The Justice Department was recently able to recover $2.3 million worth of bitcoin (BTC-USD) extorted from Colonial Pipeline, suggesting that digital currency may not always be the best tool for criminals.
“It’s not intuitive to a lot of people, but it’s a thing that the public is learning more and more,” Hunter Horsley, cofounder and CEO for Bitwise Asset Management, said about the rise in recovery of stolen cryptocurrency, such as part of the bitcoin ransom paid by Colonial Pipeline to cyberhackers.
Put simply, he said, “Bitcoin is bad for crime.”
Speaking to Yahoo Finance Live this week, Horsley pointed to data from U.S. cybersecurity analysis firm Chainalysis, which shows a downward trend in the use of cryptocurrencies by cybercriminals.
“In fact, between 2019 and 2020, the occurrence of crypto use in those scenarios is down about 80%,” he said. “So I think that criminals are getting smarter that crypto is a pretty poor tool for them, and with Colonial we saw that in full force.”
In prior years, cryptocurrency theft had been ballooning. In the first half of 2018, CipherTrace, a firm that aids financial institutions and cryptocurrency exchanges to combat money laundering, reported that $761 million worth of cryptocurrency was stolen from exchanges, representing a 300% increase year over year.
‘Law enforcement is honing their investigative skills’
Fast forward to 2021 and the landscape is changing, Pamela Clegg, VP of Financial Investigations and Education at CipherTrace, told Yahoo Finance. Still, she said, not every crypto transaction is equally transparent.
“Law enforcement is honing their investigative skills, and that is very clear from reading the FBI agent’s affidavit filed with the District Court to obtain the search warrant,” Clegg said.
The hack on Colonial Pipeline last month cut off fuel supplies along the East Coast, leading to panic buying and price surges. Testifying before Congress this week, Colonial CEO Joseph Blount said paying the $4.4 million in ransom was the toughest decision he’d made in his career.
In announcing the return of a portion of that ransom to Colonial Pipeline, Justice Department officials said it wasn’t the first time they recuperated illegally obtained crypto funds.
“While law enforcement may be getting better at tracking down fraudulent crypto transactions, the seizure of cryptocurrency by direct, physical access to a wallet is not common,” Clegg added, explaining that in order to seize crypto, law enforcement must have access to the private key.
“This is why most crypto is seized either via a centralized exchange — since exchanges hold the private keys — or after an arrest of an individual that has a wallet on them,” she said.
Still, fraud is skyrocketing within the broader DeFi, or Decentralized Finance, industry, which includes cryptocurrency. CipherTrace’s May Cryptocurrency Crime and AML Report found that as of April 30 major crypto thefts, hacks, and frauds totaled $432 million.
“Unfortunately, thefts enabled by DeFi, which often have no Know Your Customer [regulations] or central body to freeze funds, are on the rise,” Clegg said, adding that at the end of April, more than 70% of all of 2021’s major hacks and fraud were DeFi related.
And although U.S. law enforcement is becoming more adept at following digital trails, individual victims of crypto theft largely can’t tap the powerful resources of the country’s top agencies.
In April, two legal experts told Yahoo Finance that the U.S. legal and regulatory system does little to compel cryptocurrency exchanges to adopt stronger safeguards for consumer accounts, or to refund stolen account assets.
Asked whether the Justice Department’s improving investigative prowess is reason for smaller players to hope for better crypto security, Clegg said it’s “doubtful, unfortunately.”
“Most individuals who are victims of cryptocurrency hacks or thefts fall far below the monetary threshold for damages for federal agencies to take on a case,” she said. An added challenge comes from the fact that most perpetrators are located in foreign jurisdictions, beyond the reach of local law enforcement agencies.
“The good news for individuals is that cryptocurrency transactions on the blockchain leave an audit trail and clues of where the suspicious activity is coming from,” Clegg said.