CSI crypto: Can victims recover stolen coin?

An uptick in digital heists of virtual currencies has left many crypto investors wondering if they have any options for tracing illicit Bitcoin transactions and recovering their stolen funds. The short answer is that ‘it’s possible, but difficult.’ The long answer is that ongoing developments in the regulatory landscape surrounding cryptocurrency may offer victims more recourse going forward.

One of the most recent crypto thefts took place in mid-July when a hacker lifted millions in Ether during trading platform Coindash’s initial coin offering (ICO). In a brazenly unsophisticated breach, the attacker simply hacked the platform’s website and switched out Coindash’s wallet address with another one under the hacker’s control – channeling investor’s funds to the thief. Although the heist was spotted in a matter of minutes, it was not quick enough to prevent the loss of $7.4 million of Ether.

Coindash is not the only exchange to be compromised. There have been more than three dozen thefts on similar exchanges since 2011, resulting in losses (based on current values) of $4bn in crypto. Because transactions made through the blockchain (with or without the wallet owner’s consent) cannot be reversed, there is often little immediate recourse for victims who have lost coins this way. Due to the current legal environment surrounding prosecuting cybercriminals, recovering funds could take years and there’s little guarantee of receiving a payout.

Those who have fallen victim to currency heists either through mismanaged exchanges or hacks have the option of filing a complaint with the FBI’s Cyber Criminal Unit or other law enforcement agencies. An obstacle in going this route is the lack of emphasis placed on recovering stolen Bitcoin; to date, no one has received jail time for hacking an exchange or electronically syphoning digital currency. Broadly speaking, law enforcement agencies remain undecided as to whether or not stealing digital currency constitutes a crime. A Vice article published earlier this year noted the FBI’s “lack of action when compared with how the FBI reacts to other federal crimes” when it came to investigating claims made about the hacking of e-wallet website MyBitcoin in 2011. Other crimes take priority and overall there is confusion in many law enforcement agencies as to whether or not crypto is real money.

“The millions of dollars in customer assets that ‘disappeared’ in June 2014 are not missing; they were taken by the CRYPTSY [founders] and converted to pay for their own business and personal expenses."
— — Court documents, US District Court, Southern District of Florida

However, this doesn’t mean that victims don’t have any options to get whole again after a crypto theft. Negligence suits against operators are certainly a possibility in thefts from exchanges, and the law also provides that the victims of such thefts may ‘follow the money trail’ in civil court. Such was the case in October 2016, when a $1 million settlement was reached in a Florida court— partially recovering the $5 million in losses users suffered from the Cryptsy exchange, which was shut down in January 2016. The legal approach here was a civil class action lawsuit filed against Lori Ann Nettles — the ex-wife of Cryptsy founder Paul Vernon — who is thought to have absconded to China with the stolen funds. While victims will not have their specific stolen coins returned in a civil suit of this nature, the court can order the sale of assets identified along the money trail, to pay for victim compensation.

Also, in a move that should inspire more focused involvement from law enforcement, some US states are moving to broaden the definition of money to include cryptocurrency. In May, for example, Florida’s state legislature passed House Bill 1379, which proposed that cryptocurrency should be included in the state’s definition of monetary instruments. Similar efforts are also underway in Washington, Illinois, California, and Hawaii.

While governments around the world remain far from a consensus on how to classify cryptocurrencies, the US federal government certainly has the capacity to pinpoint and arrest cyber criminals. Positive identifications can be done in a couple of different ways. Investigators are typically tasked with linking a digital wallet address that has been suspected of engaging in suspicious activity to an IP or MAC number. Savvy hackers will make this more difficult by utilizing multiple IP addresses and proxies, but investigators have been able to bypass this by simply using analysis on Bitcoin wallet addresses and cross-checking social media platforms to verify an identity. This tactic was recently deployed by federal agents in arresting alleged online drug trafficker Gal Vallerius in October.

Another positive sign that the US government is enhancing its digital investigative prowess is the recent investment made in crypto tracking tools, according to public records. In May, several agencies including the FBI invested hundreds of thousands of dollars to team up with digital currency analysis company Chainalysis to help track wallet addresses of suspicious transactions made on the blockchain. Chainalysis uses specialized software to crack complicated algorithms created by tumblrs and mixers, which are often deployed by cybercriminals to cover their tracks. This partnership is an extension of a previous working relationship between the government and the company in tracking stolen currency in the cases of Mt. Gox and Bitfinex.