The world of cryptocurrency is shaken by a series of violent crimes. At the end of January, David Balland, co-founder of the unicorn Ledger, was kidnapped from his home near Vierzon. By getting their hands on the entrepreneur, the kidnappers were looking to negotiate a ransom of several million euros in cryptocurrencies. Shortly afterwards, another crypto entrepreneur, whose identity remains unknown, was held captive by several individuals near Troyes, in the Aube region.
These two incidents follow a series of kidnappings that have occurred in recent months around the world. At the end of December, the wife of a cryptocurrency trader was kidnapped in Belgium, near Brussels. After a chase, she was freed by police forces near the city of Bruges. A month earlier, the CEO of a major crypto company was kidnapped in the heart of Toronto.
Unsurprisingly, the criminals behind these kidnappings were hoping to make a fortune in crypto. However, it is not enough to get your hands on a cryptocurrency millionaire to be able to extort all his assets by threatening him. Contrary to what the kidnappers think, it is not so easy to steal crypto... Moreover, it should be remembered that the kidnapping of the co-founder of Ledger was a fiasco. The kidnappers were unable to profit from the millions demanded. We explain why.
Crypto pros take precautions
Crypto specialists are well aware of the interest of criminals. Individuals who hold fortunes in digital assets are used to protecting their backs. Security is indeed part of the DNA of the crypto community. This is also the specialty of many entrepreneurs in the ecosystem, including the bigwigs at Ledger. The French start-up offers a series of tools to secure your bitcoins and other cryptocurrencies.
De facto, crypto giants have taken a series of precautions to protect their assets in the event of an offensive. Technologies offer a myriad of different possibilities to complicate extortion. By attacking crypto specialists, criminals are targeting targets that are generally prepared for all eventualities.
The obstacle of multisig — or multisignatures
First, let's mention multisig, an essential feature that can be added to a crypto wallet to ensure the security of funds. This feature makes it possible to design multisignature accounts. In short, these accounts on the blockchain will require the agreement of several entities to carry out transactions. All parties must agree for cryptocurrencies to be transferred. A crypto entrepreneur who has fallen into the hands of a criminal gang will not be able to transfer bitcoins to a hacker's address on his own.
This is what David Balland had probably set up before his kidnapping. Faced with this major obstacle, the kidnappers tried to convince Ledger's other founders, Éric Larchevêque and Nicolas Bacca, to pay the ransom. Ready to do anything, they went so far as to cut off the forty-year-old's little finger to put pressure on the company's executives. This is apparently what led to the transfer of a ransom in cryptocurrencies by the other founders of Ledger, under the leadership of the police forces.
Second obstacle: the physical wallet
In addition, crypto pros have become accustomed to securing their accounts on the blockchain with physical wallets, like those manufactured by Ledger. In short, it is a device "that stores the private keys of your cryptos away from the Internet", explains Ledger. It therefore protects your funds against hacking. Furthermore, you need the wallet to validate transactions, since it stores your private keys, which give access to the account on the blockchain.
In other words, criminals will not be able to force their victim to make transfers in front of them. The kidnappers will have to convince their captive to reveal the location of their physical wallet. If it is in an inaccessible place, or impossible to reach for security reasons, the bandits will have to turn to their victim's relatives. In any case, kidnapping is not just about holding someone captive and forcing them to transfer cryptocurrencies via their smartphone. It's never that simple.
Frozen cryptocurrencies — when a ransom is inaccessible
As we told you above, the founders of Ledger ended up paying a ransom in cryptocurrencies to David Balland's kidnappers. The funds were transferred at the request of the French police, who were looking to buy time to track down the entrepreneur and his wife, who was kidnapped in the process. According to information from our colleagues at Cryptoast, the kidnappers demanded $3 million in cryptos.
The money was transferred to the addresses provided by the kidnappers. A team of experts set up by Nicolas Bacca quickly tracked the cryptocurrencies sent as ransom. The blockchain keeps track of all transactions made by users. By going through a blockchain explorer, it is easy to track all money transfers, from one address to another. Although criminals are used to multiplying transfers in order to cover their tracks, traceability experts generally manage to keep an eye on assets.
This is what the experts contacted by Nicolas Bacca did with the cryptocurrencies sent to David Balland's kidnappers. They realized that the currencies arrived at addresses held by centralized exchange platforms, such as KuCoin or Binance. From that point on, blockchain experts raced against time to block the funds as soon as the hackers made transfers. As Sarah Compani, a partner lawyer at the Aleph firm, explained to Cryptoast, you have to contact several third parties to get the cryptos frozen:
Checkmate
Hounded by the experts assembled by Ledger, the kidnappers did everything they could to recover the funds before they were blocked. They made transactions every five minutes for more than 20 hours. One of the experts explains that the criminals, who had little experience with technology, started to “go to the Solana blockchain” to cover their tracks. Despite their efforts, the kidnappers were never able to recover the ransom.
There is only $150,000 that has not yet been blocked, but the funds are in the crosshairs of justice. As you will have understood, receiving a ransom in cryptocurrencies does not mean that the crooks have achieved their goals. Law enforcement has the ability to block funds if necessary. As Eric Larchevêque, David Balland's partner, points out, a ransom in crypto "has no chance of success". In fact, it is as if crypto gave the "possibility of paying the kidnappers in counterfeit bills".
Of course, some criminals are skilled enough to manage to exfiltrate cryptocurrencies on the networks without being detected and followed. This is the case of the North Korean hackers of Lazarus. Hackers, commissioned by the North Korean government, have developed a formidable strategy to launder cryptocurrencies. These criminals have considerable resources and use tools tailored to money laundering, such as mixing services.
To achieve this, you need to have a team made up of several blockchain and cryptocurrency experts. As Sarah Compani points out, "the cost of upskilling for criminals is enormous." Indeed, "even if they had one very talented person, there are so many chains, protocols, etc., that it would not be enough." She believes that it is "impossible for one person to have all the skills", and that you need to "bring brains together". So it is not within the reach of just any criminal.
0 Comments