FBI arrests Florida man over $220K crypto theft using malware hidden in video games
Zyaire Wilkins allegedly embedded malware in eight video games that infected 8,000 devices and drained around 80 crypto wallets over nearly two years.
A 21-year-old from North Lauderdale, Florida, was arrested on July 14 after the FBI linked him to a malware scheme that allegedly siphoned at least $220,000 in crypto from unsuspecting gamers. Zyaire Dontaevious Zamarion Wilkins, who operated under the alias “Sibel.eth,” is charged with conspiracy to obtain information by computer for financial gain.
The alleged operation ran from May 2024 through February 2026, infected roughly 8,000 devices, and compromised around 80 crypto wallets. If convicted, Wilkins faces up to 10 years in federal prison.
Trojan horses, but make them literal video games
According to the FBI complaint, Wilkins didn’t build the malware himself. He allegedly financed and procured it from a primary developer, then handled distribution and marketing of the infected titles. Eight video games in total served as delivery vehicles. Gamers downloaded what they thought was entertainment and instead handed over access to their digital wallets.
The FBI traced Wilkins to $382,000 in total cryptocurrency transaction volume, though the stolen amount attributed directly to victims sits at approximately $220,000. No particular tokens, wallet providers, or exchanges have been named in connection with the case.
Why gamers make attractive targets
Hot wallets, browser extensions, and locally stored seed phrases are all common among casual crypto holders who game on PCs. That makes them ideal targets for info-stealing malware. One careless download, one skipped antivirus warning, and your MetaMask or Phantom wallet credentials are being exfiltrated to a server controlled by someone like Wilkins.
$220,000 spread across 80 wallets averages out to about $2,750 per victim.
The broader security picture
Wilkins’ use of the alias “Sibel.eth” is also worth noting. The .eth suffix ties to Ethereum Name Service domains, a popular way to create human-readable wallet addresses. Whether this alias was connected to an actual ENS domain or was simply an online handle remains unclear from the complaint, but it suggests the accused was embedded enough in crypto culture to adopt its naming conventions.
What this means for investors
The case also raises questions about the responsibility of digital distribution platforms. If eight malware-laden games were available for download long enough to infect 8,000 devices, that platform’s review and moderation processes clearly failed.