FBI and South Korean police bust an international Ripple XRP phishing scam across Japan and South Korea.

Hackers Gained Access Via a Ripple XRP Phishing Scam Website

They did this by replicating a Japanese-based cryptocurrency (or crypto) exchange platform.

Login details were stolen for 61 users — Giving hackers access to their exchange accounts.

Out of these 61 users, 24 were South Korean investors and 37 were Japanese investors.

In total, $800,000 worth of XRP was stolen from the accounts of these individuals.

Joint Operation to Find Those Responsible for the Ripple XRP Phishing Scam

In a join operation by Seoul police and the Cyber Division of the FBI, two perpetrators have been arrested.

One of which is a 42-year old computer programmer — The other being his employer.

To give more detail, the computer programmer was hired to replicated a real Ripple XRP exchange website.

The computer programmer was guided by his employer throughout the development of the scam website.

Details of How the Ripple XRP Phishing Scam Was Carried Out

By impersonating a real exchange’s support email account, the hackers sent the hacked users an email stating that their funds had been frozen.

In the email, the hackers sent a recovery link that lead the victims to their replicated Ripple XRP exchange login page.

How it worked

In a state of fear, the victims would quickly click the link and enter their account login details.

Only to realize they had been scammed after failed login attempts.

Reason for FBI Involvement

You may be wondering why the FBI got involved with an investigation involving South Korea and Japan.

Here’s why

Ripple is an American company holding the majority of XRP tokens. Due to this, the FBI felt it necessary to get involved with the investigation.

Following the News Story in South Korea

Local media stations in South Korea reported the lead scammer transferred all of his XRP into Korean Wan.

These stolen funds were used to purchase five-star accommodations in a luxury apartment.

In addition to these accommodations, the scammer also purchased high-end products and services.

Japanese Crypto Exchange Involved in Ripple XRP Phishing Scam

Korea’s local media has reported there weren’t just two scammers. There was an additional person involved, still at large.

In addition to the first two scammers, an employee at a Japanese crypto exchange also took part in the heist.

This employee reportedly gave the first two scammers user data from the exchange.

This data included user email addresses and 2FA status — Data that the scammers used to identify potential targets.

Ripple XRP Phishing Scam Victims are Not Going to be Compensated

According to South Korean law, cryptocurrency is not considered a legal tender in South Korea.

Because of this, the South Korean police can’t legally confiscate assets from the lead scammer.

In addition, the scammer claims to have spent all of the money. Therefore, he has no money to return to the victims.


$800,000 worth of Ripple XRP was stolen from 61 users of a Japanese crypto exchange.

By using a replicated login page of the exchange’s website, scammers were able to steal login information.

Two of the scammers have been caught, leaving a third still at large.

I wrote an article discussing methods to storing XRP safely that can protect you from this sort of thing.

What are you doing to ensure this never happens to you? Please, leave a comment below and share this article with your community.