Two Canadian nationals have been sentenced to two years in a United States federal prison for stealing 23.2 Bitcoin (BTC) through a scam on Twitter in 2017.

According to the U.S. Department of Justice, on March 17, 23-year-old Karanjit Khatar and 24-year-olds Jagroop Khatkar were formally sentenced to 24 months in prison and three years supervised release for money laundering and conspiracy to commit wire fraud.

Scammers impersonate HitBTC support staff on Twitter

Beginning in October 2017, the British Columbia-residents were found to have impersonated customer service representatives from the Hong Kong-based cryptocurrency exchange HitBTC.

Acting under the handle “@HitBTCAssist,” the pair responded to a request posted to the real HitBTC’s Twitter account concerning cryptocurrency withdrawal processes.

The Khatkars were able to convince the Oregon resident to forward sensitive information relating to their email, HitBTC, and Kraken accounts — which the scammers used to transfer 23.2 Bitcoins to Karanjit’s wallet.

Worth $119,000 today, the stolen Bitcoin had a value of roughly $130,000 at the time of the theft.

Stolen proceeds spent on a lavish lifestyle

The scammers divided the stolen proceeds equally, quickly selling the Bitcoins to fund an exorbitant lifestyle including casino gambling and luxury vehicles.

Within two days of the theft, Karanjit Khatkar purchased a Mercedes-Benz for nearly $40,000. He also gambled with tens of thousands of dollars while visiting high-end casinos in Las Vegas.

Karanjit was arrested at the McCarran International Airport in Las Vegas on July 18, 2019, while Jagroop later appeared at his arraignment voluntarily.

The pair pleaded guilty on Dec. 16, 2019, and were ordered to pay total restitution of $184,511.

Crypto scams capitalize on coronavirus panic

A number of government regulators have warned of a recent uptick of scams seeking to capitalize on the widespread fears relating to COVID-19.

On March 11, the United Kingdom Financial Conduct Authority warned that coronavirus scams may “take many forms and could be about insurance policies, pensions transfers or high-return investment opportunities, including investments in cryptoassets.”

Earlier this month, cybersecurity threat researcher DomainTools identified the coronavirus-themed ransomware “CovidLock.” DomainTools found that the website coronavirusapp.site installs ransomware on a users’ device under the guise of providing a thermal map showing the spread of the coronavirus nearby.

Once granted permission to access a device's screen settings, the ransomware changes the lock screen password and demands $100 in Bitcoin in exchange for restored access to the phone.