Type to search

Crypto News Thought Leadership

Nuix: Regional Cybercrime Unit investigates £20 million in cryptocurrency theft

Nuix: Regional Cybercrime Unit investigates £20 million in cryptocurrency theft | Fintech Finance

By Mark McCluskie, Head of Investigations EMEA, Nuix

How prevalent is cryptocurrency fraud?

With the rise in cryptocurrency trading, crypto-crimes are rapidly growing. Following an increase of 79 per cent from 2020 to, research by Chainalysis found that an estimated £11 billion in cryptocurrencies were received by addresses linked to illegal activity in 2021. In response to the rise in cybercrime, cybersecurity teams across UK police forces have monitored the evolving threat. For example, the work I did with the UK regional Cyber Crime Unit – Southwest Regional Cyber Crime Unit (SWRCCU) found that more than three-quarters (77 per cent) of investigations in 2021 involved cryptocurrencies.

For this particular case study, SWRCCU has been working with Nuix – a provider of investigative analytics and intelligence software – to help investigate cryptocurrency theft of more than £20 million. The incident affected thousands of victims worldwide, and Nuix’s solution allowed the team to identify suspects across the UK.

How did the Nuix Bitcoin Extraction tool help detect the fraud?

The Nuix Bitcoin Extraction tool can quickly ingest vast amounts of structured and unstructured data, including mobile device extractions, PCs, laptops and cloud storage. The tool has two capabilities: One for investigations and the other for the e-discovery market within the corporate world. For this case study, the tool was able to search through millions of items of data in 5-10 minutes enabling it to become quickly available and searchable. An investigations team can then use the extracted data and draw upon links for evidence.

How important is it to upskill law enforcement teams when handling digital cases?

Day-to-day police officers must familiarise themselves with digital data to effectively investigate modern-day crimes. Today, almost all crimes have a digital component attached, so training and reviewing digital evidence such as an email or mobile phone is essential. However, whilst ‘mainstreaming’ digital evidence into regular policing is needed, we have to remember that every police officer cannot be a digital expert. Reviewing relevant data in an officers’ investigation is in most instances best undertaken by the investigators themselves, this frees up specialist resources – for example the digital forensics teams – to concentrate and deal with the more challenging tasks.

What challenges does law enforcement face in regards to extracting digital data?

Extracting material and artefacts from digital exhibits is challenging because seized evidence often runs into copious amounts of data. Traditional techniques such as keyword searches, filters and analysis by cybercrime specialists are an expensive and inefficient use of highly trained human resources, often with incomplete results. In addition, some existing cryptocurrency search tools don’t work with modern Bitcoin protocols or mobile device extractions, making them less useful in light of the widespread use of mobile cryptocurrency wallets and trading apps.

How successful was the Bitcoin Extractor in this case?

Following warrants and subsequent searches, the SWRCCU investigation team recovered many digital evidence sources containing thousands of Bitcoin addresses and forensic artefacts relevant to the case.

The Bitcoin Extractor ensured the investigators could identify and act on opportunities promptly. The tool helped the team identify previously unknown addresses connected to the UK suspects and recover some of the stolen currency.


People in this post:

Companies in this post:

Next Up