The increasing popularity of cryptocurrency is creating an enticing opportunity for people to hide money and assets offshore, before the calculation of the equitable distribution of assets in a divorce, when a bankruptcy trustee is looking for hidden assets and non-disclosures or when restitution is required from a defendant in any number of civil or criminal proceedings.
If you are an attorney representing a client searching for those assets, you may want to retain a cybersecurity company that serves as an expert witness in cybercrime to tell you where the money is, how much it is and how it got there.
Everything purchased with cryptocurrency is recorded on a public distributed ledger (DLT) called a blockchain, so all transactions are public and available for all to see.
With careful forensics and data analysis, we could follow the breadcrumb trail, zero in on it, and figure out where the money went to a point where we can make probable predictions.
As cryptocurrency forensics investigators, we can track and interpret the flow of cryptocurrency assets on the blockchain.
We forensically analyze the endpoint(s), user artifacts, such as
wallet software, addresses, password vaults, static text files, browser history, notes files, and/or encrypted archive files to look for evidence of how much crypto the user holds, where it lives and what options we may have for recovery.
FORENSICS ON DEVICES
We perform forensics on the adversary’s laptop, phone, or other devices to determine if they indeed did buy cryptocurrency, what they purchased and uncover evidence of how they bought it and where it is currently. In cases where a crime has been committed, we can assist the attorney in turning the evidence over to the FBI or other law enforcement authorities.
Suppose your client is a spouse who suspects the other spouse used their laptop to purchase and hide cryptocurrency before the divorce proceedings. We would do forensics on the laptop, such as determining if a private or software wallet was used. We could uncover what programs were on that computer and get more details depending on what security was used on that laptop.
Let’s say a former employee of your client embezzled company funds and bought crypto on their phone to hide it. Most phones have a passcode. If the passcode is of a certain length, we could break the passcode. However, suppose they used the passcode in a certain way or had different security on the phone. In that case, we may hit a barrier wall and have to try different tools, techniques, and measures to uncover enough to prove that they bought this cryptocurrency, then we can track the trail.
Some people have gotten pretty smart with security and protection layers. We have different tools and techniques to overcome some of those barriers.
EXCHANGES USED
We would do the analysis to learn how they bought it, where they bought it and what exchange they used, like Kraken or Gemini or one of the other popular exchanges in our country. We could work with the exchange and prove this is where your client’s adversary bought it. If they used a wallet, we would use our forensics analysis and our tools, techniques, and talents to figure out the evidence around the wallet on their endpoint, such as their laptop computer or phone and how they sent it. We would gather the evidence and provide it to your legal team as a written report summarizing our findings containing artifacts and evidence at the end of the project. This report can then be used as expert testimony.