CRYPTOCURRENCY INVESTIGATIONS
By: Keven Hendricks

It is undeniable that cryptocurrency is a polarizing topic, especially for us in law enforcement. Since the first transaction was posted on the Bitcoin blockchain in 2009, cryptocurrency has risen from a cumbersome fiefdom of the internet to a Crypto ATM being installed at your local convenience store. While many in law enforcement have become familiar with cryptocurrencies by partaking in the investment furor, attracted by the extreme market volatility, I have ascertained that knowledge of how cryptocurrencies work remains overwhelmingly scarce among the law enforcement fanfare. To be succinct: There are many who want to make money off cryptocurrencies, but few who understand the coins they are so quick to throw money at actually function. Terms like “lettuce hands,” “diamond hands” and “hodl” have become entrenched as internet colloquialisms surrounding the crypto zeitgeist, but for as many rags to riches stories we all have read, the harrowing truth is that law enforcement across the country is being inundated with complaints of cryptocurrency-facilitated crimes. From sextortion to fraud/“pig butchering,” I challenge you to find me a department that hasn’t handled a case that had a nexus to cryptocurrencies in some way. And that question I ask: What is being done to help adequately address this epidemic? Are departments nationwide prioritizing training and dedicating personnel to handle cybercrime cases? Sadly, the answer is no. There needs to be a paradigm shift in the way cryptocurrency cases are handled, and this is no easy task for a profession that has been historically resistant to change. State and local police departments CAN investigate cryptocurrency cases, and these CAN lead to significant financial seizures as well as prosecutions. If you find yourself asking “How?” my hope is that this article will give you the knowledge and confidence you need to finally address the mountain of cryptocurrency fraud cases your department was previously writing off as “unsolvable”.

The first thing that I want you to understand that investing in cryptocurrency is divorced from investigating cryptocurrency. You do not need to understand why Bitcoin’s value ebbs and flows daily in order to successfully investigate any crypto case. The definition of cryptocurrency says it’s a digital currency with a public ledger maintained by decentralized authority.Whether or not you like cryptocurrencies, you yourself use a digitized form of currency each day when you transact with your debit/credit card or virtual wallet service (i.e. CashApp, Venmo). The difference? Your digital currency is regulated by your financial institution or credit card provider that approves or declines the usage. Cryptocurrency, however, needs the blockchain/public ledger to authenticate and confirm every transaction, which is maintained by a decentralized collective that maintain the blockchain. The term “untraceable” or “anonymous” usually accompanies talks of crimes facilitated by cryptocurrency, and that certainly needs to be purged from our minds. Because Bitcoin is unequivocally the most popular, valuable, and desired of the 2.4 million traded cryptos, a majority of cases police departments are seeing connect to Bitcoin. This is certainly something I equate as being good news, since Bitcoin’s blockchain is very transparent and auditable. Every single transaction since 2009, no matter how small, has been and continues to be posted to the blockchain.

It is unfortunately all too common that police departments across the US would rather refer victims to utilize IC3.gov instead of fielding the reports themselves. I vehemently disagree with this mindset, as this often makes victims of cryptocurrency-facilitated crimes feel helpless and that law enforcement cannot do anything for them. On the contrary, police departments fielding the initial report from the victim and entering the information into IC3.gov on the behest of the victim would be a much better practice. There is A LOT that you can do from an investigative approach just by getting a transactional hash or a wallet address. While this article specifically highlights Bitcoin, the fundamentals transcend to other cryptocurrencies as well, included the Smart Contract blockchains like Ethereum and Tron. Victims sometimes are not aware how auditable and viewable these blockchains are, nor would they know that providing wallet information or transaction hashes could help further their case, whether receiving reimbursement for their losses or future identification/prosecution of suspects. While some exchanges can be domiciled outside the United States, many comply with requests from United States law enforcement with varying caveats. Such major exchanges as Coinbase, Binance, OKX, and Kraken are complaint to requests from law enforcement. IC3.gov reporting data accounts for over $12.5 billion in losses for 2023, the highest year to date with 2024 prospected to be even higher. I challenge you to find a comparable area of criminality that affects the global economy as much. Furthermore, the most common medium in which the reported stolen funds are often being moved is cryptocurrency.

The adage “Necessity is the mother of Invention” is true today more than ever. Similar to the formation of the National Center For Missing And Exploited Children in 1984 after the highly publicized abduction and murder of Adam Walsh in 1981 as well as the subsequent advocacy by John & Reve Walsh; we in law enforcement often don’t see plausible solutions to persistent problems until they are necessary. Being a prosecutor with one of the most proactive local cyber task forces within the Santa Clara District Attorney’s Office, Erin West stood on the front lines of a war against cyber fraudsters and realized that law enforcement is on the losing side. Her formation of the Operation Shamrock https://operationshamrock.org/ nonprofit is intended to create a unilateral front of both law enforcement/public sector, and private sector to raise awareness, adequately educate and empower those who seek to help stomp out the fastest-growing area of criminality in the world. These types of cases are not “unsolvable” as we in law enforcement are so quick to categorize them. The current lackadaisical approach only emboldens the criminals. The amount of resources offered to law enforcement to assist with cryptocurrency, whether via a service like RISS.net, or educational webinars I have personally conducted with NW3C, are more available now than they ever have been. The belief that there must be some sort of astronomical budget to subsidize software procurement is just as big of a myth as cryptocurrency being “untraceable” and “anonymous”. We all collectively need to prioritize cybercrime cases, and by proxy cryptocurrency cases, with the urgency and due diligence they deserve.

In closing, I would like to part with a question that I feel we already know the answer to: Are we doing enough to help those who have been victimized by cryptocurrency facilitated crimes?

For more specific information and possible assistance with blockchain investigations contact the author @ keven@ubivisproject.org

Keven Hendricks is a 18-year law enforcement veteran previously serving on FBI and DEA task forces combating cybercrime. His expertise has been quoted in The Washington Post, NPR, Wired, & The Economist. He is a published author with the FBI Law Enforcement Bulletin and is currently working as an instructor for various training companies, teaching classes for law enforcement on the dark web and cybercrimes. He is recognized as a subject-matter expert in the field of dark web investigations by the Department of Defense and the founder of the Ubivis Project (ubivisproject.org).