Key Takeaways:
- British hacker Danny was arrested in Dubai.
- Authorities seized over $18.6 million in cryptocurrency linked to his criminal activity.
- Blockchain investigator ZachXBT tracked Danny’s online activity.
British hacker Danny, also known as Meech or Danish Zalfiqar Khan, reportedly faces arrest in Dubai following a law enforcement raid that led to the seizure of over $18.6 million in cryptocurrency.
Danny has been linked to some of the most significant crypto crimes in recent years, including the infamous Genesis hack and the Kroll SIM swap attack.
Crypto asset seizure signals law enforcement action
Well-known blockchain sleuth ZachXBT shared details of the arrest on his Telegram channel on 5 December 2025.
Hey folks, big news in the crypto world today! 🚨 On-chain sleuth ZachXBT just dropped that UK hacker Danny (aka Meech or Danish Zulfiqar Khan) got nabbed by the cops, and they seized a whopping $18.58 million in his crypto stash.
This guy's been on the radar for some serious…
— Seven Crypto 🐋 (@SevenWinse) December 5, 2025
ZachXBT has been tracking Danny’s online activity for months, and when the activity suddenly stopped, the investigator concluded that authorities had likely moved in.
Before the arrest, ZachXBT noted unusual activity across Danny’s multiple crypto wallets.
🚨 Major Development in Crypto Crime Case
British threat actor known as Danny / Meech (allegedly linked to the 2023 Kroll SIM swap + 2024 Genesis creditor theft) may have been detained and had crypto assets seized.
📍 Activity suggests law enforcement involvement — multiple… pic.twitter.com/S5p3Jnpql1
— Ashav Finance (@Ashav_Finance) December 5, 2025
The scattered funds were suddenly consolidated into a single wallet, 0xb37d617716e46511E56FE07b885fBdD70119f768, a pattern consistent with law enforcement asset freezes in previous cases.
The wallet currently holds approximately $18.67 million, believed to represent a portion of the stolen funds that authorities have secured. This seizure follows the standard approach of seizing illicit assets to prevent further criminal activity and facilitate potential restitution to victims.
Connections to major crypto crimes
Danny’s criminal history is extensive. In August 2024, he played a key role in the Genesis hack, a coordinated attack that resulted in $243 million being drained from Genesis creditors.
The operation involved several other notable hackers, including Malone, Veer, Chen, and Jeandiel, exploiting insider information and security vulnerabilities to empty major investor accounts.
Beyond Genesis, Danny was implicated in the August 2023 Kroll SIM swap attack. Hackers targeted phone numbers associated with companies like BlockFi, Genesis, and FTX, gaining access to sensitive personal information. They impersonated account holders, defrauding victims out of more than $300 million.
ZachXBT’s investigative role and implications
Blockchain investigator ZachXBT played a crucial role in uncovering Danny’s activities. By monitoring wallet movements and online behavior, ZachXBT identified patterns consistent with money laundering, stolen fund pooling, and pre-raid crypto transfers.
A sudden silence among Danny’s associates in the days leading up to the Dubai raid further signaled law enforcement intervention.
Authorities’ action demonstrates a growing global effort to tackle crypto crime, with Dubai emerging as a significant hub for arresting high-value cybercriminals. The seizure of nearly $19 million not only disrupts Danny’s network but also sends a strong warning to hackers exploiting decentralized finance.
The case highlights the importance of enhanced security measures by cryptocurrency companies and offers hope for recovering funds lost to cybercrime.
