Southeast Asia's Crypto Scam Industry Just Got Its Biggest Crackdown

Southeast Asia's crypto-crime economy is not a collection of isolated scams. It is an industrial network, and the numbers confirm its scale.

A new Chainalysis report estimates that Chinese-language money laundering networks moved $16.1 billion in illicit funds through crypto in 2025 alone, roughly one-fifth of the entire illicit crypto ecosystem valued at over $82 billion that year.

Simultaneously, U.S.-led enforcement operations arrested 276 people, shut down nine scam compounds, and seized over $701 million in assets. Yet analysts warn the underlying infrastructure is still expanding, and the tactics are evolving.

The Money Machine: How $16B Moves Through Crypto

The criminal networks at the center of these operations are not operating in the dark web shadows of popular imagination. They are organized, well-resourced, and largely run through public channels on Telegram.

Known as Chinese-Language Money Laundering Networks (CLMNs), these groups advertise services openly, posting photos of cash piles and customer testimonials as proof of liquidity. Their clients range from organized crime syndicates to state-linked actors, including, according to Chainalysis, North Korean operatives using the same corridors to launder proceeds from cryptocurrency heists.

Tether's USDT is the instrument of choice. A 2024 UN Office on Drugs and Crime report previously identified USDT as the "preferred choice for crypto money launderers" in Southeast Asia, a status that has not shifted. The stablecoin's dollar peg, global liquidity, and cross-chain mobility make it well-suited for rapid, large-volume transfers that are difficult to freeze before the funds move.

Chainalysis estimates these networks laundered the equivalent of $44 million per day throughout 2025. The CLMNs have expanded into Southeast Asia, particularly Cambodia and Myanmar, as enforcement pressure tightened inside mainland China.

Beijing has been relatively aggressive in pursuing domestic crypto crime, but jurisdictions across the Mekong region offer looser oversight, corrupted local gatekeepers, and in some cases, direct political protection.

How the U.S. Struck Back in April

On April 23, 2026, the U.S. government launched one of its most coordinated anti-scam operations to date – a multi-agency action targeting the leadership and financial infrastructure of Southeast Asian scam centers.

The Department of Justice unsealed criminal complaints against Huang Xingshan and Jiang Wen Jie, two Chinese nationals who ran the Shunda compound in Min Let Pan, Myanmar.

Before local forces seized the compound in late 2025, the pair oversaw operations where trafficked workers, held against their will, were forced to defraud victims using fake cryptocurrency investment platforms. Both were arrested by Thai authorities while transiting between scam centers in Cambodia and Myanmar.

On the financial side, the U.S. Treasury's Office of Foreign Assets Control (OFAC) sanctioned Cambodian Senator Kok An alongside 28 individuals and entities, including casinos, holding companies, and a Cambodian bank.

According to OFAC, Kok An's business empire, including Crown Resorts and Anco Brothers Co Ltd, provided physical infrastructure and security to scam syndicates while collecting rental income and using casino operations to launder proceeds.

The State Department separately announced rewards of up to $10 million for information leading to the seizure of proceeds tied to the Tai Chang scam center in Myanmar.

The FBI's Operation Level Up, running since January 2024, has notified nearly 9,000 potential victims and is estimated to have prevented around $562 million in losses as of April 2026 by reaching out to targets before they transfer funds – a proactive model that differs from traditional post-fraud investigation.

Cambodia's parliament has also moved to codify enforcement, passing its first dedicated law targeting scam centers. Convictions under the law carry prison terms of five to ten years and fines up to $250,000.

When Scammers Stop Persuading and Start Hacking

The most significant long-term signal from recent enforcement reports is the direction of the crime’s evolution.

Earlier iterations of pig butchering scams relied almost entirely on social engineering: operators building romantic or professional relationships with victims over weeks, then directing them to fraudulent investment apps. That model is still in use. But researchers have now documented a material shift.

An Android banking trojan, traced to the K99 Triumph City compound in Cambodia, operated by the sanctioned K99 Group, has been found capable of real-time surveillance, credential theft, data exfiltration, and direct financial fraud. Rather than persuading victims to act, the malware acts on their behalf.

Infoblox research also connected malware deployment to several scam compounds, suggesting this is not an isolated incident but an emerging operational upgrade across the broader network. The implication is structural: as law enforcement scales up social-engineering disruption, the criminal infrastructure is automating the fraud itself.

Separately, the UK government sanctioned Xinbi, a Chinese-language marketplace operating across Southeast Asia, for providing cryptocurrency-based services to scam centers, including selling stolen personal data and satellite internet equipment used to contact victims. Xinbi also reportedly facilitated laundering of funds linked to North Korean state-sponsored hacks.

>> Read more: Inside Lazarus Group: North Korea’s Financial Cyber Army

What Enforcement Has and Has Not Achieved

The scale of recent operations is real. Over 2,500 sites raided in Cambodia following U.S. pressure and UK sanctions, hundreds of scam centers shut, tens of thousands of foreign nationals released. The arrest and extradition of alleged scam kingpin Chen Zhi, linked by U.S. prosecutors to approximately $15 billion in Bitcoin, marked one of the largest digital asset forfeiture cases in history.

But senior law enforcement officials and researchers consistently temper these milestones with the same caveat: demand does not disappear when supply is disrupted. Criminal networks relocate, reconstitute, and in this case, upgrade their toolkits.

"These are very large, well-resourced organizations. This is not like a few criminals operating out of a back room flat," Mark Button, a criminology professor at the University of Portsmouth who has studied similar networks, told CNBC.

The broader enforcement challenge is structural. Southeast Asian jurisdictions with weak anti-money laundering infrastructure and, in some cases, political figures directly embedded in the crime economy create conditions that make sustained disruption difficult. The same compound infrastructure that has been raided continues to reopen under different names and ownership structures.

For retail crypto users, the practical risk remains concentrated in unsolicited investment opportunities, particularly those arriving through social media, dating apps, or messaging platforms.

Official guidance from the FBI and DOJ continues to emphasize a consistent warning: if someone you have never met in person is directing you toward a specific crypto investment platform, treat it as fraud.

Sources

• Chainalysis – Chinese Money Laundering Networks Crypto Report 2025 https://www.chainalysis.com/blog/asian-scam-centers-crypto-fraud-april-2026/
• CNBC – Chinese organized crime networks moved $16 billion in crypto in 2025 https://www.cnbc.com/2026/02/02/chinese-money-laundering-networks-crypto-telegram-2025-chainalysis-scam-southeast-asia-cambodia.html
• U.S. Department of Justice – New Scam Center Strike Force Battles Southeast Asian Crypto Investment Fraud https://www.justice.gov/usao-dc/pr/new-scam-center-strike-force-battles-southeast-asian-crypto-investment-fraud-targeting
• UK Government – UK crackdown on vile scam centres steps up with sanctions on illicit crypto network https://www.gov.uk/government/news/uk-crackdown-on-vile-scam-centres-steps-up-with-sanctions-on-illicit-crypto-network
• TechRepublic – Cambodia's $15B Crypto Scam Empire Collapses After Arrest https://www.techrepublic.com/article/news-cambodia-crypto-scam-empire/