On a bright, sunny July morning in 2020, just as COVID-19 was going on a deadly rampage across the country, I opened my email and stumbled across a message that would change the course of my day and my views on criminal activities involving digital assets forever. The following story demonstrates and explains the coming of age of cryptocurrency tracing and digital asset recovery.
Having dabbled in cryptocurrencies and, as a licensed investigator, being somewhat intrigued by the promise of unstoppable and censorship-resistant digital cash, the year before, I had bought a cheap and popular digital wallet and stored a modicum of crypto funds on it as an experiment.
In my inbox, among the usual spam and smattering of legitimate messages, a subject line addressing me by my full name stood out.
It warned me about the safety of my digital funds at blockchain.com, a custodial digital wallet provider.
As luck would have it, I had an account at blockchain.com but had closed it some months earlier as I didn’t use it and found it redundant after I received my hardware wallet.
My curiosity piqued, and I instinctively clicked the seemingly legitimate link in the email.
The browser whisked me to a page that warned me about fraud and prompted me to provide information, including my vaunted key phrase to “ensure the safety of my funds.”
At that point, I realized I had become the victim of a phishing scheme.
How did the criminals know my name?
And how did they get their hands on my full physical address?
They’d included it in the message to make it more credible.
I had heard about money laundering and phishing involving cryptocurrencies before.
But I had never experienced the touch of crypto crime up close and personal.
The Hack
I immediately contacted my friend, Matt, a licensed cryptocurrency tracing and forensic specialist, and he revealed the details of what I had just experienced.
The company from whom I had bought my hardware wallet had a Shopify e-commerce account.
Rogue employees of the e-commerce company leaked documents containing the personal information of digital wallet buyers to hackers.
The information made its way onto the dark web by December 2020, and the trickle of trickery swelled to a flood.
Criminals targeted people through phishing, physical threats on the phone, snail mail, and phone calls promoting shady crypto schemes.
Some victims even received compromised, fake hardware devices with sham messages, allegedly from the manufacturer, urging them to transfer their funds into the new wallets.
Thousands of people fell for the scams and lost their digital coins.
We Can Trace and Assist with the Recover Cryptocurrencies
People mistakenly believe that cryptocurrencies like Bitcoin are untraceable.
And once someone steals them, no one can ever recover the funds.
Crypto forensics and tracing companies, like CNC Intelligence Inc., can obtain much data from public ledgers like Bitcoin.
- Attribution data allows investigators to associate blockchain transactions with associations and cyber criminal organizations.
- Transaction mapping reveals the path of the stolen funds between organizations, exchanges, and other entities, right up to their final destinations.
- Cluster analysis reveals the addresses a group or organization controls and uses for illicit purposes.
- Targets for subpoenas. Investigators can use the KYC information many exchanges and DeFi firms require, to link transactions to individuals and establish targets for subpoenas.
- IP addresses. With the right tools, investigators can link IP addresses to transactions and establish the whereabouts of individuals linked to the crypto crime.
The Coming of Age of Cryptocurrency Tracing and Digital Asset Recovery
Cryptocurrency investigators can establish the magnitude of fraud schemes, reveal the parties involved, including dark web markets, and determine targets for seizure warrants.
They can work with local authorities to target criminals and locate stolen funds for recovery.
And they will go through the paces and put in the effort.
The wallet manufacturer involved in the detailed incident offers a $400,000 bounty for information leading to the capture of perpetrators.
With the coming of age of cryptocurrency tracing, scammers beware; Next time you hit “send” on your phishing email batch, consider this: you are most likely messaging a licensed investigator and already revealing information about yourself.
We offer complimentary consultations to determine if our Asset Tracing, Recovery Assistance, and Intelligence Services are suitable for your case.
When you comment, your name, comment, and the timestamp will be public. We also store this data, which may be used for research or content creation in accordance with our Privacy Policy. By commenting, you consent to these terms.