Evan Tangeman, 22, of Newport Beach, California, was sentenced by U.S. District Judge Colleen Kollar-Kotelly in Washington D.C. He will also serve three years of supervised release after completing his prison term. Tangeman pleaded guilty on December 8, 2025 to a charge of RICO conspiracy, a federal statute originally designed to prosecute organized crime groups like the Mafia. His guilty plea was the ninth in the investigation to date.

What Tangeman Did

Prosecutors say Tangeman personally laundered at least $3.5 million in stolen cryptocurrency, converting it to cash and securing luxury rental properties using false names on behalf of the broader network. As payment, he received a customized widebody Lamborghini Urus from Malone Lam, the ring's alleged leader.

Investigators seized a black 2022 Rolls-Royce Ghost worth more than $300,000 and a Porsche GT3 RS from Tangeman upon his arrest. U.S. Attorney Jeanine Ferris Pirro, who supervised the prosecution, did not spare adjectives at sentencing: "This criminal enterprise was built on greed so brazen it borders on the cartoonish," she said. She added that Tangeman "didn't just launder the money that fueled that lifestyle. When his co-conspirators were arrested, he moved to destroy the evidence." Pirro also said the network "stole millions, spent it on half-million-dollar nightclub tabs, Lamborghinis, and Rolexes."

How the Syndicate Operated

The network ran from October 2023 through May 2025 and recruited members primarily through online gaming platforms, with most participants unemployed and under 20 years old.

The group functioned with the division of labor typical of organized crime: some members obtained victim data by bribing Coinbase employees working overseas, others impersonated exchange support agents or law enforcement over the phone to manipulate victims into surrendering wallet access, and others physically broke into homes to steal hardware wallets (physical devices used to store cryptocurrency offline).

The largest single theft occurred on August 18, 2024, when members socially engineered a creditor of Genesis Global Capital, a now-bankrupt crypto lender, and walked away with more than 4,100 Bitcoin, worth approximately $230 million at the time.

At current prices, as of late April 2026, that haul exceeds $384.5 million.

Blockchain analyst ZachXBT was among the first to publicly trace the on-chain movement of those funds.

Across the full operation, the ring spent roughly $4 million at nightclubs, including a single tab of $500,000, and held more than 28 exotic vehicles valued between $100,000 and $3.8 million each.

The money laundering itself was technically layered. The syndicate used peel chains (rapid sequential transfers between wallets to obscure origins), cross-chain swaps through decentralized finance bridges, cryptocurrency mixers, and high-risk Asia-based exchanges with limited identity verification requirements. The syndicate also relied on shell entities and straw signers, individuals paid more than $10,000 per signature to register vehicles and properties under false names. Physical cash conversion was Tangeman's primary role and served as a central method for breaking the financial trail.

The alleged ringleader, Malone Lam, a Singaporean national who was approximately 20 years old at the time of the thefts, was arrested in Miami in September 2024 and now faces a superseding indictment covering 13 defendants.

Another defendant, Kunal Mehta of Irvine, California, pleaded guilty in November 2025 to laundering at least $25 million.

Veer Chetal pleaded guilty to fraud and money laundering before agreeing to cooperate and testify against remaining defendants.

Why This Matters Beyond U.S. Borders

The RICO framework's application to a crypto-native network is a legal landmark. Prosecutors used it to treat a loosely connected group of young online recruits as a single criminal enterprise, extending liability to peripheral participants like money launderers.

Legal analysts warn that developers building mixing tools, anonymous bridging infrastructure, or high-velocity exchange platforms now face significantly elevated legal exposure under this precedent.

The regional footprint of this case stretches well beyond California. Lam's Singaporean nationality and the syndicate's reliance on Asia-based exchanges place this squarely in the Asia-Pacific enforcement conversation. In April 2026, the U.S. Department of Justice and OFAC launched a coordinated crackdown, restraining more than $700 million tied to Southeast Asian crypto scam operations in Cambodia and along the Burma-Thailand border, an action that shares clear tactical overlap with the $263 million case.

For users in India, the UAE, and across Sub-Saharan Africa, regions identified by Chainalysis as having elevated crypto social engineering victimization rates, the attack methods here are directly relevant.

Social engineering accounted for more than 60 percent of all crypto incidents in 2025.

The specific playbook, phone calls impersonating exchange support staff combined with pressure to hand over wallet credentials, applies equally in markets where self-custody is common and users may have limited familiarity with institutional security norms. In markets where banking infrastructure is limited and hardware wallets are widely used for self-custody, the physical home invasion threat documented in this case presents a direct and serious risk that users storing crypto offline should also take into account.

FBI Special Agent Reid Davis issued a blunt warning alongside the sentencing: "Do not reply to calls, emails, or texts that request personal information about your cryptocurrency holdings or accounts."

The Coinbase insider breach element raises a separate concern for the industry. The bribery of overseas customer service employees, who were paid to access customer databases and identify high-value targets for subsequent social engineering attacks, points to a systemic insider threat problem at platforms with globally distributed workforces. Coinbase has disclosed potential payouts to affected users of between $180 million and $400 million.

Lam's case, which now encompasses 13 defendants, remains the central proceeding in an investigation that began more than two and a half years ago when the syndicate first started operating, with multiple defendants still awaiting resolution.