In most cases, when an individual or company has become a victim of cryptocurrency-related cybercrime, be it a hack, theft, fraud, or scam of some sort, it’s a good idea to report it to law enforcement in their jurisdiction. However, at Cryptoforensic Investigators, a question we’re frequently asked is whether or not initiating civil proceedings is a more effective method of recourse or whether cryptocurrency litigation is practical.
In our opinion, in most cases, law enforcement is going to be the most viable means of pursuing the matter and achieving any sense of recourse. However, depending on the specifics of the case, alternative paths of recourse can sometimes be taken that don’t involve law enforcement necessarily. The alternative, in most cases, is hiring a lawyer and undertaking civil proceedings, which could involve seizure warrants, forfeiture orders, and/or litigation.
Considerations: Assessing Whether Pursuing a Matter via Civil Action is Feasible or Advisable
Whether or not a given matter is practical or advisable to pursue in civil proceedings, rather than trying to get the matter pursued criminally through law enforcement, depends on a plethora of factors. Some of the many factors to consider, in no particular order, are:
Is there an identifiable party, whether individual(s) or a company, that such an action could be brought against?
Is there an identifiable party or legal person that could be listed as a defendant, and if so, who is the identifiable party? If the party is unknown or anonymous at this time (e.g., in the event of a hack or if fake names were used), how easy would it be to identify such a party? Could a subpoena be served that would allow for that identification, or would the party have taken more steps to conceal their identity?
If there is no identifiable party, and no party could potentially be identified quickly, it is more difficult to find a path forward civilly and thus working with law enforcement may be more advisable. There are still options to pursue this via civil proceedings, but they are more limited. A prime example of a situation where it could still be viable to pursue a civil action despite the identifiable party being unknown is a so-called ‘Persons Unknown’ case
‘Persons Unknown’ or ‘John Doe’ Cases and Their Challenges
In a ‘Persons Unknown’ or ‘John Doe’ case, the defendant is accused, although not by name, since no (real) name is known. However, there is a catch that practically limits how often it would be practical to initiate such a Persons Unknown case. In order for a Persons Unknown case to be viable, either assets (cryptocurrency, fiat, or real-world assets) need to be frozen via a court-issued warrant (if they are not already frozen), and they need to be seizable via a court-ordered seizure warrant.
If there are cryptocurrency assets in a location that is not technically freezable by a court order (such as in a self-custodial wallet, for example) or if the proceeds of the assets obtained are in a location that can no longer readily be determined, then there would little point in bringing forth a Person’s Unknown case for multiple reasons, the obvious one being that the (unknown) defendant would have no reason to respond, since none of their assets would be frozen.
Means to Pay
Would the defendant have the means to pay a judgment if one was issued favourably to the plaintiff (victim)? For example, let’s say the defendant is suspected of embezzling money from a company and is suspected of spending or losing that money on gambling and/or drugs. In such a scenario, the defendant may not have the means to pay, and thus it may not be worthwhile pursuing civilly to begin with.
If the defendant likely does not have the means to pay, then working with law enforcement may be a better option.
Cost Considerations
Hiring a lawyer and pursuing such matters through civil proceedings isn’t cheap. It can come with some pretty extensive legal fees and costs that only climb higher the longer the matter drags out.
In contrast, reporting to law enforcement is free. One of the few costs a victim might sometimes incur with the ‘law enforcement route’ would be if they elected to hire a blockchain investigative agency (e.g., Cryptoforensic Investigators) to provide intelligence and/or take actions to help increase the chances of a more favourable outcome for the victim. Additionally, some victims might still decide to hire a lawyer (not particularly common, but it can sometimes be worthwhile, even if litigation isn’t on the agenda).
Thus, while the law enforcement route might seem like a better option because it’s free, it should be kept in mind that victims have little control over how much attention or resources law enforcement allocates to their matter, whether or not law enforcement pursues the matter, and whether or not a prosecutors office pursues it. In short, a lawyer works ‘for’ the victim because the victim is the lawyer’s client. Sometimes that can end up being helpful, and other times it can put victims in a deeper financial hole and not much else.
Law enforcement certainly does its best to help victims, but some law enforcement agencies lack resources and sometimes expertise. Thus law enforcement needs to be selective about what they pursue, and ultimately while they certainly try to help victims, they don’t work ‘for’ the victims per se; they work to combat crime.
Was it Actually a Crime?
Is what happened actually a ‘crime’ in the relevant jurisdiction(s)? While a victim might initially believe that if they lost cryptocurrency due to the actions of a third party that stole or fraudulently obtained their funds, it would be considered a criminal act, the answer is sometimes more nuanced and may also vary based on the jurisdiction(s) of the victim and the defendant(s). A pertinent example may be in a DeFi hack, where the attacker exploits vulnerabilities in the design and operation of various smart contracts for their financial benefit.
The hacker in this scenario would have operated within the parameters and logic set by the smart contracts and didn’t ‘break into them’ (as one would do when trying to access a computer system for example). It might be argued that the hacker simply took advantage of opportunities they found and didn’t ‘steal’ any cryptocurrency per se.
If this sounds like a farfetched argument, it’s not; multiple inquiries have been placed with Cryptoforensic Investigators in the past by defense attorney’s seeking an expert to testify on such cases, and it’s common for defense attorneys to argue that what their client did was simply not illegal.
Whether what an attacker did was illegal per se or not, it would be much less contentious to conclude that such a DeFi attacker ‘unjustly benefitted’ from the scheme. Thus even if the attacker didn’t commit any action that they could be held criminally liable for, it might be easier to hold them civilly liable.
Size of the loss
The size of the victim’s loss is a major consideration that can affect which approach is best to take if trying to pursue a matter or if it is realistic to pursue at all. The victim’s legal costs could vary considerably depending on the nature of the matter, how much work needs to be done, and how long the matter drags out.
It is generally safe to assume that legal costs would at least be in the 5-figure range USD, but in some cases where a matter drags out considerably, costs could even climb into the 6-figures USD. In short, legal costs aren’t cheap, and to justify such expenses, a victim needs to have lost enough to make taking such efforts worthwhile. The minimum amount that the victim lost to make civil action worthwhile could vary considerably depending on the specifics, but at the very least, their loss should be well into the 6-figures USD.
If the victim hasn’t lost enough to make the legal costs worthwhile, then it’s generally better for the victim to take the law enforcement route.
However, the size of the loss is also a major factor that law enforcement takes into account when deciding whether to pursue such matters or not. If the victim lost under $50k USD, it’s very unlikely law enforcement will dedicate any resources to pursuing the matter. This is one of the major reasons that Cryptoforensic Investigators generally doesn’t engage on cases in an investigative capacity where the loss is under $100k USD – the likelihood of our effort being futile is too high, and thus the victim would be spending money for an effort that is likely to be futile.
Once the loss gets into the 6 figures, and especially 7 figures USD, or if there are other victims of the same attacker resulting in the collective loss being much higher, law enforcement is generally more inclined to dedicate resources to pursue it.
For victims that lost < $100k (and also some cases where the loss is higher but isn’t a promising case for other reasons), the best method of recourse is generally to not waste efforts or money trying to pursue the matter at all, and the victim would be best to really focus efforts on their own education, and implementing sounds security and fraud prevention practices so a similar situation doesn’t reoccur again in the future – in our experience, if the victim doesn’t do this, or fails to do so properly, it’s very common for them to experience further losses from more incidents in the future.
Are There Third Parties that could also be Potential Defendants?
If there is no identifiable party, or if there is an identifiable party who wouldn’t have the means to pay a judgment, are there other parties that could be listed as defendants who could be liable as well? If there are, the victim could try to hold such parties accountable for their role through civil proceedings.
Let’s say there was a presumable Ponzi scheme, and the operators either aren’t known or there is no money left to pay out customer balances. If there were venture capital firms that invested money and/or entered into a partnership with the operator(s), or if there were wealthy investors that touted or acted as ambassadors for the scheme, it could be practical to list such parties as defendants – they would more likely have the means to pay in the event of a favourable judgment, even if the operator doesn’t.
Victim’s Jurisdiction
The jurisdiction the victim resides in can also be a factor that could influence the most practical means of recourse. While law enforcement in some jurisdictions is reasonably well-equipped to deal with cryptocurrency-related cybercrime, there are also many jurisdictions where law enforcement is woefully ill-equipped and/or has little to no experience.
In some select countries, law enforcement has a de facto policy of not pursuing cryptocurrency-related cybercrime at all, and in other countries, law enforcement may not be inclined to take on cryptocurrency cases that are inter-jurisdictional in nature (which cryptocurrency cybercrime often is).
Other Victims
In the event that there are other identifiable victims of the same incident or actor which can readily be identified or determined, it could be a factor in determining the most appropriate path to take.
If law enforcement isn’t inclined to take on a given case based on an individual victim’s loss but can identify many other victims of the same incident, that makes it a multi-million dollar loss, it can make law enforcement more inclined to pursue the matter.
If victims end up forming a group and collectively try to initiate a lawsuit (whether as multiple plaintiffs or if trying to make it a class action suit), things can get quite complicated both from an administrative/legal standpoint, a communication standpoint (how do you know the perpetrator is not already part of the group chat you have?), and victims can run into issues if they try to pool funds for legal or expert fees.
Nature of defendant(s) and Jurisdiction
If the defendants are an organized cybercrime group, it is less likely that civil proceedings brought against them would be as effective with respect to recourse compared to involvement from law enforcement.
Likewise, the jurisdiction of the defendant is also a pertinent consideration. In some cases, it may not be possible to file legal proceedings in their jurisdiction, and if the victim were to file proceedings in their own jurisdiction, the defendant may not be responsive at all, and it could make any civil proceedings futile unless there are readily identifiable assets that could be seized.
Nature of matter
There are certain types of matters that can generally be more practical to pursue through litigation as opposed to law enforcement. Issues arising from disputes between business partners are a prime example of this.
Other common scenarios that are more often pursued through civil litigation are situations where the victim believes a company (rather than an individual(s)) is the party responsible or if there is reason to believe the responsible parties engaged in some type of manipulation for financial gain.
Incidents that are a threat to a country’s national security (e.g., ransomware in some cases) and incidents perpetrated by nation-state sponsored groups (e.g., Lazarus group) are far more likely to be pursued with considerable resources by law enforcement, given their importance.
Seizable Assets and Value
Whether there are seizable assets that can be identified and the value of the seizable assets are both important considerations when deciding whether or not to hire a lawyer and initiate civil proceedings.
If trying to initiate a ‘Persons Unknown’ case, having seizable assets is largely essential, but there are plenty of occasions where a defendant can be named at or near the outset and where there need not be seizable assets to make it viable to pursue via civil litigation.
If there are seizable assets that can readily be frozen, such as through a TRO, and subsequently seized via a court order, civil action could end up being a better option than law enforcement if law enforcement isn’t in a position to act quickly on it. In the event of a successful recovery, it may end up be faster than the law enforcement route anyway.
Having seizable assets can also sometimes play a role when it comes to enforcement of a judgment, such as in situations where the defendant refuses to pay following a judgment against them.
Another consideration to keep in mind is that if the seizable assets are located in a different jurisdiction (or if the entity that has the ability to effectuate seizure is located in a different jurisdiction) than what the proceedings are being brought forward in, then one might need to get such an order enforced locally, which comes with its own added costs.
This can sometimes be easier for law enforcement to deal with depending on the compliance policies and procedures of the entity that is being served with the order because such entities are sometimes willing to voluntarily comply with a foreign court order if law enforcement is involved, but may be less inclined with a civil order unless issued locally.
Pros and Cons pursuing matters via Civil Action instead of Law Enforcement
Whether or not taking civil action is a more practical form of recourse than working with law enforcement really depends on the specifics of the case. Our general view is that for cryptocurrency-related crimes, the path with law enforcement is typically more practical and advisable, although there are certain exceptions that can make civil action a better option.
Additionally, the pros and cons of each path in a given matter are naturally also going to vary based on the specifics of the matter.
Pros
- Speed – While civil legal proceedings are by no means fast, the reality is criminal matters often take years to play out, making civil proceedings seem fast in comparison.
- Financial Recovery is the Goal – in civil proceedings, the goal is monetary restitution for the victim. When law enforcement works on a given matter, while restitution is certainly one of the goals, it is certainly not the only goal. The job of law enforcement is to tackle crime and make sure laws are enforced. Justice, as well as accountability for those who break the law are also primary goals. This type of accountability also helps to deter actors from committing similar crimes.
- More effective at holding third parties or companies accountable – In the example of the Ledger Data Breach example that we gave, most would agree Ledger and Shopify are not criminally responsible for the data breach (such data breaches happen all the time, frankly) – if one wants to pursue Ledger and/or Shopify for damages caused arising from the data breach and/or alleged negligence on their part, litigation is much more practical for obvious reasons. As another example, if a Best Buy Geek Squad employee stole cryptocurrency held on the victim’s computer when it was taken in for repairs, and one wanted to try and hold Best Buy as a company liable, civil proceedings would likely be more advisable.
- Fewer dependencies and factors outside of the victim’s control – In civil proceedings, the victim hires a lawyer to represent them – the victim has control over who they hire. Additionally, the victim, or the law firm on behalf of the victim, will often hire an expert witness who would provide a technical report, expert opinion on the matter at hand, and ultimately expert witness testimony if needed. This is important as cryptocurrency is a highly technical area that judges and lawyers often have little or even no familiarity with, much less any expertise in an even more niche domain like blockchain forensics. Allegations need to be appropriately verified by an expert, and the victim has some control over who ends up getting hired. In contrast, when working with law enforcement, a victim must rely on law enforcement to pursue a matter but they are not obligated to pursue all matters brought to them – indeed, it’s a simple reality that they have limited resources and need to be selective about what they take on, and what they simply need to turn down. Furthermore, if law enforcement takes up the matter, the viability of pursuing it legally would still need to subsequently be assessed by a prosecutor’s office, where they would also need to decide if it’s a matter that is appropriate and advisable to pursue.
- Can be a more practical option when there are assets that are seizable – In some cases, a lawyer may be in a position to obtain an injunction or warrant more quickly to freeze assets, and the lawyer will subsequently endeavour to ensure that their client is the beneficiary of received assets. In contrast, assets seized by law enforcement generally do not go straight to a given victim in most jurisdictions. What happens to assets seized by law enforcement naturally varies depending on the jurisdiction as well as the matter in question, but in some cases, there is a claims process that can take a long time to play out, and in other cases, the value of the claims/losses can well exceed the value of the seized assets. That being said, there are also cases where assets are more practical to be seized through local law enforcement instead.
- More practical for matters that aren’t clearly identifiable crimes – If there is a reason that may suggest that what happened may not technically constitute a crime, civil litigation can be a better option.
Cons
- Higher Costs – Civil legal proceedings can result in significant legal costs that victims would not otherwise have
- Can sometimes be more challenging to enforce – In a civil matter, if the plaintiff/victim ‘wins’ it doesn’t result in the losing party going to jail in most cases – there are occasionally exceptions to this, such as in the case of criminal contempt charges that arise out of non-compliance with court proceedings, but these are rare. While there are various mechanisms that can be used to try and enforce a monetary judgment in a civil case if the defendant is uncooperative, enforcement can sometimes still be an issue.
- Some types of seizures can be more challenging or complicated – in particular, some seizures of foreign assets can be better handled by law enforcement, but it really depends on the entity the seizure warrant is being sent to. Let’s take all the ‘Seychelles-based’ crypto exchanges as an example. Generally, exchanges will want a seizure warrant prior to turning over assets. The issue is the jurisdiction of the warrant. A good portion of the Seychelles-based exchanges often request a seizure warrant from a Seychelles-based court – a particularly strange request because these exchanges have no physical presence in Seychelles (they generally have nothing more than a mailing address there, and the registration is designed to both limit liability, limit compliance obligations, and offers much more anonymity to the real owners) and Seychelles has fewer than 100,000 people. In practice, some exchanges have less absurd policies for law enforcement agencies than they do for civil matters, which can make working with law enforcement more advisable.
- Less practical when there is no defendant that can be identified – if the perpetrator(s) is anonymous, there either needs to be a way to identify them relatively quickly or a Persons Unknown case would need to be initiated, which is generally only advisable if there are frozen and/or seizable assets.
- Jurisdictional challenges can be more problematic – Lawyers are only able to practice in their jurisdiction, and courts do not have authority outside of their jurisdiction. While foreign entities may respect rulings made outside of the jurisdiction that they are officially located in, some exchanges are insistent on being served with appropriate legal processes in their jurisdiction. In such cases, this means another lawyer would need to be hired locally to obtain the applicable order in that jurisdiction. Employing multiple law firms in different jurisdictions obviously causes legal costs to balloon. A foreign entity may be more inclined to be cooperative with a foreign law enforcement agency even if they aren’t appropriately served locally. Additionally, law enforcement has another option at their disposal in many cases that a lawyer in a civil matter will not – namely, the ability to make an MLAT request that formally requests that local law enforcement take pertinent action (e.g., make an arrest, obtain a search warrant or seizure warrant).
Which Option is Best?
Victims of cryptocurrency-related cybercrime often wonder what the most practical method of recourse may be (if there is any decent option at all – and one should be cognizant that there may not be), then the answer is really “it depends.”
This is one of the core reasons that Cryptoforensic Investigators performs a preliminary assessment for victims that place an inquiry with us – we do our best to assess if an engagement would be advisable and if so, what that engagement would look like or entail. In most cases, if the victim is unsure about the optimal path, we recommend working with law enforcement, given the legal costs involved with pursuing the matter via civil action.
An expert is often needed to assess the particulars of the situation in order to be able to offer any suggestion on a course of action. Additionally, there are some items that we’ve touched upon that are more appropriate to discuss in-depth, given how such items may come up in civil litigation.
Expert Witness Services
Given that most cryptocurrency cases have a technical aspect to them (and can sometimes be largely technical throughout), it is often critically important to hire an expert to assess and provide technical insight and opinion on the matter to the court. In all likelihood, the judge will have very little or no knowledge about cryptocurrency.
Even if the lawyers involved happen to have more familiarity with cryptocurrency, it is extremely unlikely the lawyers will have the technical knowledge and will likely need to rely on technical expertise when it comes to matters like blockchain forensics, for example.
While the scope of what an expert will do can vary on depending on the nature of the case, it often involves producing a technical report, and following that, the expert is sometimes then asked to provide expert witness testimony.
When seeking a cryptocurrency expert, there are two things the victim and/or their attorney should be assessing.
- Relevance
- Competence
Relevance
Most cryptocurrency cases in litigation (and especially cybercrime cases) will require a cryptocurrency investigative expert. Just because someone understands some aspects of cryptocurrency doesn’t make them a relevant expert.
Your tax accountant that might help you with reporting cryptocurrency gains/losses on your taxes, would be a prime example of someone that simply isn’t relevant. Likewise, someone with a 40-year background in “IT” is also not a relevant expert just because cryptocurrency has something to do with computers. These things might seem obvious to many, but unfortunately, we’ve encountered competing “experts” like this on a myriad of occasions.
Competence
Not all cryptocurrency investigators and investigative experts are the same. The quality of the tools they have access to varies, and even more importantly, the genuine quality of their expertise, knowledge, and experience can vary considerably.
In the past couple of years, in cases we’ve worked on in an expert capacity, it’s become more common for opposing counsel to also have their own expert too. Sometimes such competing experts are knowledgeable, but in other cases, we’ve found competing experts to lack basic competence in such investigations.
Some of the most embarrassing things we’ve seen are so-called ‘experts’ that don’t understand what a cryptocurrency wallet is or how it differs from an ‘account.’ We’ve also seen cases where ‘experts’ have identified an exchange’s hot wallet or cold wallet (which contained a balance well north of $10 million), and in turn, suggested that counsel have the wallet “frozen” under the belief it belongs to a fraudster (hint: it doesn’t, it belongs to the exchange).
There have also been multiple situations whereby ‘experts’ have suggested that data that is independently verifiable on the blockchain might have been fake/forged; clearly, such experts don’t understand what a public blockchain is.
We’ve also run into purported experts that claim to be knowledgeable about blockchain forensics, yet don’t understand some of the most basic aspects about blockchain forensics.
The bottom line is that just because someone claims to be an expert in the field of cryptocurrency doesn’t make it true. But this begs an obvious question; how does one vet a potential expert to determine whether they are competent or not?
Unfortunately, there is no good definitive answer to this question. Some people like to look at credentials and education, but the reality is there isn’t much in the way of good education as the field is so new and fast-moving. Most of the certifications that are available are also not very comprehensive and/or are relatively easy to obtain.
Another option that people sometimes turn to is “reviews” of an expert or company. This is not a good method in our opinion, because reviews can easily be faked, and there are many cases where purported experts and services have given themselves fake reviews – how would you be able to determine which reviews are fake and which are not? Furthermore, even if you somehow knew for sure all reviews were genuine, how would you know whether such reviews or references provided by an expert or company are fairly representative of that company – you wouldn’t, of course, and they aren’t likely to be representative.
One of the better ways is performing a technical assessment of an expert’s past work, however, there are a couple of major impediments, the first being that most of the expert’s past work will likely be privileged and confidential and not something they can be disclose or provide to others. Secondly, the victim and attorney will almost certainly lack the technical prowess to be able to properly assess the expert’s work, hence why they are seeking to hire an expert in the first place.
News, press, and interviews from the expert can be a good way of assessing the genuine expertise of an expert when such information is assessed qualitatively.
Finally, one of the best ways to get a better idea of the expertise of an expert is through a referral from someone you already know (not a reference or review). The benefit of this option is that one can be fairly certain that what they say about the expert hasn’t been fabricated (i.e., it’s not fake), and what they say about the expert is more likely to be representative of their expertise and knowledge.
Cryptocurrency Seizures
There are multiple ways that cryptocurrency can be seized. The most appropriate way of attempting to do so will depend on the nature of the case. We’ll go over a few of the ways here, along with how litigation may play a role in such seizures.
Cryptocurrency Wallet Seizure
A [self-custodial] cryptocurrency wallet cannot be seized simply through a court order. Blockchains and the code that they are built on don’t respect or adhere to court orders. Just because one can see a wallet with an active balance doesn’t mean it can be seized.
The only way to seize a wallet is to find or obtain the private key(s) to the wallet or the seed phrase (which is essentially a collection of private keys that can be derived from the seed phrase). In most cases, the only way to be able to attempt to obtain such information is if the owner willingly provides that information or if it’s obtained via a physical search warrant whereby the owner’s (or suspected owner’s) electronic devices and home is searched in an effort to obtain this information. It is important for such a search warrant to be obtained ex parte otherwise, the owner could easily move or even delete the credentials to the wallets prior to the search.
Obviously, the search warrant can only be executed if there is an owner or suspected owner is known so that could be searched to begin with. If the owner of a wallet is wholly unknown for the time being, then there’s no search warrant that could be obtained, which would generally mean this method of seizure wouldn’t be a viable option unless things change.
Account Freezes and Seizures
While cryptocurrency wallets cannot be frozen, cryptocurrency accounts can be in some cases. This is because the money in an ‘account’ is generally held in custody by another party (the beneficiary of the account does not have custody). Thus, ‘accounts’ can technically be frozen, whether a cryptocurrency exchange account, an account with a gambling service, or an account with a debit card provider.
There are some barriers that limit the feasibility of such seizures, however. First is the compliance policies and procedures of the exchange or service where the account is held, or often the lack of appropriate compliance policies and procedures in many cases. Not all services choose to operate in a compliant manner (feigning compliance is a common strategy though) and will not necessarily be responsive to a freezing injunction or seizure warrant, and may choose to ‘look the other way’ when faced with suspicious activity. Simply put, some exchanges are cooperative and compliant, and others are not.
Second, jurisdictional issues may arise in such freezing efforts. For example, some exchanges choose to officially domicile themselves in questionable jurisdictions such as Seychelles, although they have no de facto presence in such jurisdictions. But some exchanges will insist on a ‘Seychelles court order’ specifically prior to taking any action.
Third is the question of whether or not there are enough assets (or any assets at all, for that matter) in the account to make pursuing a freeze worthwhile, given the legal costs involved. One also needs to consider how long the process will need to take to play out legally and whether the account is likely to still have a balance after an injunction or similar order has been issued.
Interception
In some cases, cryptocurrency can also be ‘intercepted’ when an actor is attempting to launder the ill-gotten cryptocurrency. In such a case, if an exchange notices a deposit to their exchange from an illicit or questionable source that has been ‘marked,’ they could elect to automatically freeze that deposit pending further due diligence.
Cryptoforensic Investigators actively engage in marking addresses with various entities and for various reasons, both those are licit and illicit. This can help lead to funds being intercepted and has played a key role in funds being intercepted and ultimately recovered in various cases that we have been engaged in after appropriate due process.
One thing to keep in mind about intercepting such funds is that it can be very time-sensitive. Stolen funds can be laundered within days or even hours after the incident. If it ends up taking a few weeks to set up an engagement, the interception hope may no longer be on the table. Also, note that interception and recovery itself are two entirely different things. Just because the former happens does not mean the latter will happen.
Blacklisting and Seizing Select Tokens in Wallets
While it is accurate to suggest that a cryptocurrency wallet can never be technically frozen, it would be incorrect to suggest that cryptocurrency in a self-custodial wallet can never be frozen – there are a few select cases where it is possible.
It is only possible to freeze a few select types of cryptocurrency in wallets; neither Bitcoin nor Ethereum are among the cryptocurrencies. The only instances where it’s possible are when a token’s smart contract has a blacklisting functionality available to the issuer.
The vast majority of cryptocurrencies cannot be frozen in self-custodial wallets since there is no blacklisting functionality. The main exceptions where there is sometimes a blacklisting functionality is available is for select stablecoins, some NFT projects, as well as a variety of shitcoins where the projects have chosen to build in a blacklisting functionality for protection in case.
In cases where cryptocurrency is frozen in this way, new cryptocurrency might ultimately be reissued to offset permanently frozen cryptocurrency, thus effectuating recovery.
Seizing Other Assets in Lieu
Ill-gotten cryptocurrency is often eventually at least partially converted to fiat assets or used to purchase real-world assets which can be seized. Obviously, money in a bank account can be seized, as can property like real estate and Lamborghinis.
Foreign Jurisdiction Challenges
Cryptocurrency-related cybercrime is often inter-jurisdictional in nature. This can end up being problematic or otherwise limiting. Ultimately, it depends on the jurisdiction(s) of the perpetrator relative to the victim’s jurisdiction.
What kind of relationship is there between law enforcement in the perpetrator’s jurisdiction versus law enforcement in the victim’s jurisdiction? Is there an MLAT between the two countries? If the victim is in the US and the suspected perpetrator in China, US law enforcement obviously doesn’t have much of a relationship with Chinese law enforcement for obvious reasons. But litigating in China isn’t really an option either.
Other questions that naturally arise include whether or not local law enforcement is likely to be willing to take appropriate action or whether civil action is even an option in the country.
There is no silver bullet here; the involvement of multiple jurisdictions can cause complications for both criminal and civil matters. Sometimes those complications end up being insurmountable.
Third Parties, Compliance, and Due Diligence
When litigation is taken in cryptocurrency-related cybercrime matters, it is sometimes taken against third parties, that is, a party that was not a direct beneficiary of the crime – typically, the third parties are more identifiable or otherwise easier to pursue (i.e., not some hacker in Russia). Sometimes it’s taken against parties that in some way helped ‘enable’ the crime. In other cases, it’s taken against OTCs (typically with questionable compliance policies), and in other cases, it’s taken against exchanges.
A core consideration that is often important to factor into such cases is compliance. Did the party turn a blind eye to money laundering or highly suspicious activity? Were their compliance standards adequate and in line with what should be expected of them or in line with the industry standard?
Personal Responsibility
Owning and using cryptocurrency inherently requires users to take on a significant level of responsibility regarding security and fraud prevention that users do not need to worry about anywhere near as much in the fiat world. A common saying in the cryptocurrency world is “Be your own bank,” and this phrase bears repeating. Unfortunately, many victims fail to realize what responsibility being your own bank entails, which is why they’ve fallen victim to scams and thefts in the first place in many cases.
In many cases, victims will not have practiced or employed appropriate security practices or will have had woefully inadequate fraud prevention practices. Yet sometimes victims will try to hold third parties accountable for their own oversights, e.g., choosing to store their seed phrase on Google Drive against all advice, then trying to sue Google when hacked.
Concluding Statements
There is no silver bullet that clearly delineates what type of action should be taken and how. It’s specific to the circumstances of the case. The path with law enforcement is more often a more advisable path forward than pursuing cryptocurrency litigation, but each situation is best assessed qualitatively on a case-by-case basis.
In most cases, the best investment the victim can make is investing time in their own education, particularly regarding security and fraud prevention. Taking some time to understand all the types of scams out there and how they work, taking the time to learn how to properly store their cryptocurrency while ensuring they follow instructions (like never providing their seed phrase to a website that asks) are all very basic things that cryptocurrency owners should be doing. Victims must focus on their education first and foremost, otherwise, it is very likely they will succumb to additional hacks, thefts and frauds in the future.
Note: Nothing in this article is to be construed as legal advice.