Summary

  • Federal authorities apprehended 21-year-old Zyaire Wilkins from North Lauderdale, Florida, alleging he was involved in a plot that concealed crypto-stealing malware in online video games.
  • According to an FBI complaint, the operation compromised around 8,000 devices, accessed roughly 80 cryptocurrency wallets, and stole a minimum of $220,000 between May 2024 and February 2026.
  • Wilkins faces charges of conspiracy to obtain information via computer for personal financial benefit, which could result in up to 10 years of incarceration.

Federal agents have detained a man from Florida accused of participating in a scheme that embedded malware designed to steal cryptocurrencies within video games, affecting thousands of victims and leading to significant financial losses.

Zyaire Dontaevious Zamarion Wilkins, aged 21 and residing in North Lauderdale, was arrested on Tuesday and is charged with conspiracy to obtain information through a computer for private financial gain, a charge that may carry a sentence of up to ten years, as outlined in a 15-page federal complaint first reported by WPLG Local 10.

The complaint does not specify the gaming platform involved, merely mentioning a "popular digital distribution software company." However, the games identified—including PirateFi, BlockBlasters, Dashverse, and Lunara—were previously flagged by the FBI's Seattle field office during a public investigation into Steam malware earlier this year. The case is being prosecuted in Seattle, which is near the Bellevue, Washington headquarters of Valve, the owner of Steam.

Using Games as Lures

From May 2024 to February 2026, Wilkins and his associates released eight games containing malware, infecting around 8,000 devices, according to the FBI. They accessed about 80 crypto wallets and stole at least $220,000. The group allegedly promoted these games on platforms such as Discord, Telegram, X, and LinkedIn, utilizing bots to identify users with substantial crypto holdings and encouraging them to download the games. Once installed, the malware collected private data and login credentials, which the conspirators then used to attempt to access the victims' crypto accounts.

Wilkins was identified through the handle "Sibel.eth," which he reportedly used to communicate with an unnamed "primary developer" via the encrypted messaging app Signal. The complaint details discussions between the two about executing "draining campaigns" to deceive victims into approving transactions that would swiftly empty their wallets. Agents also noted that Wilkins purchased a "remote access trojan" for $10,000.

Investigators traced Wilkins by following Bitcoin transactions from the scheme's wallet to Bitrefill, where the funds were used to buy over 150 gift cards, primarily for Uber Eats. A subpoena to Uber linked these gift cards to an account associated with deliveries to Wilkins' home and his address at the University of West Florida.

During a search of his North Lauderdale residence the week prior, Wilkins declined to speak with agents. They confiscated several devices and three wallet seed phrases, including one for Monero, a privacy coin noted for its difficulty in being traced. An analysis of his cryptocurrency transactions revealed approximately $382,000 moving in and out.

FBI Investigation Intensifies

This arrest seems to be the first charge stemming from an FBI investigation that was made public in March, when the agency urged gamers affected by a wave of malicious Steam titles to step forward. These games, which appeared legitimate and were approved for sale, included info-stealers that extracted credentials and wallet information. PirateFi attracted nearly 7,000 players while masquerading as a free survival game before Valve removed it and advised users to reformat their computers.

BlockBlasters, one of the most infamous titles, drained over $32,000 from a streamer who was raising funds for cancer treatment during a live broadcast last September—part of an overall estimated theft of $150,000 from numerous users. Recently, researchers also identified malware hidden in Steam Workshop wallpapers targeting the same demographic of crypto holders.

Wilkins is scheduled to appear in federal court in Fort Lauderdale on Wednesday, but no timeline has been established for his transfer to Washington to face charges that could lead to a decade in prison.

Daily Debrief Newsletter

Stay updated with the latest news stories and unique features every day, including a podcast and videos.