Teen Hacker Swipes $37M in Crypto—ZachXBT Exposes Regulatory Blind Spots
A 17-year-old exploits legal loopholes to pull off one of 2025’s biggest crypto heists—while regulators scramble to keep up.
Blockchain sleuth ZachXBT sounds the alarm: ’The wild west of digital assets isn’t just for cowboys anymore.’
Meanwhile, traditional finance gatekeepers still can’t decide if crypto is a threat or just their next fee-generating product.
ZachXBT shares $37m Canadian case
The investigator specifically referenced Cameron Redman, who allegedly conducted a massive SIM swap attack in 2020 at age 17.
The hacker targeted a victim for approximately 60,000 Bitcoin Cash (BCH) and 1,547 Bitcoin (BTC) worth $37 million at the time.
Cameron Redman helped SIM swap $37M in 2020 when he was 17 from Canada
Not a single mention of his full name or photo on the internet until I posted it after he got involved with phishing / X ATOs
Zero reason his name should’ve been protected or hidden https://t.co/F5uoQsD4rK
According to ZachXBT’s research, the February 22, 2020 attack against victim Josh Jones involved complicated money laundering techniques. The stolen Bitcoin Cash was moved through hundreds of small transactions to centralized exchanges. However, most Bitcoin was funneled through mixing services, including Chip Mixer and Crypto Mixer.
ZachXBT criticized the legal protections afforded to minors in high-value cybercrime cases. He noted that “laws in Canada and EU are super relaxed, so threat actors can get away with a lot.”
The sleuth expressed particular frustration with name suppression policies for juvenile offenders and stated he publishes full names “regardless of age” when investigating crypto crimes.
Hamilton Police in Ontario formally charged Redman in November 2021 following collaboration with the FBI and U.S. Secret Service. Authorities recovered $5.4 million of cryptocurrency during the investigation, though $31.5 million remains unaccounted for.
The case resurfaced when ZachXBT identified Redman’s alleged involvement in recent phishing attacks and X account takeovers targeting NFT projects. Given the scale of the financial crimes, the investigator noted there was “zero reason his name should’ve been protected or hidden.”
