Popular Science: A detailed explanation of the entire process of the cryptocurrency involved in the case from suspicion to its final destination
Original author: James Smith
Compiled by Odaily Planet Daily ( @OdailyChina )
Translator: CryptoLeo ( @LeoAndCrypto )
In 2024, after the United States approved Bitcoin ETF and Ethereum ETF, cryptocurrency is one step closer to mass adoption, but the inflow of cryptocurrency data to specific cybercrime-related entities is still worrying. Chainalysis previously released a security report on the crypto industry. Compared with the same period last year, illegal transactions have generally declined, but two noteworthy illegal activities-stolen funds and ransomware have been increasing. The stolen funds in cryptocurrency thefts increased year-on-year, doubling from $857 million to $1.58 billion by the end of July. In addition, in 2022 and 2023, there has been a surge in cryptocurrency entities sanctioned by governments or international organizations.
The data also shows that cryptocurrency-related criminal cases are increasingly attracting the attention of law enforcement agencies. Every once in a while, there will be a big news in the security field, such as the theft of funds from a large exchange or involvement in illegal activities. Some of these widely watched large cases involve law enforcement agencies, who need to freeze or seize the funds involved. Recently, James Smith, an author in the encryption field, wrote a popular science article on how law enforcement agencies handle cryptocurrency-related criminal cases. The article covers a series of processes from legal investigations of the cryptocurrencies involved to their eventual seizure and handling by law enforcement agencies. The following is the full text, compiled by Odaily Planet Daily:
1. What does it mean to seize cryptocurrency?
Cryptocurrency seizure occurs when law enforcement agencies seize crypto assets, usually as part of a legal investigation. This can happen in cases of fraud, money laundering, or other illegal activity.
If law enforcement agencies suspect a user or organization of illegal activity, they can seize the crypto assets in their wallets, and these funds are usually transferred to government-controlled wallets until the end of the judicial process. If the defendant is convicted in court, the seized assets will be sold or auctioned. But if they are found not guilty, the cryptocurrency will be returned to their wallets.
Seizure is carried out in the context of an arrest, search warrant or seizure order, which specifies the property to be seized. Seizure warrants for cryptocurrency are usually issued to exchanges or other institutional custodians, rather than individuals.
The warrant will list the exchange’s wallet address and the reason for the seizure. The exchange will be required to provide the prosecution with the private key to the wallet. To avoid any liability and facing more serious consequences, exchanges usually comply with the regulations and hand over the private keys.
However, requiring exchanges to hand over private keys under legal pressure poses a fundamental challenge to the decentralized spirit on which cryptocurrencies rely. And search warrants are not the only way for law enforcement agencies to seize cryptocurrencies such as Bitcoin held by other individuals or entities. The government can also seize cryptocurrencies through confiscation proceedings, which refers to the permanent loss of assets stipulated by a court order or judgment. Cryptocurrency seizures usually occur before confiscation, but not all seized assets will be confiscated.
2. What is the process for seizing cryptocurrency?
The process of confiscating cryptocurrency is different from the process by which law enforcement agencies confiscate physical assets such as real estate, vehicles or jewelry. Physical items can be taken away physically, but crypto wallets require corresponding private keys to unlock and transfer funds.
Law enforcement agencies often work with exchanges that host wallets to access and recover funds. This works well for hot wallets because the exchange typically has a copy of the private keys. For offline and personally owned hardware wallets or cold wallets, law enforcement agencies may need to hack into the device to recover the funds.
After seizing crypto assets, law enforcement agencies will take custody of the cryptocurrencies and liquidate them, often pending a court order, a process that can take years. The proceeds are then either given to the crime victims or distributed to government agencies.
The U.S. Department of Justice (DOJ) established the Virtual Asset Exploitation Unit (VAXU) within the FBI in 2022, focusing on blockchain analysis and virtual asset seizure. VAXU works closely with the DOJ’s National Cryptocurrency Enforcement Team (NCET) on seizure matters.
In some cases, government agencies use a procedure called administrative forfeiture, in which the government seizes assets without charging the wallet holder with a crime, meaning that without a court hearing, users could end up losing the cryptocurrency inside their wallets.
In related context, the FBI launched a token called NexFundAI in May 2024 as part of Operation Token Mirror, which was designed to target individuals and organizations involved in fraudulent cryptocurrency activity, particularly pump and dump operations. NexFundAI was designed to mimic legitimate cryptocurrencies as bait to attract market manipulators and allow the FBI to gather evidence against them.
3. When are crypto assets seized?
Authorities seize cryptocurrencies when they are used for illegal activities such as tax evasion, money laundering, fraud or drug trafficking.
If someone uses cryptocurrency for illegal activities, such as drug trafficking or hacking, it may result in the cryptocurrency being considered proceeds of crime by authorities and confiscated by government agencies. The purpose of the confiscation is to stop illegal activities or recover stolen funds.
Criminals use cryptocurrencies to conduct “anonymous” transactions on the chain to conceal the flow of funds. Despite this, law enforcement agencies can still identify the proceeds of crime and confiscate funds through on-chain data traces, and can also require cryptocurrency exchanges to freeze the wallets involved.
In deciding whether to proceed with a seizure, prosecutors consider the organization of the seizure of crypto assets, the potential challenges of confiscation and administration, and the value of the assets.
(As shown in the figure above, starting in 2022, there has been a surge in cryptocurrency entities sanctioned by governments or international organizations)
4. What happens after the cryptocurrency is confiscated?
In the United States, when funds belonging to you are seized under civil law, you need to hire an asset forfeiture attorney and file a verified claim with the forfeiture agency in order to take legal action. The agency has 90 days to file a complaint seeking forfeiture of funds or return of cryptocurrencies.
When the agency files a forfeiture complaint, the court sends a notice to all relevant parties asking them to present their case. Your attorney can file a defense, counterclaim, and motion to dismiss the agency’s lawsuit. If the case is proven, the court may dismiss the agency’s case against you and order it to pay your attorney fees and return the seized crypto assets.
If the agency files a criminal complaint against you, the process may be more complicated and you will need to defend against other charges, in which case the defendant will often accept a plea deal so that a seizure order is not needed, in which case the defendant may voluntarily hand over the private keys as part of the plea agreement.
In the UK, the Proceeds of Crime Recovery Act 2002 outlines how seized cryptocurrencies should be handled. Similar to other confiscated assets, 50% goes to the Home Office, and the remaining 50% is split between the police, the Crown Prosecution Service, and the courts, with the potential for some of the confiscated assets to be returned to victims of crypto cases.
In Europe, when illegal cryptocurrency transactions are discovered, authorities seek court orders to freeze or seize assets. To enforce the orders, they work with crypto platforms, and in cross-border cases, regulators such as Europol may help. Confiscated cryptocurrencies are stored in government-controlled wallets and may be auctioned or liquidated after conviction, depending on the countrys laws.
In contrast, Indias law enforcement agency (Enforcement Directorate ED) and local cybercrime teams work together or individually to confiscate cryptocurrencies. When illegal activities are discovered, authorities may seek court orders instructing exchanges to freeze or seize assets. The confiscated cryptocurrencies will be stored in government-supervised wallets before the final court decision, but the process may involve a long investigation as India is developing a clear legal framework for dealing with crypto-related crimes.
5. Examples of Confiscating Cryptocurrencies
There are many well-known examples of governments seizing crypto assets, such as the assets of Bitfinex, Silk Road, and Mt. Gox.
Bitfinex theft incident
In 2022, U.S. federal authorities recovered approximately $3.6 billion worth of Bitcoin related to the 2016 Bitfinex exchange hack. Approximately 120,000 BTC were stolen by hackers, and years later, the money was eventually linked to two people (Morgan and Lichtenstein).
Authorities seized the assets as part of the investigation, and although Bitcoin transactions are anonymous, the case highlights the development of on-chain analysis investigations, showing that even illicit funds from years ago can be found and confiscated.
Dark Web Silk Road Incident
In 2013, the U.S. government seized approximately 144,000 bitcoins from the dark web marketplace Silk Road after its founder, Ross Ulbricht, was arrested for facilitating illegal drug trafficking. This highly publicized cryptocurrency seizure was part of a broader campaign to crack down on illegal cryptocurrency activity.
The U.S. Marshals Service subsequently auctioned off the confiscated Bitcoin (currently worth billions of dollars), and the Silk Road case remains a seminal moment in the regulation and prosecution of crimes involving cryptocurrency.
Mt.Gox theft
Mt. Gox was once the largest Bitcoin exchange, but it went bankrupt in 2014 after losing 850,000 Bitcoins (worth about $450 million at the time). After filing for bankruptcy, the exchanges remaining assets (including more than 200,000 Bitcoins) were seized by Japanese authorities. The seized funds were held in an escrow account while the authorities paid creditors through legal procedures.
In March 2014, Mt. Gox CEO Mark Karpelès announced the discovery of 200,000 bitcoins in an old digital wallet, reducing the total loss to 650,000 bitcoins, which gave creditors hope. The Tokyo District Court subsequently appointed a temporary administrator to manage the complex legal case, the biggest challenge of which was to revalue the lost bitcoins, as the price of bitcoins has soared since the hack. Karpelès faced charges of embezzlement but was only convicted of falsifying records. In 2024, creditor repayments continued, with the repayment period extended to October 31, 2025.
6. How do law enforcement agencies handle confiscated funds?
In the United States, federal agencies are required to submit seizure fund use plans to the Justice Department outlining how the money will be used. Civil forfeiture became common during the war on drugs in the 1980s and has been criticized ever since.
Sometimes, as part of a plea agreement, seized assets are partially returned to the owner, but only 1% of seized assets are returned to the owner. Seized funds are often used to support law enforcement operations, such as equipment, training, and investigations. For example, in 2011, the St. Louis County Police Department spent $400,000 on helicopter equipment.
While some states, such as Missouri, require seized funds to be distributed to schools, law enforcement agencies typically keep most of the money using the federal fair share program. However, the forced seizure of assets from individuals or companies has long been criticized by various parties.
Many believe that reforms in this area are necessary to ensure that asset forfeiture is conducted fairly and transparently, and that adequate protection is provided to those whose assets are at risk of seizure.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Bitwise files S-1 registration for ETF tied to Bitcoin and Ether
VanEck extends fee waiver on Bitcoin ETF
MicroStrategy Adds 51,780 Bitcoin Reaching 331,200 BTC Holdings in Q4
Bitcoin Nears $94K Support While Traders Eye Possible $100K Recovery