Hong Kong Cryptocurrency Investment Company Now Has an Insider! 34-Year-Old Engineer Steals 2.67 Million USDT

About 20 customers of an investment company providing cryptocurrency settlement services in Tsim Sha Tsui, Hong Kong, have reported the theft of USDT accounts since January 2026, with a cumulative loss of a total of 267 USDT, equivalent to approximately HK$2,087. After investigation, the police arrested a 34-year-old network engineer surnamed Cai on February 23 on suspicion of “suspected theft”, who was suspected of unauthorized access to the company’s database and access to customer account information.

Case Details: Access to the job system becomes the key to the crime

The crime occurred at Convoy Plaza South, 1 Science Museum Road, Tsim Sha Tsui, and the company’s main business is cryptocurrency settlement platform services.

Since the beginning of January this year, the company’s management has received complaints from about 20 customers that USDT in their accounts has decreased without their knowledge. After checking the internal records, the management found that Cai Nan had logged in to the company’s database many times and accessed the account information of multiple customers, so he reported the case to the police.

Cai Nan has been with the company for 4 years, and his main responsibility is to manage the development and maintenance of the company’s mobile applications. The access to the system is allegedly a core condition that enables it to gain unauthorized access to customer data.

Key summary of the case

Number of customers affected: about 20 people

stolen assets: 267 USDT (Tether)

Equivalent to a loss in Hong Kong dollars: Approximately HK$2,087

Criminal modus operandi: Suspected unauthorized access to the company’s database to view customer account information

Information of the arrested persons: 34-year-old man surnamed Cai, network engineer, 4 years old

Responsible for the investigation unit: Yau Tsim District Criminal Investigation Team 9

The police executed the arrest on the afternoon of February 23, and a reporter from “Sing Tao Daily” witnessed multiple police officers entering the company and conducting digital evidence collection work on the company’s computer equipment.

Crypto Crime Trends in Hong Kong: From External Scams to Insider Theft

This case reveals a shift in criminal trends that deserve industry attention - the risk source of cryptocurrency cases is extending from external fraud to internal abuse of power.

In August 2024, Central District handled a completely different case: a 77-year-old local woman brought HK$300 in cash to a virtual currency exchange shop in Sheung Wan to purchase stablecoins, but was defrauded by two male clerks using a disguised safe deposit box, and the cash was taken from the back of the box. The victim was unaware of the initial transfer of about HK$7.8 million in stablecoins, resulting in a final loss of about HK$292. The police subsequently arrested three people, some of whom had gangster backgrounds.

A comparison of the two cases shows that the methods of cryptocurrency fraud are very different, but the common point is that the victim only discovers the loss after the fact. Whether it’s external fraud or insider theft, the irreversibility of crypto assets makes recovery significantly more difficult.

Frequently Asked Questions

What is the essential difference between this case and common cryptocurrency scams?

This case is an internal theft of enterprises, and the suspect is an employee of the company, using his legitimate system permissions to conduct unauthorized operations, which is different from external hacking or phishing scams. The prevention of such cases focuses on the hierarchical management of data access rights and operational audit mechanisms within the enterprise.

Can the victim customer recover the stolen USDT?

The case is still in the investigation stage, and the police have digitally collected evidence from the relevant computer equipment. As a blockchain asset, USDT’s on-chain transfer records are traceable, but the actual possibility of recovery depends on the on-chain tracking results of the flow of funds and the progress of subsequent judicial procedures, and there is no official statement at this stage.

What regulations are regulated by cryptocurrency investment firms in Hong Kong?

The Hong Kong Securities and Futures Commission (SFC) requires institutions providing virtual asset services to apply for licenses in accordance with regulations and comply with anti-money laundering (AML) and customer asset custody related requirements. However, the risk of internal abuse of power by employees still relies on the company’s own internal control and audit systems to prevent it, and regulatory constraints cannot fully cover such internal crime scenarios.