Arrest of British Cybercriminal Danny Khan
Authorities in Dubai have reportedly apprehended British cybercriminal Danny Khan, also known by his online persona Danish Zulfiqar. Following his arrest, officials have allegedly confiscated approximately $18.58 million in cryptocurrency, namely around 3,670 Ethereum (ETH), which were traced following transfers made to a monitored wallet.
Investigation Details
ZachXBT, an on-chain investigator, disclosed on his Telegram channel that the significant amount of Ethereum was deposited into wallet address 0xb37d6…9f768, shortly before authorities took action. He observed that numerous wallets associated with Khan that were being monitored had moved funds into this address, mirroring strategies used in previous law enforcement seizures.
Sources indicate that Khan was last known to be in Dubai, where a villa was reportedly raided, resulting in multiple arrests. Despite attempts to reach those implicated for comments, they have been notably unresponsive in recent days.
Previous Criminal Activities
In addition to this latest incident, ZachXBT has been tracking Khan since 2024, during which time he connected Khan to a major theft totaling $243 million from a Genesis creditor in August of that year. This fraudulent operation also involved co-conspirators including Malone Lam, Veer Chetal, Chen, and Jeandiel Serrano. Their scheme consisted of social engineering tactics designed to deceive a victim into resetting their two-factor authentication, leading to unauthorized fund transfers from Gemini to wallets controlled by the perpetrators, including sharing sensitive Bitcoin keys via the remote desktop application AnyDesk. Celebratory communications among the group revealed their successful transfer of 59.34 BTC and 14.88 BTC to their wallets.
Significant SIM Swap Attack
Furthermore, Khan has been associated with a significant Kroll SIM swap attack that occurred in August 2023, exposing the private information of creditors from notable entities such as BlockFi, Genesis, and FTX. This breach has been attributed to over $300 million in financial losses due to social engineering methods, stemming from unauthorized access to an employee’s T-Mobile account.
Ongoing Investigations
While official sources have yet to confirm Khan’s detainment, there is a heightened awareness among law enforcement circles regarding his activities, with ongoing scrutiny by multiple investigative teams.
