A Texas man who helped orchestrate a cryptocurrency scam that defrauded roughly $20 million from about 1,000 investors was sentenced to 23 years in federal prison on Tuesday. U.S. District Judge LaShonda Hunt handed down the sentence to Robert Dunlap, who served as a trustee for the Meta-1 Coin project and helped market the fictitious token.

According to the U.S. Attorney’s Office for the Northern District of Illinois, Dunlap and his co-conspirators used a self-created Meta Exchange to inflate the token’s market price and trading volume with automated trading bots, while presenting investors with misleading assurances about asset backing and potential returns. Prosecutors said the scheme relied on false statements and concealed expenses, with funds ultimately used for personal purchases, including luxury vehicles such as a Ferrari.

The defendant was convicted in November on two counts of mail fraud, each carrying a potential sentence of up to 20 years in federal prison. Prosecutors noted in the sentencing memorandum that Dunlap was “unrepentant” and that his misrepresentations escalated over time, underscoring the seriousness of the case as a warning to would-be crypto scammers.

The SEC has been active in pursuing similar schemes. In March 2020, the agency ordered an asset freeze and other emergency relief against Dunlap, an alleged accomplice, Nicole Bowdler, and former Washington state Senator David Schmidt to stop marketing and selling Meta-1 Coin. The SEC alleged that investors were told Meta-1 Coin was risk-free and could deliver enormous returns—claims that investors later learned were false. The agency noted that the coins were never distributed and that funds were diverted to personal use.

Token claims, market manipulation, and the broader crackdown

The case centers on Meta-1 Coin, a token that prosecutors said was touted as backed by a $1 billion art collection—including works by Picasso and van Gogh—and $44 billion in gold. Those asset-backed claims were part of the fraud profile presented by the government, which also described how Dunlap and associates marketed the token through a trust structure from 2018 to 2023. The government alleged investors were promised returns that would dwarf typical crypto gains, with figures that were manipulated to create an illusion of robust trading activity.

Beyond the Meta-1 case, regulators and authorities have signaled a broader push to curb crypto fraud and manipulation. In parallel reporting, authorities have pursued other crypto-related prosecutions, including charges related to hacking and DeFi-related exploits, underscoring a tightening stance as enforcement agencies increasingly scrutinize market misconduct in digital assets.

What this means for investors and the market

The Dunlap sentence highlights the risk profile of investment projects that promise outsized, rapid returns and rely on opaque asset claims. For investors, the case emphasizes the importance of due diligence, independent verification of asset backing, and a healthy skepticism toward platforms that blend trading activity with promises of instant wealth. For the crypto industry, the outcome signals regulators’ willingness to pursue not only misrepresentation but also the operational mechanics that enable such fraud, including automated market manipulation tied to self-hosted exchanges.

Looking ahead, readers should watch how the regulatory pendulum continues to swing on disclosure standards, enforcement actions, and the treatment of asset-backed crypto products. While the Meta-1 saga has reached a definitive sentencing point, the broader crackdown on crypto scams is far from over, with ongoing investigations and charges shaping market expectations for investor protection and compliance in the sector.

According to the U.S. Attorney’s Office in Illinois, the case serves as a stark reminder that alleged crypto fraud carries serious, long-lasting consequences. For further context, the original SEC filing and press release detailing the 2020 asset freeze are available through the agency’s public records.

• Circle is accused of failing to freeze exploit-linked transfers.
• Approximately $230 million in stolen funds was routed through Circle’s USDC.
• Drift plans $147.5 million recovery backed by future revenue.

Circle Internet Group, the issuer of the USDC stablecoin, is facing a class action lawsuit over its alleged failure to stop the movement of stolen funds linked to the Drift Protocol exploit.

The lawsuit, filed by Drift investor Joshua McCollum at the US district court in Massachusetts on behalf of over 100 impacted users, centres on whether the company had both the ability and the obligation to intervene as the exploit unfolded.

Lawsuit targets Circle’s role in fund transfers

The legal action stems from the April 2026 breach of Drift Protocol, a Solana-based decentralised exchange, where attackers drained roughly $285 million.

A significant portion of those funds, estimated at around $230 million, was quickly converted into USDC.

From there, the funds were moved across chains, primarily from Solana to Ethereum, using cross-chain infrastructure.

The transfers were not instantaneous. They occurred over several hours and were split into more than 100 transactions.

This detail sits at the centre of the lawsuit.

Plaintiffs argue that Circle had a window of opportunity to act.

According to the claim, the company could have frozen the affected wallets or halted the transfers, limiting the damage. Instead, the funds continued moving until they were fully out of reach.

The case accuses Circle of negligence and of indirectly facilitating the loss by failing to act despite having the technical capability to do so.

This argument is reinforced by previous instances where the company has frozen wallets tied to illicit activity, showing that such intervention is not only possible but already part of its operational toolkit.

At its core, the lawsuit raises a difficult question: when a centralised entity operates within a decentralised system, where does its responsibility begin and end?

Drift’s recovery plan

In response to the exploit, Drift Protocol has outlined a structured recovery plan aimed at addressing user losses while rebuilding the platform’s liquidity and operations.

The protocol is seeking to mobilise up to $147.5 million, with a significant portion backed by Tether and other ecosystem partners.

This figure, however, should not be viewed as immediate compensation.

A large share of the funding comes in the form of a revenue-linked credit facility estimated at around $100 million.

This means the protocol will draw funds over time and repay them using future trading fees and platform revenue rather than distributing the full amount upfront.

To manage user claims, Drift plans to issue a new recovery token, though its official name and final structure are yet to be confirmed.

This token will be distributed to affected users and will represent their share of the recovery pool.

It is expected to be transferable, allowing users to either hold it and wait for gradual repayments or sell it on secondary markets for immediate liquidity, likely at a discount.

The recovery pool itself will not rely solely on external funding.

It is designed to be continuously replenished through multiple sources, including protocol revenue, partner contributions, and any funds that may be recovered from the attackers.

This creates a system where repayments are tied directly to the platform’s ability to restart operations and generate consistent trading activity.

Despite these measures, there remains a clear shortfall.

With total losses estimated at approximately $285 million and recovery efforts targeting up to $150 million, a large portion of user funds is not immediately covered.

This gap highlights that users are unlikely to be fully reimbursed in the near term, and recovery will depend heavily on Drift’s long-term performance.

To support a relaunch, part of the recovery framework is also focused on restoring liquidity.

Incentives and financial support are being directed toward market makers to rebuild order books and improve trading conditions once the platform resumes full operations.

Without sufficient liquidity, even a technically sound relaunch would struggle to attract users back.

Another major shift is the protocol’s decision to move away from USDC as its primary settlement asset and instead adopt USDT.

This change comes after roughly $230 million of the stolen funds were converted into USDC and moved across chains during the exploit.

The switch signals a reassessment of risk and reflects a broader effort to restructure the platform’s core infrastructure following the incident.

Overall, Drift’s recovery plan is built around gradual restitution rather than immediate payouts.

Its success will depend on how quickly the platform can regain user trust, restore liquidity, and generate enough revenue to sustain long-term repayments.

A Brazilian security researcher has warned others of the latest counterfeit Ledger device scam aimed at stealing users’ crypto.

Posting as “Past_Computer2901” on the “ledgerwallet” Reddit channel on Thursday, the security researcher said they purchased what they thought was a legitimate Ledger device for personal use, but soon realized after it arrived that it was a sophisticated counterfeit aimed at stealing user funds. 

“This isn’t meant to cause panic, but rather to serve as a serious warning — I’m honestly still a bit shaken by the sheer scale of this operation,” they said. 

Scammers are adopting increasingly sophisticated strategies to target users opting for self-custody, from supply chain attacks to social engineering and approval scams.

Earlier this month, more than 50 victims were tricked into revealing their seed phrases on a fake Ledger Live app that made its way to the Apple App Store via a bait-and-switch strategy. The victims lost a combined $9.5 million before Apple took down the malicious app.

How the counterfeit Ledger device scam works

The researcher said he bought the Ledger Nano S Plus from a Chinese marketplace, which was priced the same as the official Ledger store. The packaging and the listing also appeared legitimate at first.

However, when they connected the device to the genuine Ledger Live app — which was luckily already installed on their computer — it failed Ledger’s built-in “Genuine Check.” 

This prompted them to pull apart the device, discovering modified hardware and firmware designed to capture and expose sensitive wallet data.

The security researcher said the scammers target first-time Ledger users, as the QR code that comes in the box would normally direct users to download a malicious version of the Ledger Live app that would show a fake “Genuine Check.”

Users continuing to follow the prompts will eventually allow scammers to obtain a user’s seed phrases and drain funds at any time.

“Stay safe out there. Only download Ledger Live from ledger.com. Only buy hardware from ledger.com,” the security researcher said. 

“If your device fails the Genuine Check — stop using it immediately.”

After pulling apart the device, they discovered clear signs of tampering, including scraped chip markings and a WiFi and Bluetooth antenna embedded inside the unit. 

Legitimate Ledger hardware products are designed to keep private keys fully offline.

Related: Musician loses $420K Bitcoin ‘retirement fund’ via fake Ledger app

The security researcher then looked into the firmware, putting the “chip into boot mode,” which initially identified the device as a Nano S Plus 7704 with an attached serial number.

However, once the boot sequence completed, another manufacturer’s name showed up: Espressif Systems, a publicly listed Chinese semiconductor company based in Shanghai.

Cointelegraph reached out to Espressif for comment but didn’t receive an immediate response.

Magazine:  What’s a ‘Network State’ and are there real-life examples? Big Questions