The plumbing behind $43M in investment-fraud losses
DOJ charges two in a New York-based network that laundered at least $43 million from pig-butchering-style investment scams through ~140 accounts.
The U.S. Department of Justice on Thursday charged two New York residents — Zhuoying Chen, 27, and Haojie Zhang, 38 — with conspiracy to commit money laundering, alleging they ran a Queens- and Brooklyn-based network that moved at least $43 million in fraud proceeds through roughly 140 bank accounts opened under about 45 shell companies between 2020 and 2022, with the cleaned money ultimately routed to China. The DOJ press release puts the operational network at more than a dozen people. The maximum sentence per defendant is twenty years.
The victims were reached the way most of them are reached now — a direct message on a social platform, a slow-build conversation, an eventual pitch into an investment product with a counterfeit-profit dashboard that let the mark watch imaginary gains before the real money vanished. The DOJ writeup does not use the phrase “pig-butchering,” but the pattern is the one the FBI’s 2025 Internet Crime Report categorizes as investment fraud — 49% of reported scam incidents last year and about $8.6 billion in losses, per the same report.
Analysis: the back office is the story
Analysis, not incident reporting. What follows is a reading of the DOJ’s charging documents and public reporting. The defendants are charged, not convicted, and the operational figures in the indictment are the government’s allegations.
The scams get the coverage. The dashboards, the fake profits, the eventual disappearance of the funds — that is the part that makes for a story a victim can retell. What Thursday’s charging document describes is the other half of that operation, and it is the half that is easier to skip past because it looks like accounting. Roughly 140 bank accounts. About 45 shell companies. A dozen-plus people to run them. Two years of continuous operation, in one city, at that scale.
That is not a crime. That is an operations department.
The pattern is old. Advance-fee fraud in the late nineties needed a mule to receive a wire transfer and forward the cash in another form; every romance-scam prosecution of the last fifteen years has read like a memo about opening bank accounts and routing money out of them; the specifics change, the plumbing does not. What is new is only the scale and the plausibility of the front-end pitch, which now includes a working web app and a live chart that updates on cue. The back office looks the same because it has to. Money has to leave the victim’s country in a form the operators can spend, and that means somebody has to sit in Queens opening bank accounts in fictional company names for two years. The interesting question is not why fraudsters do this. It is why it keeps being possible to open 140 of them.
The indictment reads as a bank-controls story more than a technical one. HSI Executive Associate Director John A. Condon’s statement — that the alleged network “laundered funds stolen from unsuspecting victims” and thereby “enabl[ed] scammers to continue victimizing Americans” — is not framed as a novel insight. It reads like a public reminder that the enforcement lever the U.S. can actually pull on offshore scam call centers is the domestic banking and shell-company layer that converts stolen dollars into moved-out dollars. It is the layer that sits on U.S. soil. It is the layer that leaves paper.
What this changes, and what it does not
For an individual sysadmin or SOC, nothing here is actionable in the way a KEV addition is actionable. Nobody is asking you to patch a router because two people were charged in New York.
What it does change, marginally, is the enforcement math. Two years of continuous laundering at $43 million surfaced now, in one indictment, is the sort of thing that makes the incremental cost of running the next such network in the U.S. slightly higher — a shell-company registration is not free, a bank account is not free, and a compliance officer being told a second time about a specific Queens-and-Brooklyn pattern is not free. It does not touch the front-end pitch. It does not put the servers or the scripts or the call center out of business. It raises the marginal cost of the U.S. leg.
The scams will keep coming. The plumbing gets slightly harder.
Sources
- BleepingComputer — “US charges two over laundering $43 million from investment fraud” (2026-07-17)
- DOJ Office of Public Affairs — “Two Key Members of Chinese Money Laundering Network Charged With Laundering $43 Million Investment Fraud Proceeds”
- FBI Internet Crime Complaint Center — Annual Reports
- 0dayNews — “Dutch bust €100M fraud ring, 20 call centers, 700 shills” (2026-07-15)
- 0dayNews — “DOJ, Media Land: Yalishanda bulletproof-hosting indictment” (2026-07-15)
- 0dayNews — “Interpol First Light: 5,811 arrests, $293M seized” (2026-07-09)
Found this useful? Share it.


