Between 2015 and 2018, Estonian nationals Sergei Potapenko and Ivan Turõgin collected more than $575 million from hundreds of thousands of retail investors worldwide through HashFlare, a cloud mining service that purported to rent them shares of a massive Bitcoin and cryptocurrency mining operation. According to a 2022 DOJ indictment, the underlying hardware performed Bitcoin mining at less than one percent of the computing power HashFlare claimed to have. Customers who tried to withdraw earnings were either stonewalled or paid with cryptocurrency the founders purchased on the open market — not proceeds from any actual mining.
HashFlare launched publicly in April 2015 under the corporate umbrella of HashCoins OÜ, an Estonian technology company the two men controlled. The platform sold contracts denominated in gigahashes or megahashes per second across multiple algorithms: SHA-256 for Bitcoin, Scrypt for Litecoin, and later ETHASH, Dash, and Zcash contracts. A polished web dashboard displayed running earnings figures in real time. Those figures were fabricated. When global Bitcoin prices fell sharply in mid-2018 and maintenance fees began exceeding stated returns, HashFlare announced on July 24, 2018 that it was terminating all SHA-256 Bitcoin contracts, citing a clause that allowed cancellation when daily fees exceeded customer payouts for 28 consecutive days. Customers reported their remaining balances were not refunded; HashFlare had simultaneously introduced new KYC and AML protocols that effectively froze unverified accounts.
Potapenko and Turõgin were arrested in Tallinn on November 20, 2022, in a joint operation by Estonian police and the FBI, and extradited to the United States in 2024. On February 12, 2025, both men pleaded guilty to one count each of conspiracy to commit wire fraud in the US District Court for the Western District of Washington. On August 12, 2025, Judge Robert S. Lasnik sentenced each defendant to time served — 16 months in detention since their 2022 arrest — plus a $25,000 fine and 360 hours of community service. The sentence, far below the 10-year terms prosecutors sought, immediately prompted controversy; the Department of Justice announced it was considering an appeal. As part of their plea agreement, Potapenko and Turõgin agreed to forfeit assets valued at more than $400 million for victim restitution.
The HashFlare case is the largest cloud mining fraud by dollar amount to result in US criminal convictions to date, and the first major instance of the DOJ successfully extraditing European nationals specifically for hashrate contract fraud.
Between April 2014 and December 2019, BitClub Network collected at least $722 million from investors worldwide by selling membership shares in a purported Bitcoin mining pool. The founders, led by Matthew Brent Goettsche, promised that members would receive a proportional share of block rewards from a real Bitcoin mining operation. In reality, the mining dashboard that displayed those earnings was fabricated, and the scheme functioned as a classic Ponzi: new investor money paid existing members, who were further incentivized to recruit additional participants. Five co-conspirators were arrested on December 10, 2019. By June 2026, plea agreements and convictions had been secured for three defendants; Goettsche himself remained in pre-trial status awaiting a scheduled 2026 trial date, and two other co-defendants’ sentencings were pending repeated court delays.
The scheme ran across multiple continents and used polished web dashboards, mining hardware photographs, and the credibility of the Bitcoin mining industry to sustain the illusion. Internal communications produced in court proceedings revealed the operators’ private contempt for their own investors: Silviu Catalin Balaci, the scheme’s technical architect, wrote in messages to Goettsche that they were “building this whole model on the backs of idiots” and described prospective investors as “dumb.” Those communications, disclosed in DOJ filings, became some of the most-cited exhibits in the case’s public record.
The $722 million figure, drawn from the DOJ’s December 2019 indictment for the District of New Jersey, made BitClub Network one of the largest cryptocurrency frauds by dollar amount charged in federal court at the time of arrest. The victims included retail investors across the United States, Europe, Asia, and Latin America who had purchased pool shares expecting passive income from mining operations that were, at best, a fraction of what was represented.
Between approximately May 2014 and January 2015, Homero Joshua Garza, founder and CEO of GAW Miners LLC and its affiliated entities ZenMiner and ZenCloud, defrauded investors of $9.18 million by selling “Hashlets” — virtual cloud mining contracts that he claimed were backed by real computing hardware in his companies’ data centers. The companies sold more hashrate than their infrastructure could deliver, and the contracts were in part fictitious. Garza then compounded the fraud by launching Paycoin, a proprietary cryptocurrency, and publicly promising that he would maintain its price above $20 per unit using a $100 million reserve that did not exist. Paycoin peaked near $16 before collapsing below $2 within weeks. Garza pleaded guilty in April 2017 to one count of wire fraud in the District of Connecticut and was sentenced on September 13, 2018, to 21 months in federal prison, three years of supervised release (the first six months in home confinement), and restitution of $9,182,000. The case is the first major cloud mining fraud prosecution in US history and established that selling cloud mining contracts backed by de minimis or nonexistent hardware constitutes wire fraud.
The dollar losses in the GAW Miners case are modest compared to later cloud mining frauds, but its historical significance exceeds its dollar value. Garza’s prosecution was the first time a US federal court definitively established that fake hashrate contracts are criminally fraudulent, creating the legal precedent that would govern cloud mining enforcement for the following decade. The SEC’s parallel civil action, filed in December 2015, added securities fraud liability on top of the criminal charge, creating a dual-enforcement template that regulators later applied to BitClub Network, Mining Capital Coin, and MiningMax.
From at least January 2018 through 2022, Luiz Carlos Capuci Jr., co-founder and CEO of Mining Capital Coin (MCC), orchestrated a $62 million global investment fraud by selling cloud mining packages that he claimed were backed by an international network of cryptocurrency mining machines. MCC also promoted a proprietary token called Capital Coin, which Capuci described as “stabilized by revenue from the biggest cryptocurrency mining operation in the world.” Neither the mining operation nor the stabilization mechanism existed as represented. Investors who purchased mining packages were told they would receive daily returns of one percent paid weekly; those returns were later converted to Capital Coin, redeemable only through a fake trading platform called Bitchain that Capuci controlled. The DOJ unsealed a criminal indictment on May 5, 2022, charging Capuci with conspiracy to commit wire fraud, conspiracy to commit securities fraud, and conspiracy to commit international money laundering. Capuci, believed to be in Brazil as of the indictment’s unsealing, remains a fugitive. The SEC filed a parallel civil action. As of the filing date, criminal proceedings remain pending, and an SEC civil trial was scheduled for 2025 in the Southern District of Florida.
The MCC case illustrates the replication of a fraud template across a new generation of cloud mining operators. The structural elements — fake mining infrastructure, a fabricated proprietary token, a captive redemption platform, and an MLM recruitment layer — reproduced, at smaller scale, the architecture previously used in BitClub Network and HashFlare, with additional complexity provided by the locked redemption mechanism that prevented investors from liquidating their Capital Coin holdings on any independent market.
Between September 2016 and October 2017, MiningMax LLC solicited approximately 270 billion Korean won — equivalent to $250 million — from roughly 18,000 investors across 54 countries by selling access to Ethereum mining rigs and pool contracts that promised monthly returns of $800 to $1,200 per machine. The company, registered in Las Vegas but operated primarily by South Korean nationals, ran a seven-tier multi-level marketing structure in which investors were rewarded for recruiting additional participants. Of the $250 million collected, roughly $80 million was actually spent on mining hardware; approximately $110 million was diverted to offshore accounts controlled by the scheme’s organizers. The chairman identified in South Korean prosecutions as Daniel Park (Nam Ho Park) and several other top executives fled South Korea and were placed on Interpol’s wanted list. By December 2017, South Korean prosecutors had indicted 21 individuals and arrested 14 on charges of fraud and violations of the country’s door-to-door sales laws. California’s Department of Financial Protection and Innovation issued a desist-and-refrain order against MiningMax in 2020. As of the filing date, the chairman and vice chairman remain fugitives; the 14 individuals arrested in South Korea faced prosecution there.
The MiningMax scheme is distinguished by its geographic scale — 54 countries affected, including approximately 2,600 US investors — and by the sophistication of its cover story. Unlike some cloud mining frauds that sold entirely nonexistent hardware, MiningMax actually purchased mining equipment and operated it at a fraction of the scale it represented. This partial reality — real machines, real hashing, inadequate returns, fabricated performance figures — made the fraud harder to detect at the individual investor level and illustrated how a cloud mining scheme can operate with genuine physical infrastructure while still being systematically fraudulent in its representations to investors.
Geosyn Mining, LLC, a Fort Worth, Texas-based company founded by Caleb Ward, raised more than $4.5 million from dozens of investors across the United States between November 2021 and January 2023 by selling hosting contracts for Bitcoin mining machines that the company either never purchased, never powered on, or misrepresented as belonging to individual customers. Ward promised investors low-cost electricity at 4.5 cents per kilowatt-hour, told them their machines were operational and actively mining, and sent photographs of hardware that belonged to other customers as proof of delivery. The company’s co-founders and sales leadership redirected tens of thousands of dollars of investor funds to personal expenses including nightclub bills, luxury watches, and firearms. Ward was convicted on November 20, 2025, by a federal jury in Fort Worth on one count of conspiracy to commit wire fraud and three counts of wire fraud. His sentencing was scheduled for March 12, 2026, with a maximum exposure of 20 years per count. Co-founders Jeremy McNutt and Jared McNutt entered plea agreements.
Geosyn operated during one of the most active periods for retail participation in Bitcoin mining hosting: the 2021–2022 bull market, when Bitcoin prices peaked above $60,000 and the economics of small-scale hosted mining appeared attractive to individual investors. The company targeted clients nationwide through direct outreach and referral, describing itself as a turnkey solution for investors who wanted mining exposure without the technical demands of self-hosted hardware. The SEC charged Geosyn, Ward, and Jeremy McNutt in April 2024, and Ward was separately indicted in May 2024 by the U.S. Attorney’s Office for the Northern District of Texas.
The scheme combined inventory fraud — selling contracts for machines that were never acquired — with a Ponzi payment structure, in which earlier investors received distributions sourced from newer investors’ capital rather than actual mining proceeds. The combination of fake hardware and recycled investor funds sustained the scheme for approximately 14 months before investor complaints forced it into collapse.
The Geosyn conviction is one of a cluster of mid-scale US cloud mining prosecutions following BitClub Network and HashFlare, demonstrating that DOJ and SEC have embedded mining fraud within their standard enforcement framework regardless of dollar amount.
Between June 2017 and at least March 2022, siblings John Albert Loar Barksdale and JonAtina (Tina) Barksdale raised more than $124 million from thousands of retail investors worldwide by selling a cryptocurrency token called Ormeus Coin on the false claim that it was secured by one of the largest and most profitable bitcoin mining operations in the world. According to a Securities and Exchange Commission complaint filed in March 2022 and a simultaneously unsealed criminal indictment against John Barksdale in the Southern District of New York, neither claim was true: Ormeus Coin’s mining operation generated less than $3 million in total revenue across its entire lifespan and was abandoned in 2019.
The scheme operated through two vehicles. The first was Ormeus Global, a multi-level marketing organization through which investors purchased enrollment packages — priced up to thousands of dollars — that included Ormeus Coin and access to a purported crypto trading program. The second was a series of public ORME token offerings. Across both channels, the Barksdales sustained the fiction of a $250 million mining operation generating $5–8 million per month in revenue. To make the fiction concrete, they published a wallet address on the Ormeus Coin website appearing to hold more than $190 million in crypto assets. That wallet belonged to an unrelated third party; Ormeus wallets held less than $500,000.
The SEC filed civil fraud charges against both Barksdales on March 8, 2022; the DOJ simultaneously unsealed a criminal indictment against John Barksdale in the SDNY on four counts — securities fraud, conspiracy to commit securities fraud, wire fraud, and conspiracy to commit wire fraud — carrying a combined statutory maximum of 65 years. John Barksdale had been arrested by Thai authorities before the US charges were unsealed but escaped to Dubai before extradition could be completed and remains a wanted fugitive. On March 15, 2023, the SDNY entered a final civil judgment of approximately $82 million against both Barksdales, including disgorgement, prejudgment interest, and civil penalties. John Barksdale faces a separate criminal judgment of approximately $79 million.