Federal authorities have arrested a Florida man accused of helping run a malware scheme hidden inside video games that allegedly stole more than $220,000 in cryptocurrency. Prosecutors said the malicious software was disguised as legitimate games on a major gaming platform and infected about 8,000 devices.

According to a 15-page federal criminal complaint filed in the Southern District of Florida, authorities allege that 21-year-old Zyaire Dontaevious Zamarion Wilkins of North Lauderdale helped fund, promote, and support the operation between May 2024 and February 2025.

The malware allegedly targeted cryptocurrency users, stole sensitive information, and drained about 80 digital wallets. Wilkins has been charged with conspiracy to obtain information by computer for private financial gain and faces up to 10 years in prison if convicted.

Malware Hidden Inside Popular Games

The FBI said the group hid malware inside eight video games and persuaded users to download them. Investigators did not identify the distribution platform by name, but details in the complaint closely match Steam, which has previously removed several of the games. The titles listed in the filing include BlockBlasters, Dashverse, Lunara, and PirateFi.

Prosecutors say the group promoted the games on Discord, Telegram, X, and LinkedIn while using bots to identify users with large cryptocurrency holdings. Those users were then sent targeted messages encouraging them to install the games.

Once the software was installed, investigators say the malware collected login credentials and cryptocurrency wallet data. Prosecutors allege the group then searched the stolen information for access to victims’ digital assets and drained their cryptocurrency accounts.

FBI Traces Online Identity to Wilkins

Investigators say Wilkins used the online name “Sibel.eth.” According to the complaint, encrypted Signal messages showed him coordinating closely with the operation’s lead developer.

Prosecutors allege Wilkins bought a remote access trojan for $10,000. The complaint also includes discussions about “draining campaigns” and ways to “trick victims into authorizing transactions that instantly empty their wallets.”

Investigators later traced cryptocurrency payments to purchases made through Bitrefill. They say the transactions led to more than 150 digital gift cards linked to accounts associated with Wilkins’ university and home addresses.

Search Warrant Uncovers More Evidence

Federal agents searched Wilkins’ North Lauderdale home last week and seized several electronic devices. Investigators also recovered three cryptocurrency wallet seed phrases during the search.

“One of the seed phrases is for a Monero wallet, an anonymity-enhanced cryptocurrency frequently used by criminals that is difficult to trace between source and destination,” an FBI agent wrote in the complaint.

Investigators also reviewed transaction records and found that Wilkins sent or received about $382,000 worth of cryptocurrency. Court records indicate the investigation remains active as authorities continue working to identify other alleged members of the group.

Related: Ostium Vault Suffers $18 Million Exploit on Arbitrum via Oracle Attack