There’s a New Way to Get Your Stolen Crypto Back

hacking-code-laptop
31 October 2019

“My first loss was with CoinsMarkets. It happened when the exchange closed with our funds. I didn’t even try to contact anyone or alert any police.”

These are the words of an intrepid crypto investor – one of many who responded to a tweet asking about the lack of recourse people face when their assets are stolen in a hack, exit scam or Ponzi scheme.

There’s as much as $10 billion in stolen crypto out there in the market, according to Pawel Kuskowski, CEO of blockchain sleuthing firm Coinfirm. And he wants to give victims a fighting chance at getting their funds back.

Exclusively revealed to CoinDesk, Coinfirm has teamed up with global investigations firm Kroll, a division of consulting firm Duff & Phelps. The joint initiative being launched is called ReclaimCrypto, and combines the latest blockchain forensic techniques with the more established world of legal investigation and asset recovery.

Kuskowski told CoinDesk:

“So far, there is no one place where victims can go and get help. It’s almost like they are pleading to get someone interested in their case. In the end, they have to work it out themselves; see about getting a lawyer, perhaps in some other jurisdiction.”

Figures on what is recoverable vary. For instance, CipherTrace, another analytics firm recently said some $4 billion in crypto has been lost this year. Kuskowski’s estimate includes historic (and as yet unresolved) events like Mt Gox, which in today’s money would account for about $1 billion.

Needless to say, Kuskowski and his team are not doing this only for the good of mankind – there are success fees levied on a case-by-case basis, he told CoinDesk, adding:

“Doing the market analysis for this product, we started by calculating the kind of top cases, where we know we could be successful and recover funds, which was about 200 cases.”

Those cases alone account for roughly $1.5 billion, Kuskowski added.

How it works

Coinfirm’s bread and butter is anti-money laundering (AML) within crypto networks, done by analyzing the history of transactions using various smarts and big-data analytics. Similar to the likes of Chainalysis and Elliptic, it works with 50 or so exchanges and has built up a large database in this area.

Coinfirm’s partner, Kroll, takes a more “traditional” approach, which might involve producing court orders to get an internet service provider to reveal details about an IP address, or using former FBI and CIA operatives to scour the dark web for activity involving stolen funds.

It should be pointed out that Kroll is not new to crypto: The firm worked with the U.S. Securities and Exchange Commission (SEC) last year in relation to fraudulent coin offerings. Kroll also tells CoinDesk it helped track down the perpetrators in Europe of $27.8 million bitcoin theft.

If loss victims so choose, Kroll can potentially line up third-party litigation funding. This means firms that provide specialized finance to the legal market, such as Burford Capital or Therium, will shoulder the cost of people’s litigation. For this, they take about 30 percent of the recovered funds and return the rest to the victims.

Benedict Hamilton, a managing director at Kroll, told CoinDesk:

“From a victim’s point of view, where the police have failed to recover that money, they are not having to spend anything to get something. And no one recovers funds on their behalf without their permission. It makes the whole economics of recovering stolen funds very different – which is very exciting.”

Referring to Coinfirm as “a torch shining on the blockchain,” Hamilton said this can be extended by Kroll into the murky depths of the dark web. Kroll Cyber runs a specialist darkweb unit out of Pittsburgh, Pa., which is overseen by Keith Wojcieszek, the former head of the criminal investigations unit of the U.S. Secret Service’s cyber division.

This operation crunches petabytes of dark web data from peer-to-peer sites, said Hamilton, adding:

“With the ReclaimCrypto initiative in mind we have have been able to repurpose it so we can go into that database with a wallet string and look for any identifiers that are associated with that wallet name – perhaps a conversation over the selling of stolen credit cards or someone offering criminal services and providing that wallet as an address.”

Follow the money

Hamilton explained that there are two paths that can be followed when it comes to a crypto investigation: figure out who did it or follow the money.

ReclaimCrypto’s objective here is asset recovery, first and foremost, since that’s what the client is paying for. But ultimately both paths lead to the same place, said Hamilton, adding:

“It is inconceivable that the investigative process would finish without us giving all the details to relevant law enforcement for them then to get the benefit of the work and lock the thieves up.”

The majority of ReclaimCrypto’s focus will be on bitcoin and ether, but will also cover XRP, BCH, LTC, NEO and DASH. Unfortunates who have lost assets can learn more here.

As for those who’ve had coins pilfered, some remain philosophical about it. “That’s life,” said the aforementioned investor, adding:

“It made me grow a lot and it’s part of my adventure in crypto.”

Cybercrime image via Shutterstock