StarCompliance Blog
image

What is crypto investigation?

2022-11-28

-17

Cryptocurrency thefts have been on the rise in recent years, and recovering stolen funds  be a daunting task. However, with the right strategies and resources in place, it may be possible to return cryptocurrency to its rightful owners. In this article, we will explore how StrarCompliance joint investigations, cooperation with exchanges, and legal actions  aid in recovering stolen cryptocurrencies.

Crypto investigation, is a specialized process that involves tracking and analyzing cryptocurrency transactions to uncover fraudulent or illegal activities. It is a crucial aspect of the cryptocurrency industry as it helps identify and prevent various forms of crypto-related scams, such as hacking, phishing, Ponzi schemes, and money laundering.

Cybercriminals who gain access to victims’ assets through social engineering or malware infiltration aim to eventually cash out the stolen funds. To make tracking these funds nearly impossible or highly challenging, they employ various mixers or DEX swaps to obfuscate the trails, hoping that law enforcement agencies will not go through the arduous process of unraveling these intricate swaps or that the mixers will not provide crucial information.

Step #1 – Find where is stolen money

Crypto investigation demand a multifaceted approach to confront the complexities posed by cybercriminals. In many instances, these criminals attempt to obfuscate the path of stolen funds, necessitating the application of specialized tools to analyze fund movements and identify the final destination wallet of the recipient of the stolen assets.

The slide presents an example of exchanging stolen funds through the ChangeNow service (a swap platform). Additionally, we can observe that a portion of the funds has been transferred to the Huobi and Waves exchanges.

In some cases, after withdrawing the stolen funds, malicious actors may leave the stolen assets in a wallet. In such instances, our team places special marks indicating that the funds are stolen, so that exchanges or platforms receiving these funds can proceed to block the recipient’s account.

After completing the investigation, the team prepares an investigation report that portrays the complete picture of fund movements:

  • Funds movement through mixers and decentralized exchanges (DEX), if applicable.
  • A list of recipient exchanges where the funds were transferred, if such exist.
  • A list of wallets containing the stolen funds.
  • A record of exchange points used to cash out the stolen funds.
  • Information about the parties involved (counterparties) in the transactions.

Based on this investigation report, Law Enforcement Agents can conduct their examination of the report and take a list of necessary actions to freeze the funds.

Step #2 – Freez assets with law enforcement agents

After the investigation report is ready, law enforcement agents usually conduct additional verification of the report before taking actions for fund freezing. In cases where law enforcement agents lack sufficient experience to submit appropriate requests for freezing funds to counterparts, our team assists in preparing the necessary requests.

Blocking accounts on exchanges

According to the policies governing regulatory bodies, financial organizations are obligated to respond to requests from law enforcement agencies conducting investigations. If exchanges, for any reason, fail to respond to such inquiries or do not comply with their lawful demands, it can lead to severe consequences for these institutions. These consequences may include legal penalties, fines, loss of operating licenses, or other measures deemed necessary by the regulatory authorities. Non-compliance with legal obligations can be seen as a serious offense and can have far-reaching implications for the involved organizations. It is essential for financial institutions to cooperate fully with law enforcement authorities to ensure the integrity of financial systems and combat illicit activities effectively.

Notification on the Bitzlato website

On January 18, 2023, the cryptocurrency exchange platform Bitzlato was blocked by law enforcement authorities from France, Belgium, and the USA, accused of facilitating the laundering of significant amounts of illicit profits and converting them into rubles. Currently, the project’s official page displays a notice regarding the platform’s blockade. All user funds have been redirected to a designated repository. The founders are being charged with violations of state and federal US laws concerning money transfers, such as 18 U.S.C. § 1960, which criminalizes money transmitting business without a license. Furthermore, Bitzlato has been identified as a “major money laundering organization” in connection with illicit financing in Russia, as addressed by Article 9714(a) of Russia’s Anti-Money Laundering Act.

As a result of this investigation, even some Binance user accounts that were receiving funds from this platform have been affected. Some of their owners have faced accusations of money laundering on fourteen pages, and their funds have been frozen upon the request of the French police.

Seizure order from the Paris court

 

The freezing of cold Tether wallets.

In cases where stolen funds are found in cold (non-exchange) wallets of malicious actors, Law Enforcement Agents may submit additional requests to Tether.to, asking them to block the specific wallet of the wrongdoer. Tether.to independently reviews such requests, conducts its internal investigation of the facts, and subsequently makes a decision regarding the freezing of the funds.

Step #3 – Accompany the process of fund recovery.

After the funds have been frozen, the process of returning the funds to the victim begins. In most cases, this requires the assistance of lawyers who will handle the case in court and obtain the appropriate court decision. This court decision will be sent to the platform and will be binding for the platform’s decision.

We recommend working with lawyers who are partners of StarCompliance and have sufficient experience in such cases. However, we do not exclude the possibility of collaborating with lawyers provided by the victim. Competence is essential for us.

At this stage, we are providing support for the following decisions:

  • Investigation reports required for the court.
  • Accompanying explanation of the gathered evidence.
  • Consultation with lawyers regarding the investigation.
  • Preparation of necessary requests to counterparties.
  • Leveraging our connections with cryptocurrency exchanges.

Conclusion

Even if it seems that your case is not practically solvable, it may not be the case. In such situations, we recommend submitting your case for analysis through our platform, after which we can provide you with professional consultation regarding the likelihood of resolving your case and recovering the stolen funds.