In 2025, a daring YouTuber and ethical hacker known as “Mrwn” uncovered and dismantled an elaborate cryptocurrency scam operation in Cebu, Philippines. The fraudsters were raking in an estimated $800,000 annually by deceiving victims worldwide with fake investment schemes.
The scammers operated under multiple fake identities, including BMJ Data Processing Services and Virtual Wealth Exchange. They lured victims with promises of massive returns through fraudulent platforms like Quantum AI and Bitcoin Code. Their sophisticated tactics included psychological manipulation, fake call center operations, and even typosquatting – creating fake websites with URLs nearly identical to legitimate crypto platforms.
Inside the Scam Hub
The scam initially ran from the Skyrise building in Cebu IT Park before relocating near Envy Bar in Kasambagan. Taking advantage of the Philippines’ low labor costs and strong English proficiency, the fraudsters posed as a legitimate call center to target victims primarily in South Africa, Nigeria, and Gulf countries.
Their methods were disturbingly effective. Agents followed a 14-page script that began with friendly greetings before escalating to high-pressure sales tactics. They would guilt-trip victims with lines like “Do you want to stay poor forever?” and falsely claim to be operating locally in the victim’s city to build trust. Shockingly, they stored victims credit card details in unsecured plain text files, leaving them vulnerable to identity theft.
Mrwn’s Year-Long Investigation
The operation began unraveling in mid-2024 when a friend of Mrwn received a suspicious call promoting Quantum AI investments. This prompted the ethical hacker to launch an in-depth investigation. Over the next year, Mrwn infiltrated the scammers’ systems, gaining access to their CCTV feeds, call recordings, email logs, and even their Telegram chats.
When the scammers relocated to the Gallery building, Mrwn made his move. He accessed their CCTV system and began sending live screenshots to the team, impersonating their boss “Adam” on Telegram. In a dramatic confrontation, he used the office manager’s laptop microphone to directly address “Antonio” (real name Marcus), exposing their operation in real-time. The scammers panicked and fled their office within days. Mrwn documented the entire operation in a 23-minute YouTube video titled “Scammers PANIC After Getting Hacked Live On CCTV!” which went viral with over 2.7 million views.
Government Response and Ongoing Fallout
Initially, Philippine authorities showed little interest in Mrwn’s findings. Only the Department of Justice responded, suggesting he file a local police report, impossible since he wasn’t in the country. However, after the video went viral, multiple agencies sprang into action.
The Cybercrime Investigation and Coordinating Center launched an investigation, while police found the Gallery office abandoned with computers and personal items left behind. The National Bureau of Investigation is now pursuing about 40 individuals connected to the scam. On the other hand, Skyrise management denied ever housing the scammers, and legitimate business organizations distanced themselves from the operation.
A Growing Problem in the Philippines
This case highlights the Philippines growing reputation as a hub for crypto scams. A 2023 Senate inquiry had already warned about the country becoming a hotspot for such operations, often involving trafficked foreign workers. While Mrwn’s actions shut down this particular scam, the incident underscores the need for stronger regulations and more proactive law enforcement to combat cybercrime effectively.
As authorities continue their investigation, one thing is clear: ethical hackers like Mrwn are playing an increasingly vital role in exposing these sophisticated criminal operations that target vulnerable investors worldwide.
Written By Fazal Ul Vahab C H
