I clicked

00:22:34.970 --> 00:22:37.269
a link and my apes are gone. This is probably

00:22:37.269 --> 00:22:39.529
the most prevalent threat for the average user

00:22:39.529 --> 00:22:43.549
right now. A drainer is a malicious smart contract.

00:22:44.000 --> 00:22:46.420
You're browsing and you see a site promising

00:22:46.420 --> 00:22:50.579
a free NFT mint or a special airdrop claim. You

00:22:50.579 --> 00:22:52.640
connect your wallet because you want the free

00:22:52.640 --> 00:22:55.140
thing. And a transaction pops up in your MetaMask

00:22:55.140 --> 00:22:57.380
or your fandom wallet asking for approval. Right.

00:22:57.460 --> 00:23:00.720
And nobody, and I mean nobody, reads the code

00:23:00.720 --> 00:23:04.619
in that pop -up. It's just gibberish to 99 .9

00:23:04.619 --> 00:23:06.759
% of people. It looks like every other transaction.

00:23:07.200 --> 00:23:09.059
Exactly. But it's usually calling a function

00:23:09.059 --> 00:23:11.789
like set approval for all. If you click confirm

00:23:11.789 --> 00:23:15.170
on that, you are not receiving a free NFT. You

00:23:15.170 --> 00:23:17.890
are legally, according to the code, granting

00:23:17.890 --> 00:23:20.490
the attacker's wallet permission to move all

00:23:20.490 --> 00:23:23.049
of your tokens, all your NFTs, all your coins.

00:23:23.250 --> 00:23:24.950
It's like handing someone the keys to your house

00:23:24.950 --> 00:23:27.029
and signing over the deed, all because you thought

00:23:27.029 --> 00:23:28.690
you were just signing for a package delivery.

00:23:29.109 --> 00:23:31.829
That's a perfect analogy. One click, one signature,

00:23:31.950 --> 00:23:34.549
and your wallet is empty seconds later. And what

00:23:34.549 --> 00:23:37.289
about clipboard hijacking? This one makes me

00:23:37.289 --> 00:23:39.910
paranoid every single time I copy paste an address.

00:23:40.460 --> 00:23:43.559
It should. It's a very sneaky piece of malware.

00:23:43.819 --> 00:23:46.640
It infects your PC, and it just watches your

00:23:46.640 --> 00:23:48.859
clipboard in the background. It's programmed

00:23:48.859 --> 00:23:51.180
to know what a crypto address looks like, that

00:23:51.180 --> 00:23:53.859
long string of characters starting with 0x or

00:23:53.859 --> 00:23:57.809
BC1. So when I copy my friend's address to send

00:23:57.809 --> 00:24:00.230
them some money, the malware detects it instantly

00:24:00.230 --> 00:24:02.869
and swaps it in the clipboard with the hacker's

00:24:02.869 --> 00:24:04.869
address. So I hit copy on my friend's address,

00:24:04.990 --> 00:24:07.269
but when I hit paste into my wallet, a completely

00:24:07.269 --> 00:24:09.609
different address appears. And because they all

00:24:09.609 --> 00:24:12.029
look like random alphanumeric soup, most people

00:24:12.029 --> 00:24:15.099
don't notice the change. They hit send. and the

00:24:15.099 --> 00:24:17.700
money is gone forever. So the only defense is

00:24:17.700 --> 00:24:20.299
to be vigilant. Always. Always check the first

00:24:20.299 --> 00:24:22.259
four and the last four characters of the address

00:24:22.259 --> 00:24:24.539
after you paste. It's the only way to be sure.

00:24:24.740 --> 00:24:26.900
Okay, so the money is stolen. The hacker has

00:24:26.900 --> 00:24:29.119
the $100 million. But now they have a new problem.

00:24:29.759 --> 00:24:31.640
Everyone can see the money. It's sitting there

00:24:31.640 --> 00:24:34.059
on the public ledger. Which brings us to section

00:24:34.059 --> 00:24:38.900
three, the shadow economy. How do they wash it?

00:24:39.099 --> 00:24:41.440
How do they make it clean? This is the critical

00:24:41.440 --> 00:24:44.990
wash cycle. You have dirty crypto coins that

00:24:44.990 --> 00:24:47.849
are tagged by blockchain analytics firms like

00:24:47.849 --> 00:24:51.150
Chainalysis as stolen. If you try to send those

00:24:51.150 --> 00:24:54.589
coins directly to a major exchange like Coinbase

00:24:54.589 --> 00:24:57.349
or Binance to cash out, their systems will flag

00:24:57.349 --> 00:25:00.009
it instantly. The exchange will freeze the funds

00:25:00.009 --> 00:25:01.730
because their compliance systems know they're

00:25:01.730 --> 00:25:04.930
stolen property. So you need to break the chain

00:25:04.930 --> 00:25:07.049
of custody. You need to obfuscate the history.

00:25:07.190 --> 00:25:09.930
And the primary tool for this historically has

00:25:09.930 --> 00:25:12.980
been mixers or tumblers. Tornado Cash was the

00:25:12.980 --> 00:25:15.079
most famous and effective one. How does a mixer

00:25:15.079 --> 00:25:18.240
actually work mechanically? Imagine a giant digital

00:25:18.240 --> 00:25:21.220
pot. I put in my one dirty Bitcoin. You put in

00:25:21.220 --> 00:25:23.660
your one clean Bitcoin. A thousand other people,

00:25:23.759 --> 00:25:26.039
some with clean coins, some with dirty, all put

00:25:26.039 --> 00:25:28.799
their Bitcoin into this pot. The protocol uses

00:25:28.799 --> 00:25:31.319
cryptography to mix them all up. And then it

00:25:31.319 --> 00:25:34.059
allows us to withdraw one Bitcoin each to fresh,

00:25:34.160 --> 00:25:37.500
new, unconnected wallets. So my withdrawal can't

00:25:37.500 --> 00:25:39.799
be deterministically linked back to my specific

00:25:39.799 --> 00:25:42.599
deposit. That's the idea. It breaks that on -chain

00:25:42.599 --> 00:25:45.640
link. But law enforcement has gotten very good

00:25:45.640 --> 00:25:48.220
at analyzing the statistical probabilities of

00:25:48.220 --> 00:25:50.460
these flows, and they've started sanctioning

00:25:50.460 --> 00:25:52.819
the mixers themselves, making them radioactive.

00:25:52.960 --> 00:25:55.180
So criminals have moved to chain hopping. Which

00:25:55.180 --> 00:25:58.400
is just jumping from Bitcoin to Ethereum to Monero

00:25:58.400 --> 00:26:00.539
and so on. Exactly. They use those bridges we

00:26:00.539 --> 00:26:03.799
talked about. They swap BTC for ETH on a decentralized

00:26:03.799 --> 00:26:06.400
exchange. Then they bridge the ETH to another

00:26:06.400 --> 00:26:09.630
chain, swap it for Monero. which is a privacy

00:26:09.630 --> 00:26:12.269
coin with its own built -in obfuscation, then

00:26:12.269 --> 00:26:14.710
swap the Monero for a stable coin like USDT.

00:26:14.910 --> 00:26:16.609
It's like a getaway car. It's like a technique

00:26:16.609 --> 00:26:18.450
to getaway car, painting it a different color,

00:26:18.549 --> 00:26:20.190
swapping the license plates, then trading it

00:26:20.190 --> 00:26:21.910
for a boat, then trading the boat for a private

00:26:21.910 --> 00:26:24.990
plane. Each hop makes the trail exponentially

00:26:24.990 --> 00:26:27.769
harder to follow. And the notes mention NFTs

00:26:27.769 --> 00:26:30.990
as laundromats. This is fascinating to me, this

00:26:30.990 --> 00:26:33.430
idea of wash trading. The high -end art world

00:26:33.430 --> 00:26:35.269
has always been a haven for money laundering

00:26:35.269 --> 00:26:37.869
because value is completely subjective. Why is

00:26:37.869 --> 00:26:39.990
this Jackson Pollock painting worth $100 million?

00:26:40.750 --> 00:26:42.809
Because someone was willing to pay that for it.

00:26:43.230 --> 00:26:46.170
NFTs are the same, but on steroids. So walk me

00:26:46.170 --> 00:26:48.250
through it. If I'm a hacker with a million dollars

00:26:48.250 --> 00:26:51.589
in stolen ether. You create a really dumb NFT,

00:26:51.910 --> 00:26:54.450
a picture of a rock, let's say. You list it for

00:26:54.450 --> 00:26:57.069
sale. Then you use a completely different wallet,

00:26:57.190 --> 00:26:59.410
the one that holds your stolen funds, to buy

00:26:59.410 --> 00:27:04.089
that rock from yourself for $1 million. Oh. And

00:27:04.089 --> 00:27:06.910
now my first wallet, the artist wallet, has $1

00:27:06.910 --> 00:27:10.309
million of what looks like clean, legitimate

00:27:10.309 --> 00:27:13.829
profit from selling a piece of digital art. Precisely.

00:27:13.829 --> 00:27:16.450
You can tell the tax authorities, I'm just a

00:27:16.450 --> 00:27:19.779
savvy digital art dealer. It creates a plausible

00:27:19.779 --> 00:27:23.160
story to legitimize the funds. The U .S. Treasury

00:27:23.160 --> 00:27:25.779
actually released a whole study comparing the

00:27:25.779 --> 00:27:28.759
high value traditional art market to NFTs for

00:27:28.759 --> 00:27:31.059
exactly this risk. And all of this infrastructure,

00:27:31.339 --> 00:27:33.480
the mixers, the cash out services, a lot of it

00:27:33.480 --> 00:27:35.839
lives on the dark net. We all know the Silk Road

00:27:35.839 --> 00:27:37.680
story, but that was just the beginning, wasn't

00:27:37.680 --> 00:27:40.240
it? Silk Road was the proof of concept. It showed

00:27:40.240 --> 00:27:42.720
it could be done. But markets like Hydra, which

00:27:42.720 --> 00:27:45.740
was a massive Russian language market, were industrial

00:27:45.740 --> 00:27:48.099
scale. Before it was taken down by German police

00:27:48.099 --> 00:27:52.440
in 2022, Hydra was doing $1 .5 billion in revenue

00:27:52.440 --> 00:27:54.920
in a single year. And it wasn't just drugs. Oh,

00:27:54.940 --> 00:27:59.119
no. They sold everything. Fake IDs, stolen credit

00:27:59.119 --> 00:28:01.660
card data, hacking services. And they offered

00:28:01.660 --> 00:28:04.559
sophisticated cash out services where you could

00:28:04.559 --> 00:28:07.579
arrange for dead drops of physical cash in exchange

00:28:07.579 --> 00:28:10.640
for your crypto. So it creates a completely closed

00:28:10.640 --> 00:28:13.500
loop economy for criminals. And for rogue states.

00:28:14.180 --> 00:28:16.759
Sanctions evasion is the macro version of all

00:28:16.759 --> 00:28:20.720
of this. We saw $15 .8 billion in sanctions related

00:28:20.720 --> 00:28:24.059
flows in 2024 alone. Countries like Russia and

00:28:24.059 --> 00:28:27.039
Iran are using crypto to bypass the swift blockade.

00:28:27.200 --> 00:28:29.799
If they can't use U .S. dollars to trade, they'll

00:28:29.799 --> 00:28:32.039
use Tether or Bitcoin to settle international

00:28:32.039 --> 00:28:35.099
deals. Which brings us to a specific criminal

00:28:35.099 --> 00:28:37.559
business model that relies entirely on this shadow

00:28:37.559 --> 00:28:44.640
economy. Ransomware existed before crypto, but

00:28:44.640 --> 00:28:46.940
crypto was the rocket fuel that let it take over

00:28:46.940 --> 00:28:50.039
the world. Before Bitcoin, if you hacked a hospital's

00:28:50.039 --> 00:28:52.200
database, how did you get paid? It was a huge

00:28:52.200 --> 00:28:54.059
logistical problem for the criminals. Right.

00:28:54.140 --> 00:28:56.099
You couldn't ask them to wire money to your bank

00:28:56.099 --> 00:28:57.579
account. The police would trace it instantly.

00:28:57.980 --> 00:28:59.880
You'd have to ask for a bag of cash left in a

00:28:59.880 --> 00:29:02.140
park, which is incredibly risky. Crypto solved

00:29:02.140 --> 00:29:04.640
the payment problem. It completely solved the

00:29:04.640 --> 00:29:07.759
payment problem. It allowed hackers to extort

00:29:07.759 --> 00:29:10.680
victims from thousands of miles away with relative

00:29:10.680 --> 00:29:14.099
safety. And the numbers have just exploded. We

00:29:14.099 --> 00:29:19.480
saw $1 .1 billion in ransoms paid in 2023. And

00:29:19.480 --> 00:29:21.519
the individual payouts are getting bigger and

00:29:21.519 --> 00:29:24.559
bigger. The Dark Angels group. That was a real

00:29:24.559 --> 00:29:27.680
watershed moment in 2024. They targeted a Fortune

00:29:27.680 --> 00:29:30.319
500 tech company. And they didn't just encrypt

00:29:30.319 --> 00:29:33.200
the data. They exfiltrated it. They stole terabytes

00:29:33.200 --> 00:29:36.420
of sensitive R &amp;D, customer data, employee info.

00:29:36.680 --> 00:29:40.180
The company caved and paid a $75 million ransom.

00:29:40.619 --> 00:29:44.140
$75 million. That's an IPO for a small company.

00:29:44.380 --> 00:29:46.400
It creates this perverse incentive structure.

00:29:46.660 --> 00:29:49.240
If you can make $75 million in a single hit,

00:29:49.359 --> 00:29:51.440
you can afford to hire the best developers in

00:29:51.440 --> 00:29:53.599
the world, you can buy zero -day exploits on

00:29:53.599 --> 00:29:55.619
the black market, and you can run a sophisticated

00:29:55.619 --> 00:29:58.140
criminal enterprise. We call it RAS ransomware

00:29:58.140 --> 00:30:00.710
as a service. It's a franchise model. The core

00:30:00.710 --> 00:30:02.829
developers write the malware and run the infrastructure,

00:30:03.150 --> 00:30:05.230
and they recruit affiliates who do the actual

00:30:05.230 --> 00:30:07.109
hacking, and then they just split the profits.

00:30:07.730 --> 00:30:10.049
It's like McDonald's, but for extortion. It's

00:30:10.049 --> 00:30:12.410
just a business. A very profitable one. And then

00:30:12.410 --> 00:30:14.930
there's the parasite version of this, cryptojacking.

00:30:15.089 --> 00:30:17.289
Right. This is less violent, more of a nuisance,

00:30:17.309 --> 00:30:21.160
but still a huge problem. Hackers infect a computer

00:30:21.160 --> 00:30:23.980
or a server with a script that just mines cryptocurrency

00:30:23.980 --> 00:30:26.819
in the background using your resources. So my

00:30:26.819 --> 00:30:29.700
computer suddenly slows to a crawl, my fan sounds

00:30:29.700 --> 00:30:32.299
like a jet engine is taking off, and my electricity

00:30:32.299 --> 00:30:34.500
bill doubles. And the hacker is collecting the

00:30:34.500 --> 00:30:37.059
coins. There's a famous script called CoinHive

00:30:37.059 --> 00:30:40.000
a few years ago that infected thousands and thousands

00:30:40.000 --> 00:30:43.220
of websites, universities, government portals,

00:30:43.220 --> 00:30:46.339
you name it. If you visited the site, your browser

00:30:46.339 --> 00:30:48.920
would start mining Monero for the hacker. for

00:30:48.920 --> 00:30:51.119
as long as you have the tab open. And why Monero

00:30:51.119 --> 00:30:53.500
specifically? Because Bitcoin requires specialized

00:30:53.500 --> 00:30:56.809
hardware now. Those loud, hot ASIC miners. You

00:30:56.809 --> 00:30:58.890
can't mine Bitcoin efficiently on a regular laptop

00:30:58.890 --> 00:31:01.769
anymore. But Monero's algorithm is designed to

00:31:01.769 --> 00:31:04.950
be mined on regular CPUs. So it's the coin of

00:31:04.950 --> 00:31:07.710
choice for these massive botnets. OK, so we've

00:31:07.710 --> 00:31:10.210
been very digital so far. But Section 5 brings

00:31:10.210 --> 00:31:13.029
us into what the Internet calls meatspace. The

00:31:13.029 --> 00:31:15.829
physical world. Because ultimately, humans live

00:31:15.829 --> 00:31:19.269
in houses, not on the blockchain. And this is

00:31:19.269 --> 00:31:22.250
the wrench attack. This is the ultimate trump

00:31:22.250 --> 00:31:24.980
card against any digital security. You can have

00:31:24.980 --> 00:31:27.160
a hardware wallet. You could have a 24 -word

00:31:27.160 --> 00:31:29.279
seed for ASMRize. You can use a complex multi

00:31:29.279 --> 00:31:31.799
-sig vault. But if someone breaks into your house,

00:31:31.880 --> 00:31:34.630
ties you to a chair, and... threatens to break

00:31:34.630 --> 00:31:37.029
your kneecaps with a $5 wrench. You give them

00:31:37.029 --> 00:31:40.009
the password. You give us the password. Cryptography

00:31:40.009 --> 00:31:42.349
cannot solve the problem of physical violence.

00:31:42.630 --> 00:31:45.569
And we saw a horrifying case of this in Manhattan

00:31:45.569 --> 00:31:49.710
in 2025. An investor was kidnapped off the street

00:31:49.710 --> 00:31:52.589
and held for weeks. They beat him, drugged him,

00:31:52.670 --> 00:31:54.549
and systematically forced him to disclose his

00:31:54.549 --> 00:31:58.089
keys and transfer his assets. It shows that as

00:31:58.089 --> 00:32:00.220
crypto wealth becomes more public, As people

00:32:00.220 --> 00:32:03.920
flash their NFTs and portfolios online, the physical

00:32:03.920 --> 00:32:06.759
risks increase dramatically. It's why so many

00:32:06.759 --> 00:32:08.619
of the early crypto billionaires have completely

00:32:08.619 --> 00:32:11.359
disappeared from public life or now travel with

00:32:11.359 --> 00:32:13.519
extensive security teams. In the Ellis Pinsky

00:32:13.519 --> 00:32:16.339
case, the irony in that one is just so thick.

00:32:16.640 --> 00:32:20.000
Pinsky was known in online circles as Baby Al

00:32:20.000 --> 00:32:24.599
Capone. At just 15 years old, he allegedly masterminded

00:32:24.599 --> 00:32:27.839
a SIM swapping ring, stealing people's phone

00:32:27.839 --> 00:32:30.069
numbers to get into their accounts. and stole

00:32:30.069 --> 00:32:32.890
around $24 million from an early crypto investor

00:32:32.890 --> 00:32:36.650
named Michael Turpin. A 15 -year -old with $24

00:32:36.650 --> 00:32:40.349
million. But here's the twist. In May of 2020,

00:32:40.750 --> 00:32:43.109
Pinsky himself was the victim of a violent home

00:32:43.109 --> 00:32:45.829
invasion. Other criminals knew he had the loot.

00:32:45.970 --> 00:32:48.269
They broke into his house with shotguns, looking

00:32:48.269 --> 00:32:50.970
for the money he had stolen. Wow. No honor among

00:32:50.970 --> 00:32:53.630
thieves. It's an incredibly dangerous game. When

00:32:53.630 --> 00:32:55.829
you decide to become your own bank, you also

00:32:55.829 --> 00:32:57.309
have to be prepared to become your own security

00:32:57.309 --> 00:32:59.720
guard. And speaking of physical infrastructure,

00:32:59.960 --> 00:33:02.640
we have to touch on energy theft. This is a massive

00:33:02.640 --> 00:33:05.299
issue in any country with cheap or, I guess,

00:33:05.380 --> 00:33:08.039
stealable power. Mining proof of work coins like

00:33:08.039 --> 00:33:10.200
Bitcoin requires a massive, massive amount of

00:33:10.200 --> 00:33:12.539
electricity. It's the single biggest operational

00:33:12.539 --> 00:33:16.039
cost for any mining farm. So to boost their margins,

00:33:16.259 --> 00:33:19.059
criminal gangs just steal the power. The numbers

00:33:19.059 --> 00:33:21.920
out of Malaysia are staggering. Tanaga National,

00:33:22.160 --> 00:33:24.819
the main utility company there, estimated they

00:33:24.819 --> 00:33:27.599
lost nearly $1 billion over a five -year period.

00:33:27.950 --> 00:33:30.829
due to illegal mining connections. The miners

00:33:30.829 --> 00:33:34.009
literally bypassed the meters. They wired directly

00:33:34.009 --> 00:33:36.549
into the high voltage mains. Which is incredibly

00:33:36.549 --> 00:33:38.630
dangerous, right? It causes fires. It causes

00:33:38.630 --> 00:33:41.450
blackouts for entire neighborhoods. It destabilizes

00:33:41.450 --> 00:33:44.230
the grid. We saw that case in the UK where police

00:33:44.230 --> 00:33:46.549
raided a warehouse because the heat signature

00:33:46.549 --> 00:33:48.789
from their helicopter was off the charts. They

00:33:48.789 --> 00:33:50.849
were absolutely convinced it was a giant cannabis

00:33:50.849 --> 00:33:53.079
farm. They kicked down the door expecting to

00:33:53.079 --> 00:33:55.460
find weed. And found racks and racks of servers

00:33:55.460 --> 00:33:57.619
mining Bitcoin with wires running everywhere.

00:33:57.759 --> 00:33:59.880
It's the perfect symbol of the modern criminal

00:33:59.880 --> 00:34:04.200
economy shifting from drugs to data. Okay, so

00:34:04.200 --> 00:34:07.579
we've painted a pretty bleak picture here. Hacks,

00:34:07.680 --> 00:34:10.619
scams, kidnappings, energy theft. It really does

00:34:10.619 --> 00:34:14.099
sound like the Wild West. But Section 6 is the

00:34:14.099 --> 00:34:16.619
long arm of the law. Is the sheriff finally coming

00:34:16.619 --> 00:34:19.139
to town? The sheriff is already here. And he

00:34:19.139 --> 00:34:21.579
has much better tools than the bandits realize.

00:34:22.199 --> 00:34:24.300
And this brings us right back to the central

00:34:24.300 --> 00:34:27.300
paradox of all this. The public ledger. The permanent,

00:34:27.420 --> 00:34:30.139
unchangeable record. Criminals love the speed

00:34:30.139 --> 00:34:33.039
and borderless nature of crypto. But cops are

00:34:33.039 --> 00:34:35.800
learning to love the permanence. If you stole

00:34:35.800 --> 00:34:38.880
Bitcoin in 2011, the record of that theft is

00:34:38.880 --> 00:34:41.460
still there today. It never degrades. It never

00:34:41.460 --> 00:34:44.800
gets shredded. And agencies like the FBI, Europol,

00:34:44.860 --> 00:34:48.079
and especially the IRS have become absolute experts

00:34:48.079 --> 00:34:50.820
at chain analysis. So they can follow the money

00:34:50.820 --> 00:34:53.159
even through the mixers and the chain hops? It

00:34:53.159 --> 00:34:55.639
takes time. It takes resources. But they can

00:34:55.639 --> 00:34:58.280
do it. Look at the Bitfinex hack. That was back

00:34:58.280 --> 00:35:01.170
in 2016. Billions of dollars worth of Bitcoin

00:35:01.170 --> 00:35:03.949
stolen. For years, the money just sat there moving

00:35:03.949 --> 00:35:06.030
occasionally. Everyone thought the hackers had

00:35:06.030 --> 00:35:08.210
gotten away with it. And then years later. Then

00:35:08.210 --> 00:35:11.210
in 2022, the DOJ arrests a couple in New York.

00:35:11.389 --> 00:35:13.730
Ilya Lichtenstein and Heather Morgan. Razzle

00:35:13.730 --> 00:35:17.210
Cubs. Yes, the aspiring Forbes contributor and

00:35:17.210 --> 00:35:20.409
surrealist rapper. I've watched her music videos.

00:35:20.489 --> 00:35:22.550
I'm still not sure what was the bigger crime,

00:35:22.789 --> 00:35:24.849
the money laundering or the rapping. The rapping

00:35:24.849 --> 00:35:28.250
was arguably worse. But the seizure itself was

00:35:28.250 --> 00:35:32.369
historic. They recovered $3 .6 billion initially,

00:35:32.750 --> 00:35:35.630
a value which later grew to over $4 .5 billion.

00:35:35.809 --> 00:35:38.789
It was the largest financial seizure in DOJ history,

00:35:38.889 --> 00:35:41.570
and it sent a message. You can hide on the blockchain

00:35:41.570 --> 00:35:43.250
for a while, but cashing out without getting

00:35:43.250 --> 00:35:45.949
caught is incredibly hard. And the Silk Road

00:35:45.949 --> 00:35:48.630
recovery involving this guy James Zong, this

00:35:48.630 --> 00:35:52.230
story is just, it's cinematic. Zong was an early

00:35:52.230 --> 00:35:55.150
user of the Silk Road darknet market. He found

00:35:55.150 --> 00:35:57.010
a glitch in their withdrawal system way back

00:35:57.010 --> 00:35:59.789
in 2012. He figured out how to trigger it multiple

00:35:59.789 --> 00:36:03.070
times and stole 50 ,000 Bitcoin from the site.

00:36:03.250 --> 00:36:06.309
So he literally robbed the robbers. He did. And

00:36:06.309 --> 00:36:08.610
he just held on to it for 10 years. He never

00:36:08.610 --> 00:36:11.449
touched it. And the value ballooned from a few

00:36:11.449 --> 00:36:13.190
hundred thousand dollars into the billions. And

00:36:13.190 --> 00:36:15.530
where was he keeping this digital fortune? In

00:36:15.530 --> 00:36:18.489
a Swiss bank. In some underground fortress. In

00:36:18.489 --> 00:36:20.909
a popcorn tin. You're kidding me. No, I'm serious.

00:36:21.050 --> 00:36:23.190
He had a single board computer with the wallet's

00:36:23.190 --> 00:36:25.690
private keys on it, hidden inside an empty Cheetos

00:36:25.690 --> 00:36:28.369
popcorn tin buried under a pile of blankets in

00:36:28.369 --> 00:36:30.269
his bathroom closet in Gainesville, Georgia.

00:36:30.429 --> 00:36:33.750
A popcorn tin holding billions of dollars? That's

00:36:33.750 --> 00:36:36.289
incredible. He lived a pretty modest life, didn't

00:36:36.289 --> 00:36:38.969
spend much. But the on -chain analytics eventually

00:36:38.969 --> 00:36:41.429
traced the stolen coins to him. They raided the

00:36:41.429 --> 00:36:44.789
house, found the tin, and seized all of it. It

00:36:44.789 --> 00:36:46.960
just shows that even if you have... perfect operational

00:36:46.960 --> 00:36:49.420
security for a decade, you only have to make

00:36:49.420 --> 00:36:53.039
one tiny mistake. The blockchain waits. And we're

00:36:53.039 --> 00:36:55.360
also seeing the industry itself start to police

00:36:55.360 --> 00:36:58.199
the ecosystem. The notes mention Tether helping

00:36:58.199 --> 00:37:01.420
the FBI freeze funds. This is a major, major

00:37:01.420 --> 00:37:03.940
shift. Companies like Tether, which issues USDT,

00:37:04.039 --> 00:37:07.039
and Circle, which issues USDC, are centralized.

00:37:07.360 --> 00:37:09.619
Their stable coins are basically smart contracts,

00:37:09.699 --> 00:37:11.340
and they have a freeze function built into the

00:37:11.340 --> 00:37:13.260
code. So they have a kill switch. They have a

00:37:13.260 --> 00:37:16.320
kill switch. If the FBI identifies a wallet,

00:37:16.750 --> 00:37:20.050
Holding USDT as belonging to a scammer or a terrorist

00:37:20.050 --> 00:37:22.550
group, they can send a warrant to Tether and

00:37:22.550 --> 00:37:25.409
Tether will blacklist that address. The money

00:37:25.409 --> 00:37:28.190
in it is frozen instantly. It becomes unmovable.

00:37:28.309 --> 00:37:30.510
That kind of destroys the whole uncensorable

00:37:30.510 --> 00:37:32.769
money narrative, but I guess it's great for stopping

00:37:32.769 --> 00:37:36.650
crime. Well, it is for centralized tokens. In

00:37:36.650 --> 00:37:39.230
the 2025 inauguration scam we mentioned earlier,

00:37:39.429 --> 00:37:42.489
that's how they recovered the $40 ,000. It wasn't

00:37:42.489 --> 00:37:44.909
the Ethereum blockchain that stopped it. It was

00:37:44.909 --> 00:37:47.550
the centralized company running the token on

00:37:47.550 --> 00:37:49.670
top of Ethereum. And all of this is happening

00:37:49.670 --> 00:37:52.599
as regulation tightens globally. The travel rule.

00:37:52.780 --> 00:37:55.039
Right. This is the standard banking rule being

00:37:55.039 --> 00:37:58.420
applied to crypto. The idea is that if an exchange

00:37:58.420 --> 00:38:00.519
sends over a certain amount of money to another

00:38:00.519 --> 00:38:03.179
exchange, they have to send the customer's identity

00:38:03.179 --> 00:38:06.480
data along with it. It forces the ecosystem to

00:38:06.480 --> 00:38:08.940
de -anonymize. So the walls are definitely closing

00:38:08.940 --> 00:38:11.320
in. For the casual criminal, absolutely. The

00:38:11.320 --> 00:38:13.699
old Wild West days of anonymous transfers on

00:38:13.699 --> 00:38:16.440
major regulated exchanges like Coinbase or Binance

00:38:16.440 --> 00:38:19.099
are completely over. So let's try and bring all

00:38:19.099 --> 00:38:20.780
this together. We've covered a lot of ground

00:38:20.780 --> 00:38:23.739
here. From the deep psychology of the pig butchering

00:38:23.739 --> 00:38:26.420
scam to the technical wizardry of a cross -chain

00:38:26.420 --> 00:38:29.500
bridge hack, what is the grand synthesis here?

00:38:29.739 --> 00:38:31.599
I think the big takeaway is that crypto crime

00:38:31.599 --> 00:38:34.960
has evolved from being this niche, nerdy curiosity

00:38:34.960 --> 00:38:38.039
into a full -blown mirror of the global financial

00:38:38.039 --> 00:38:41.360
underworld. It has everything. State actors,

00:38:41.639 --> 00:38:44.480
organized crime syndicates, lone wolf hackers,

00:38:44.679 --> 00:38:47.780
desperate individuals. But the technology amplifies

00:38:47.780 --> 00:38:51.079
everything. It makes the scams faster, the thefts

00:38:51.079 --> 00:38:53.619
larger, and the investigations more complex than

00:38:53.619 --> 00:38:55.980
anything we've seen before. And for our listener,

00:38:56.159 --> 00:38:58.820
the learner we're talking to who might be holding

00:38:58.820 --> 00:39:01.079
some Bitcoin or is maybe experimenting with DeFi,

00:39:01.300 --> 00:39:04.159
what is the practical take -home lesson from

00:39:04.159 --> 00:39:06.860
all this? The lesson is that self -custody is

00:39:06.860 --> 00:39:09.059
a double -edged sword. The idea of being your

00:39:09.059 --> 00:39:11.800
own bank is incredibly empowering. You have total

00:39:11.800 --> 00:39:14.739
control, total autonomy, but you also have total

00:39:14.739 --> 00:39:17.380
unforgiving liability. There is no fraud department

00:39:17.380 --> 00:39:19.840
to call if you mess up. So the big question,

00:39:20.039 --> 00:39:22.659
is crypto safe? I'd say it's safe in the way

00:39:22.659 --> 00:39:25.280
a tank is safe. The core machine is practically

00:39:25.280 --> 00:39:27.179
invincible if you know how to operate it and

00:39:27.179 --> 00:39:29.400
you keep hatches locked. But if you open the

00:39:29.400 --> 00:39:31.239
main hatch because a stranger with a nice smile

00:39:31.239 --> 00:39:33.519
asks you to, or if you accidentally drive it

00:39:33.519 --> 00:39:35.199
into a minefield. Or if you just leave the keys

00:39:35.199 --> 00:39:38.440
in the ignition. Exactly. The vulnerability is

00:39:38.440 --> 00:39:40.880
almost always the user, the human being sitting

00:39:40.880 --> 00:39:43.320
at the keyboard, not the math that secures the

00:39:43.320 --> 00:39:45.460
network. I want to end with a provocative thought

00:39:45.460 --> 00:39:47.559
that the notes bring up, which I find fascinating.

00:39:47.760 --> 00:39:51.019
We talked about the permanent public ledger.

00:39:51.159 --> 00:39:53.719
As artificial intelligence gets better and better

00:39:53.719 --> 00:39:56.300
at pattern recognition and as these blockchain

00:39:56.300 --> 00:40:00.280
tracing tools get more powerful. Are we heading

00:40:00.280 --> 00:40:02.559
toward a future where crypto is actually the

00:40:02.559 --> 00:40:06.019
worst possible tool for crime? That is the beautiful

00:40:06.019 --> 00:40:07.920
irony that might be waiting for us at the end

00:40:07.920 --> 00:40:10.400
of this road. If you rob a bank of physical cash,

00:40:10.619 --> 00:40:13.139
those bills eventually degrade. They get dispersed.

00:40:13.320 --> 00:40:15.300
They're spent. The evidence fades over time.

00:40:15.699 --> 00:40:17.840
But on the blockchain, the evidence is immortal.

00:40:18.119 --> 00:40:20.300
So you might get away with the hack in 2026.

00:40:21.130 --> 00:40:24.309
But in 2036, a powerful AI agent might be tasked

00:40:24.309 --> 00:40:26.170
with looking back at the entire history of the

00:40:26.170 --> 00:40:28.849
chain, and it might spot a tiny pattern, a correlation

00:40:28.849 --> 00:40:31.190
that no human could ever see, and it could identify

00:40:31.190 --> 00:40:34.269
you. There is effectively no statute of limitations

00:40:34.269 --> 00:40:38.510
on the evidence itself. The idea of the clean

00:40:38.510 --> 00:40:41.190
getaway might just be a myth in the age of the

00:40:41.190 --> 00:40:43.730
public blockchain. We might eventually find that

00:40:43.730 --> 00:40:45.929
this Wild West was actually the most surveilled

00:40:45.929 --> 00:40:48.489
financial system in human history. We just didn't

00:40:48.489 --> 00:40:51.019
have the lights turned on yet. That is a very

00:40:51.019 --> 00:40:53.860
sobering thought to chew on. If you enjoyed this

00:40:53.860 --> 00:40:56.480
deep dive, maybe go check your wallet permissions.

00:40:56.679 --> 00:40:59.119
Think about buying a hardware wallet. And please,

00:40:59.199 --> 00:41:01.780
for the love of everything, do not send ETH to

00:41:01.780 --> 00:41:03.619
anyone on the internet promising to double it.

00:41:03.719 --> 00:41:05.739
Please just don't. Thanks for listening. We'll

00:41:05.739 --> 00:41:06.400
see you in the next one.