A Canadian teen has been sentenced for a $37 million Bitcoin (BTC) heist and the hacking of several X accounts.
This follows on-chain sleuth ZachXBT’s calls for stricter penalties against SIM swapping and social engineering fraudsters.
Suspect’s Sentence
ZachXBT revealed via a July 29 X post that Cameron Redman had been convicted and ordered to pay compensation following his involvement in a $37 million Bitcoin theft and a related X hacking case that the investigator had uncovered.
Court documents show that Redman has been sentenced to 12 months and 1 day, followed by a three-year supervised release term for each count, with all sentences to be served concurrently. He has also been ordered to pay a $400 special assessment, $248,257.07 in restitution, and a $60,000 fine.
On February 22, 2020, the Canadian teenager used a SIM swap attack to take control of crypto investor Josh Jones’s mobile number, allowing him to bypass two-factor authentication and access his wallets. He then stole 1,547 BTC and 60,000 Bitcoin Cash (BCH), valued at around $37 million at the time.
Following the theft, Redman began laundering the stolen assets through hundreds of small transactions. These tokens were eventually funneled through centralized exchanges in an attempt to hide the trail.
The perpetrator was later linked to phishing scams and the hacking of several NFT profiles on X. According to ZachXBT, in June 2022, Redman offered access to an internal X panel for sale on the platform SWAPD. This was then sold for 250 ETH and led to the compromise of over 10 accounts and the theft of millions through phishing scams.
The detective added that the Canadian youth initially used fake identity documents on SWAPD before submitting his real information, withdrew the sale proceeds through Tornado Cash, and then deposited the funds into a Stake account.
On-chain data linked the wallet he used to the compromised X accounts. The investigation identified victims, including Beeple, DeeKay, Zeneca, Nouns DAO, and JRNY Club.
Calls for Tougher Rules
The suspect was formally charged on November 17, 2021, by Hamilton Police in Ontario. Authorities recovered $5.4 million in crypto, but the remaining $31.5 million is still missing.
At the time of his arrest, Redman was still legally underage, which meant his name remained sealed and his photo was not released. ZachXBT has previously highlighted how this kind of secrecy is part of the problem, saying the convicted criminal’s identity should have been revealed earlier on to prevent further unlawful conduct.
Such cases are on the rise, with research from Keepnet Labs showing a 1,055% increase in SIM swap incidents in the UK in 2024. Elliptic’s State of Crypto Scams 2025 analysis also highlighted phishing as a key method used by cybercriminals like North Korea’s Lazarus, with attackers increasingly automating campaigns using AI tools.
Meanwhile, ZachXBT previously reported that between November and December last year, a single hacker breached over 15 X accounts, stealing more than $500,000.
