Logo for Daily Business Review

For Crypto Attorneys, FTX Bankruptcy Is a ‘Black Swan Event’

November 14, 2022

Jeffrey Leavitt was quoted by the Daily Business Review in an article discussing the bankruptcy of cryptocurrency trading giant FTX.

Click here to read full article.

Modern Luxury Miami features Javier Lopez

Modern Luxury Miami magazine features Javier Lopez in its October 2022 edition.

TransUnion v. Ramirez: Standing for Absent Class Members CLE

WED., JULY 21ST, 2021 @1:00 P.M. E.D.T.

Please join Timothy Congrove, Partner at Shook, Hardy & Bacon; Robert Neary, Of Counsel at Kozyak Tropin & Throckmorton and Christopher Wray, Of Counsel at Shook, Hardy & Bacon who will be speaking in an upcoming Strafford live video webinar, “Class Certification After TransUnion v. Ramirez: Assessing Intangible Injuries, Article III Standing” scheduled for Wednesday, July 21, 1:00pm-2:30pm EDT.

Click here to read the PDF.

Injunctive Class Actions: Approaches for Plaintiffs & Defendants CLE

THURS., JUNE 30TH, 2022 @1 PM EDT

Please join Robert J. Herrington, Co-Chair, Class Action Litigation Group at Greenberg Traurig; Michael E. McCarthy, Shareholder at Greenberg Traurig and Robert Neary, Of Counsel at Kozyak Tropin & Throckmorton who will be speaking in an upcoming Strafford live video webinar, “Rule 23(b)(2) Injunctive Relief Class Actions: Recent Decisions, Approaches for Plaintiffs and Defendants” scheduled for Thursday, June 30, 1:00pm-2:30pm EDT.

Click here to read the PDF.

Broward man and ‘Mother Theresa’ accused of raising $196 million in a Ponzi scheme

By David Neal
September 4, 2022

Filings by the Securities and Exchange Commission (SEC) and the Justice Department accuse a Fort Lauderdale man of getting $6.5 million of the $42 million defrauded from investors via a Ponzi scheme run through a North Lauderdale woman’s company.

The twin filings against Pavel Ruiz, 29, hit Miami federal court this week, the criminal charge being conspiracy to commit wire fraud. This comes a year after the SEC charged North Lauderdale’s Johanna Garcia, who first registered MJ Capital Funding and MJ Taxes & More with the state of Florida, according to public records.

The SEC’s filing against Ruiz said, “The MJ Companies and their owner, chief executive offer, and president, Johanna M. Garcia, operated the MJ Companies as a Ponzi scheme, which, from at least June 2020 until August 2021, raised over $196 million from more than 15,400 investors nationwide through an unregistered fraudulent securities offering.”

As for Ruiz, the filing said, he “played a significant role in perpetrating the Ponzi scheme. At all relevant times, he was involved in high-level decision-making for MJ Capital, served as an MJ Capital “board member” responsible for “Treasury/Accounting”, and had access to MJ Capital’s bank accounts.”

DID THEY HELP THEMSELVES AFTER GETTING MONEY TO HELP SMALL BUSINESSES?

The scheme, as described in the various filings, says MJ Capital sold itself to investors as a business making merchant cash advances (MCA) to businesses that needed cash quickly.

The SEC filing against Garcia describes an MJ Capital May 12, 2021 website blog stating that Garcia “is often referred to as “Mother Theresa” in her community,” because she found a way to “help hard working individuals make money and that she helps her merchant clients get the financing they need.”

If this sounds similar to the 1 Global Capital fraud run out of Hallandale Beach, the descriptions diverge in that MJ Capital is accused of being more of a Ponzi scheme.

“But only a small fraction of investor funds was used to make MCAs,” the SEC filing against Ruiz said. “Instead, most of the investor funds were used to pay fictitious returns to existing investors, undisclosed commissions to sales agents who promoted investments in the MJ Companies, and personal expenses for insiders of the MJ Companies, including Ruiz.

“As such, investors’ ability to receive the promised returns and repayment of principal was dependent on a rising stream of funds from new investors, and by convincing existing investors to renew their existing investments, thus deferring the MJ Companies’ need to repay investors their principal investment.”

That would be a Ponzi scheme.

The SEC says Ruiz and his team of unregistered securities sellers raised $46 million and he put $7.7 million straight into his personal accounts or those of Pavel Ruiz MJCF LLC and UDM Decorating. Of that $7.7 million, he eventually sent $1.2 million to MJ Capital, the SEC said. He took the remaining $6.5 million.

The SEC and Justice say Ruiz spent the money on, among other things, crypto assets, a “luxury vehicle,” “luxury goods,” vacations and personal expenses.

A website popped up in 2021 accusing the MJ Companies of running a Ponzi scheme. The SEC filing against Garcia says she filed a lawsuit in federal court on April 19, 2021 against the John Doe running the website, a parry that the SEC says included “a number of false or materially misleading statements.” Despite this, the lawsuit was successful, the SEC said, in that MJ Capital continued to collect money from investors until August 2021.

Two days after the SEC charged Garcia, the court-appointed Corali LopezCastro, an attorney with the Coral Gables commercial litigation law firm of Kozyak Tropin & Throckmorton, as a Receiver for the MJ Companies. Lopez Castro has since been appointed Receiver for Ruiz’s companies, Pavel Ruiz MJCF LLC and UDM Remodeling, LLC.

The SEC has reached partial settlements with Ruiz and Garcia. Pavel Ramon Ruiz Hernandez is free on $250,000 bond until the criminal case finishes.

The FBI’s Miami office investigated the case with help from the SEC’s Miami office and the Florida Office of Financial Regulation.

Click here to read the original article.

Click here to read the original PDF.

She was 69. He Was Young, Hunky—and a Fraud.

CYBERGOBLINS

Love scams hit a record high last year, with fraudsters fooling lonely hearts into sending their life savings in hard-to-recover cryptocurrency.

By Kate Briquelet, Senior Reporter and Emily Shugerman, Senior Reporter
August 20, 2022

In May of last year, someone claiming to be a military doctor on a secret mission in North Korea contacted Laura Francis on Facebook, looking for love and connection. Francis, a California realtor, thought he was charming—his profile images portrayed a man with a muscular build, beard, tattoos, and hospital scrubs—but was initially skeptical of his intentions.

The mystery man called himself “David Hodge,” and he claimed to be a kind of surgeon, helping soldiers who’d been injured by explosives in war. As part of his backstory, David told Francis he had an ex-wife who had cheated on him, and a 5-year-old son.

David’s love-bombing of Francis, 69, was insistent. He texted Francis every morning and throughout the day (usually on Google Hangouts) and called her on the phone just as often. “I fell in love with his voice, he had the cutest laugh,” Francis recalls. He serenaded her with links to romantic songs on YouTube: “Hero” by Enrique Iglesias and “I Swear” by All-4-One.

According to Francis, David said “he had been there and done that with the beautiful young women, and they were all not loyal.” He told her he “wanted somebody that was more mature.”

“Meeting you was fate, becoming your friend was a choice but falling in love with you is beyond my control,” David wrote one evening in August 2021, as they discussed buying a wedding ring.

“You have no idea how elaborate it was,” Francis told The Daily Beast in an interview, after she learned her nearly year-long affair with David wasn’t a real relationship but a cryptocurrency romance scam, one in which she claims she lost $248,000 of her savings—money that was supposed to be her daughter’s inheritance.

“He had an excuse or an answer for every question,” Francis said. “I asked millions of questions. Because I didn’t trust or believe anything from the first.”

Anytime Francis doubted him, David would send her photos he claimed were of himself, holding a sign that said: “I love you Laura and am not a scammer I’m Davidson Hodge.” He also sent her a purported passport and copies of a seemingly detailed bank statement, from a local bank in Columbus, Ohio—but which utilized a Chase Bank P.O. Box and which included some notable typos—claiming he had $3 million. He also sent her a photo of his arm, decked in military camouflage, and hand holding an “employment agreement” containing a U.S. Marine Corps logo.

“Hunting down your stolen funds can be harder than actually finding true love.”

Whenever he asked Francis for money, she says, he always promised to pay her back once he was out of the service and had access to his accounts.

David directed her to use several Bitcoin apps including Coinbase and Coin Cloud Bitcoin ATMs until she cut him off in March. (The Daily Beast reviewed some of Francis’ Coin Cloud receipts with deposits totaling $37,080 in August 2021 alone, and one blockchain analytics firm said she appeared to have deposited around $60,000 via the ATM in September.)

Asked for comment, Cloud Coin said its terms of service prevent it from sharing personal information about customers but said it has sympathy for the victims of financial crimes. “When a customer buys, the digital asset(s) go into their wallet,” the company said in a statement. “From there, we don’t know what a customer does with their currency, coin, or token.”

Within three months, Francis was sucked into a whirlwind drama rivaling daytime soap operas. And each plot line drew her deeper into what she believed was true love, followed by a rift caused by a second alleged scammer named “Robert Manguire,” who claimed to be an oil rig worker in Louisiana and warned her David was a con artist.

“Between the two of them, they had me on the run,” Francis said. David would tell her he was shunning her until she blocked Robert, and Robert threatened to tell her family about how much she’d paid David unless she blocked the supposed doctor.

“I didn’t know how I was going to face my family,” she said, “and I did not know how I was ever going to let my family know how much money I lost.”

Romance scams are big business in the U.S., and crypto is a growing piece of it. The FBI reported that Americans lost $1 billion to romance scammers in 2021, while the Federal Trade Commission estimated they lost $750 million to crypto scams that same year. (The FTC also said crypto was the second-most common form of payment in romance scams, above wire transfers and apps like Venmo.) Paul Sibenik, the lead case manager at CipherBlade, a company that helps track and recover stolen or scammed crypto, said anywhere from 30 to 40 percent of his company’s clients are victims of a romance scam.

While the FBI began warning about Internet romance rackets as early 2005, the rise of cryptocurrency has made it even easier to scam money instantly, across borders, and without detection. And pandemic lockdowns meant more and more people turned to dating apps and websites as a means of finding love remotely. Romance scams hit a record high in 2021, according to the FTC, totaling more than any other category of fraud.

The horror stories of courtship-based schemes increasingly involve crypto. In February, Nicole Hutchinson of Tennessee told CBS News that she lost $390,000 of her and her father’s money—some of it her inheritance after her mom died—after she fell for a scammer named “Hao” on the Hinge dating app. The man encouraged her to create an account on Crypto.com and instructed her to transfer funds to a link he claimed was a cryptocurrency exchange platform; instead, the money went into his pockets.

Another victim, South Carolina business owner Zahra Hajiaghamohseni, told NBC affiliate WCBD-TV that she lost $350,000 after a handsome man wooed her online, then encouraged her to invest in crypto. She later learned her suitor had scammed her, using a fake identity and someone else’s photos, after she traveled to an airport to pick him up but he never arrived.

The government has responded to this surge in crypto-related crimes by staffing up with investigators. The Securities and Exchange Commission nearly doubled the size of its Crypto Assets and Cyber Unit this spring, from 30 to 50, and the FBI announced a new Virtual Asset Exploitation Unit dedicated to blockchain analysis and virtual asset seizure. The Justice Department also launched two new crypto-related arms last year: one focusing on criminal money laundering and cybersecurity, and the other on civil fraud cases.

“You have no idea how elaborate it was. He had an excuse or an answer for every question.”

But the hires do not mean that every crypto fraud will be prosecuted. Several experts who spoke with The Daily Beast said federal law enforcement is unlikely to take cases where it deems the losses “too small”—a label some experts said can apply even to six-figure losses. Victims with smaller losses are directed to local police forces, which often do not have the training or tools to deal with a highly technical crime.

There are other issues that complicate a crypto fraud investigation, the primary one being that the fraudsters could be anywhere in the world—far outside the jurisdiction of local police. They are also incredibly hard to identify, because, although all cryptocurrency transactions are made public on the blockchain, they occur anonymously, identified only by a long string of numbers designating a crypto “wallet.” Add to that the fact that many scammers use multiple wallets, or employ something called a “mixer” that combines their money with others to make it harder to track, and hunting down your stolen funds can be harder than actually finding true love.

Going the civil route isn’t easy, either, according to Tal Lifshitz, a financial fraud attorney who also handles crypto cases. Tracking crypto transactions often involves expensive software or outside firms that cost more than a recently defrauded litigant can afford. And without those, it’s difficult for an attorney to know who to subpoena, or even serve.

“With traditional financial fraud, we know there’s a bank [or accounting firm] involved,” Lifshitz said. “Even if you don’t necessarily have access to it before you bring a case, you know they exist, because they have to. None of those things have to exist in a crypto fraud.”

Francis says the first time David asked for money, he claimed his top-secret cover was blown and his military base was forced to relocate. As David and his crew members traveled up a river, he claimed, their boat overturned and they lost their belongings including cellphones. Francis says she paid $5,600 for a new phone for David, and while he was waiting for the device, paid two of his colleagues a total of $7,000 so he could borrow their phones. “He kept convincing me that where he was stationed and the conditions that he was living under were so dramatic, so iffy, so touch-and-go, we could be dead any minute,” she said.

As they began to plan their future together, David suggested she buy her own engagement ring through a military program that would prove he had a fiancée and allow his release from his three-year military contract. She paid a total of $42,568 for a diamond ring—but when the band arrived in the mail, she saw it had a $9.99 price tag and was actually a chintzy cubic zirconia.

The wedding ring wasn’t even enough to release David from his military tour, according to him. David told her “Shawn Porter,” a colleague he claimed handled the sale of military engagement rings, failed to send “paperwork” necessary to get him out, and the online couple had a fight.

According to Francis, David and Shawn had instructed her to send money incrementally via a Coin Cloud Bitcoin ATM, which she’d visit sometimes three times a day. She says she would feed $100 bills into the machine to send to David as he stood by on the phone to walk her through the process. “It started out at $1,500 a day,” Francis recalled. “I got it to $25,000 a day that they allowed me to send. That’s how much business I gave that machine.”

“I believed what the guy said, because I guess I wanted to. I wanted to hear the bullshit. I wanted to hear the niceness.”

Messages show that in August 2021, David pushed Francis to withdraw more money from the bank to buy crypto. “Yes honey it’s night time here. You can still go to the bank though,” he tells her in one message, to which she replies, “I’m not gonna go to the bank and do that David I don’t think it’s necessary.”

She added: “I’m not going to be sending money across the world much longer OK and I hope I don’t have to send any more damn bitcoins ever again.”

Francis also questioned David on whether he was catfishing her, telling him: “I saw women give their whole life savings away to men like you they never met. And they were all deeply in love like I am.”

“No it’s different,” David responded. “They don’t talk on phone they don’t get packages.”

The realtor’s family members, who’d watched her fall deeper into texting David for hours each day, suggested she cut him off and meet someone in person on the dating website Plenty of Fish. That’s where she met Robert, an attractive older man with graying hair.

Francis told Robert that she was seeing someone else, albeit online. “I really, really like him,” Francis says she told him. “But I think he’s lying to me.”

Minutes after Francis sent Robert a photo of David, Robert messaged her with an Instagram profile that revealed David’s photos apparently belonged to another person in real life.

Robert, Francis says, vowed to help her take down the scammer and get her money back. He claimed he could hack Shawn’s Bitcoin accounts and get the $42,000 she’d spent on the engagement ring. All she had to do, he said, was set up an account on a site called Cresco Trading Limited and pay the $37,000 in required fees. (A regulatory body in the U.K. issued a warning about Cresco in September 2021, saying it was “not authorized or registered by us but has been targeting people in the UK, claiming to be an authorizedhttps://www.fca.org.uk/news/warnings/cresco-trading-limited-clone-fca-authorised-firm firm.”)

Francis says she paid the initial fee but balked when a purported customer service agent for the site told her she needed to put the same amount of money in her Coinbase account to verify she had the funds. Francis refused, and turned back to David.

The situation only got stranger from there. David, she said, claimed Francis had exposed his identity by talking about him with Robert online. Days later, Shawn messaged Francis and claimed David was arrested and it was all her fault.

“Well, you blew it this time, Laura. David is in jail. They picked him up. Because Robert reported him. And they’re holding him on espionage and treason,” she recalls Shawn telling her.

She says David contacted her from “jail,” crying and claiming he was being tortured in custody. Shawn told her David was only getting one meal a day, and was “suffering a lot,” according to messages reviewed by The Daily Beast. “Robert is the devil,” Shawn added. “He will have David killed if he had his way.”

Desperate to help, Francis returned to Robert, and begged him to recant his report. At David’s urging, she even paid him the $56,000 he demanded to do so. At the same time, Robert sent Francis an email with a photo lineup from a law enforcement agency’s “wanted list”—apparently Photoshopped with Francis’ picture—warning that if she continued to associate with David, she’d end up on authorities’ radar.

“I hope you listen this time or you end up behind bars,” one September 2021 email reviewed by The Daily Beast read. “If you disclose this to anyone you’re in for a big trouble.”

To this day, Francis says, she doesn’t know how Robert found her on Plenty of Fish. She didn’t tell David she was moving on to the dating site, but says that she’s encountered other wannabe scammers seeking money on the platform recently. Indeed, authorities across the country have warned that dating apps are routinely used by swindlers in “pig butchering” scams, which combine a romance hoax and crypto investment scheme.

“They probably were sitting in the same room, just playing me like a fiddle,” Francis said of David and Robert. “They both acted like they hated the other one.”

For months, Francis still believed David was coming to America to be with her, until he asked for another $250,000 to get out of his military contract. When she told him she didn’t have that kind of money, he suggested she obtain a loan against her house to acquire the funds. “When I talked to him and he was willing to let me sell my home, yeah, okay, that’s it. You don’t care about me,” Francis recalled thinking.

“I believed what the guy said, because I guess I wanted to,” Francis says now. “I wanted to hear the bullshit. I wanted to hear the niceness. And I’m just looking at some of the stuff he wrote to me and I was like, ‘Oh, my God, I fell for that. I fell for that hook, line and sinker.’”

Francis says she blocked David, but he kept contacting her via other accounts.

Finally, she confided in her family about what happened, and her daughter sent her information about the online dating investigation service Social Catfish. She decided it was time to ask for help.

Social Catfish is one of several emerging companies dedicated to tracking down sophisticated fraudsters where regular law enforcement cannot. Founded in 2013, the company started by investigating online love matches who daters thought might not be telling the whole truth, or even worse, lying about their identity. (The term “catfish” was popularized by a 2010 documentary about a man who starts dating a woman he met on Facebook who turned out to be faking her identity.) The company added a crypto investigations unit earlier this year, after seeing a “massive uptick” in the number of customers coming to them with crypto-related scams, according to President David McClellan.

To help track down the perpetrators, Social Catfish partners with the Blockchain Intelligence Group, the creators of a proprietary software that both visualizes blockchain data and adds open-source and social media data on top of it. Instead of the endless spreadsheets that Bill Callahan, the director of government and strategic affairs at the group, used to receive in his job as a financial investigator at the DEA, his clients are handed what looks like a flowchart, showing which wallets the crypto was sent to and which it is being held in now.

The software also helps identify whether the money has been sent to an “exchange”—a kind of trading platform for crypto—that law enforcement can subpoena or a private attorney can sue to get the funds back. And it pulls in open-source data, court records, and social media to try to identify the people behind the wallets, or see if they were tied to any other illegal activity.

“Every day our analysts are pulling in and ingesting information off of social media, off of the dark web—wherever illicit intelligence may be,” Callahan said. “And then we’re pulling in crypto intelligence, and then marrying it up.’

“I want other women to know that this goes on. You’re not above it. You would think that you’re smarter than this, because honestly, I thought I was smarter than this.”

Social Catfish and Blockchain Intelligence Group aren’t alone in offering crypto sleuthing services. CipherBlade, a “Blockchain Intelligence Agency” with a logo that looks conspicuously like the CIA’s, was founded in 2017 by a former soldier named Rich Sanders, after he had some success helping friends who had had their crypto stolen. Now, the firm works on crypto-related crimes from investment fraud to romance scams to kidnappings, and even acts as an expert in civil and criminal cases, according to Sibenik, the lead case manager. (The largest percentage of their cases are divorces in which a partner thinks their estranged spouse is hiding crypto assets, he added.)

TRM Labs, based in San Francisco, also offers software that helps track cryptocurrency transactions and identify the real people behind the anonymous wallets. Chris Janczewski, the company’s head of global investigations, said the group often works with law enforcement, as well as with major exchanges like FTX and Coinbase that want to prevent money laundering on their platforms. (Experts say their experience with other exchanges in this regard varies—some are reluctant to cooperate with investigators, seeing it as a business advantage to let the fraudsters continue to operate unchecked.)

Janczewski, a former IRS special agent, sees his company as occupying the “gray zone” between cases big enough for the FBI or SEC to take over, and smaller ones that local law enforcement can’t handle on their own. “That’s one of the things that drew me to this position at TRM,” Janczewski said, “is that we can kind of help bridge that gap.”

But experts warn that gap could expose victims to even more fraud. As Francis learned with “Robert,” some of the people claiming to help recover crypto are actually running scams of their own. Jan Santiago, deputy director Global AntiScam Organization, which assists victims of romance scams, said many of the sites that turn up in a typical Google search for crypto recovery agencies either outright steal money from their clients, or take money upfront and deliver unsatisfying returns.

The truth is, most experts agree, even with a professional, well-respected crypto investigation company, the chances of getting your stolen funds back are slim.

Francis first contacted Social Catfish via their YouTube channel, “Catfished,” where they post weekly videos about cases they helped solve. The team sent her a generic background form to fill out and asked for any pictures or evidence she had. They also set up a background call with Francis, and, after hearing her story, decided to dive in.

First, the team searched the web for any hints of who the scammers could be. They plugged in the email addresses and phone numbers Francis had used to contact them, hoping that identifying information about them had been leaked in data breaches. (Most people’s numbers and email addresses will be the subject of some type of data leak if they use them for long enough.) The search turned up nothing, meaning the scammer had likely created the email account and secured the phone number shortly before contacting Francis.

Then, Social Catfish employed a bit of subterfuge, getting Francis to send David a link to a website that she claimed would send him money via gift cards. (In a bit of foreshadowing the scammer missed, the website was called fyougiftcards.com.) Instead of sending him money, the website scraped David’s IP address and sent it to Social Catfish, giving them a vague idea of where in the world he lived: Not North Korea, but Nigeria.

The company also took a record of all of Francis’s Bitcoin transfers, asking for the date, time, and wallet address for each transaction. They sent the information to the Blockchain Intelligence Group, which used its software to track the funds through a maze of 20 different wallets to one account on the world’s biggest crypto exchange: Binance. They then referred the case over to law enforcement, knowing that they would have the easiest time requesting the stolen funds from the exchange.

But the company’s work wasn’t quite done. Since Francis had contacted them via their YouTube channel, they staged a viral-video-worthy confrontation between victim and scammer, getting Francis to call David and confront him about his lies on camera.

“David, everything you’ve ever done and ever said to me was a lie,” Francis, then using the pseudonym “Karen,” fumed in the footage’s expletive-laden confrontation.

“That’s bullshit,” a man with a foreign accent later replied.

The video, “Woman loses $300k; gets engaged to scammer,” has more than 112,000 views.

Francis says she contacted the FBI in California with the new information and for several weeks spoke to a local agent, who ultimately informed her the agency wouldn’t touch any case that didn’t result in at least a $500,000 loss.

She filed a complaint with Nigeria’s Economic and Financial Crimes Commission (EFCC), as well as the FBI’s Internet Crime Complaint Center (IC3) and the FTC. No agency has been able to take on her case.

Laura Eimiller, a spokeswoman for the FBI’s Los Angeles field office, couldn’t comment on Francis’ case but suggested victims file complaints on IC3’s website. She said the agency is unable to investigate every case “from a sheer resources standpoint,” or recover lost funds “particularly if the money is sent out of the country, which is why it is so important to educate the public about these schemes so they can identify the signs and avoid being victimized.”

In an email, the EFCC told The Daily Beast that it received a petition from Francis and that an “investigation is ongoing.” The FTC didn’t return messages.

“You have to lose a half a million dollars before they’ll take your case, even if you’re a little old lady, and they took your life savings,” Francis said. “That to me is not law enforcement. It’s not, I’m sorry. I got a problem with that.”

In the meantime, Francis began to research similar online scams and bonded with others who’d fallen prey to fake suitors on Facebook groups like ScamHaters United.

“I want other women to know that this goes on,” Francis told The Daily Beast. “You’re not above it. You would think that you’re smarter than this, because honestly, I thought I was smarter than this. But guess what? I wasn’t. They got me. It doesn’t feel good to get gotten.”

She’s still processing the deceit. “He broke my heart,” Francis said. “I was crushed. Devastated, cried, cried so many nights. And for someone I’ve never even met.”

“It’s amazing. The heart, when you feel that deeply, it just counteracts the brain completely.

 

Kate Briquelet

Senior Reporter
kbriqueletkate.briquelet@thedailybeast.com

 

Emily Shugerman

Senior Reporter
eshugermanEmily.Shugerman@thedailybeast.com

 

Click here to read the original article.

Click here to read the original PDF.

Meet the Guy Uncovering Crypto’s Biggest Thefts

Rich Sanders is the closest thing the cryptoworld has to 911.

By Amanda Hoover
August 4, 2022

Ian Balina was reviewing initial coin offerings, the crypto industry’s equivalent of an initial public offering, live on YouTube in 2018 when a hacker emptied around $2 million worth of cryptocurrency from one of his wallets. It may have been his old college email address that he used as a backup to another account that made him vulnerable. His bravado about his accumulated wealth likely didn’t help.

When a viewer noted in the comments that his wallet had emptied, Balina said he thought he was being trolled. But he checked and saw that the funds had vanished, he later said in a YouTube video detailing the hack.

It was a humiliating mistake for a prominent crypto evangelist who wrote the book on crypto investing. But these fumbles aren’t unusual, particularly for the uninitiated who might store their wallet keys poorly or send crypto to fake investors who promise them tempting but unrealistic returns. Once the crypto is gone, they have little recourse to recover their investment other than calling people like Richard Sanders.

Sanders is the kind of guy you seek when all your apes are gone. He and his company, CipherBlade, investigate digital thefts of $100,000 or more and other online crimes by scouring blockchains, or digital public ledgers that record every transaction and change-of-hands cryptocurrencies make.

Sanders specializes in blockchain forensics. He took on the Balina case and followed a group of teen hackers to a Discord channel. He joined it, pretending to be a 19-year-old woman, gained their trust, and ultimately learned how they carried out the scheme. (Balina did not respond to a request for comment about where his case stands now and what role CipherBlade played, but he said on YouTube in 2021 that the hackers had been caught. The FBI did not respond to a question regarding criminal charges related to the case.)

CipherBlade is the closest thing to 911 the cryptoworld has. The schemes Sanders and his investigators uncover can be fraudulent investments run by people posing as crypto traders or wallet hacks and breaches on cryptocurrency exchanges—easy money handed to thieves by lax storage of wallet keys. But there are also romance scams, embezzlements, ransomware attacks, and blackmail, where people get others to willingly shell out crypto and then run off with the loot. There are also soon-to-be ex-spouses hiding money from one another in crypto.

Sometimes, Sanders’s work is clearing the names of crypto exchanges that are accused of money laundering. At others, it’s following money on the blockchain used for crimes as devastating as human trafficking. In the new world of digital wealth, riffs on classic crimes flourish. The calamitous difference for victims, though, is that government investigators have been largely ill-equipped to dig into these scams, and the decentralized nature of crypto means there’s no institutionalized protection for investments.

US consumers lost more than $1 billion in cryptocurrencies to fraudsters between January 2021 and March 2022, according to the Federal Trade Commission, and $14 billion was stolen worldwide in 2021, according to Chainalysis, a leading blockchain data platform. In February, the FBI launched a virtual assets unit, and in May, the SEC said it would nearly double the size of its Crypto Assets and Cyber Unit, reaching a grand total of 50. Officials have seized more stolen crypto than they can manage, and the federal government in 2021 had to contract a bank capable of storing and liquidating the assets.

But even that very bank, Anchorage Digital, later came under fire for failing to follow anti-money laundering regulations. In the tangled web of blockchains, government investigations move slowly. Federal agents take on crypto scams as just a subset of the broad range of thefts they investigate. Sanders’s operation, which includes nine people, is far more nimble.

Even a blockchain sleuth has limitations. As a private enterprise, CipherBlade lacks subpoena power. Sanders can’t go rogue and facilitate the return of money. Instead, he’s a new kind of go-between, a private investigator for the growing number of people who are losing wealth in crypto.

“We basically hand these cases to law enforcement on a silver platter,” he told Morning Brew. “We say, ‘We have done everything for this individual shy of doing things that we don’t have the legal power to do.’”

Government officials have been slower to catch up, but they are getting better at investigating and prosecuting crypto cases. In February 2022, officials announced the FBI’s largest seizure ever: $3.6 billion related to a 2016 hack of the virtual currency exchange Bitfinex. Many associate bitcoin with anonymity; the very online couple behind the money laundering in that scam, Heather Morgan and Ilya Lichtenstein, showed the world how untrue that was.

It’s highly traceable, especially for experts like Sanders, and that makes finding criminals even easy in some cases. Wallets seem anonymous, but after a heist, people will often want to convert crypto to cash. This is usually done on major exchanges that require KYC, or know your customer, regulations that mandate people supply identifying info. But even with added attention, law enforcement can’t bring all the crypto scammers to justice.

“As [much as] law enforcement is going to increase the amount of resources that it’s going to devote to this issue, it’s never going to catch up,” said Tal Lifshitz, an attorney who focuses on cryptocurrencies and digital assets. “There’s always going to be a space for private investigators, private lawsuits, and litigation to fill in the gaps for the cases that the government is just not going to pursue.”

Cue people like Sanders. He started as an enthusiast and has grown to a fulltime investigator. The 32-year-old isn’t some pseudonymous online persona. From his home office in Pittsburgh, he talks fast, detailing complicated crypto scams—and how not to become a victim who needs to hire him. This is where he digs into scams and crimes from around them the globe. (He’s also a devoted Swiftie, and his office doubles as a dance floor when he takes breaks from analyzing blockchains to dance to “Shake It Off”.)

Former military, Sanders said he enlisted in the Army at 17 and served in Iraq and Afghanistan. He went on to work in psychological operations for the Army. That’s where he learned to find “unconventional solutions to unconventional problems,” he said, a skill that translates to hunting down crypto on blockchains. “There was no playbook for these types of investigations. We have made the playbook.”

Sanders won’t say exactly how he got into blockchain forensics and learned to scour the web for these transactions. There’s no direct pipeline to this kind of work. But he did say he started CipherBlade in 2017 after helping some friends in the crypto world who had been hacked or scammed. Word spread, and Sanders had more work than he could manage as a solo blockchain enthusiast, he said.

CipherBlade now boasts connections to Chainalysis and other big investigative players in the blockchain world, and has been contracted by the US government to serve as an expert witness (it’s one of several companies to which the government has cumulatively paid out millions of dollars to investigators. The case Sanders was hired for is ongoing, and he declined to elaborate on its nature until it closes).

In addition to hackers, Sanders said his firm investigates civil cases, like divorce proceedings where a spouse has hidden cash by investing in cryptocurrency. There are also romance scams that climb into the six-figure range. Sanders said he has received reports from people seeking his investigative skills, but can’t help them if they don’t want the authorities involved; for instance, if they are concerned about having committed tax evasion.

“Bottom line is this: We are not a rogue agency…we operate within the limits of the law,” Sanders said.

But it’s not just about chasing wealth for people who forgot to lock up their wallets. Sanders works with the nonprofit Anti-Human Trafficking Intelligence Initiative. He looks at the wallet addresses the initiative has scraped from the dark web and analyzes them, seeking links to crypto exchanges, like Coinbase. Then, law enforcement can use that information to subpoena identifying information to make arrests of buyers and traffickers.

The impeccable nature of the blockchain’s record-keeping brings new light to perpetrators of crimes like these. Instead of using bitcoin to buy and sell exploited material anonymously, people are often leaving paper trails.

“When it comes to blockchain analysis, it’s not just about going after these pots of gold of hundreds or thousands of bitcoin and getting somebody super wealthy,” he said. “I’m personally going to have, as just one example, a hell of a lot more interest in a bitcoin wallet that processes even several hundred dollars for child exploitation material or terror financing than a wallet that processes, let’s say, 100 times that amount for scam proceeds.”

In the world of scams, though, the magnifying glass has been turned onto Sanders. CipherBlade wrote a report disputing findings of The Wall Street Journal that claimed a crypto exchange, ShapeShift, had allowed unfettered money laundering on its platform. (The report contended The Wall Street Journal had overestimated ShapeShift’s problem.) Some sleuths went looking into CipherBlade’s background and questioned the company’s claims of recovering millions in stolen crypto and credibility, but had no evidence to contradict it. It’s not surprising that someone akin to a crypto bounty hunter might raise eyebrows. Sanders thinks skeptics are right to have questions and poke holes in the industry.

“I actually agree with a lot of them a lot of the time,” he said, in relation to the skeptics. “But that’s kind of the ironic thing—I’ve actually taken their side on quite a lot of things against my industry. They are right: This industry needs a whole lot more skepticism.”

Sanders himself is a crypto industry skeptic but a blockchain believer. He has spent enough time embedded there to see the tech’s power and potential, but has also seen too many people make mistakes. “I’m so frustrated because the technology behind this, the underlying technology, is fascinating, amazing. And I am a true believer in blockchain tech,” he said. “If you look at the industry right now, the majority of the volume and the participants are speculative investments. And that’s not a good look.”

But as long as there are scams and rug pulls and mysteries to uncover on the blockchain, there’s work for Sanders.

Click here to read the original article.

Click here to read the original pdf.

 

Beware The New Crypto Scam Floating About

By Erik Sherman
Freelance business, economics, finance, and tech journalist.

July 31, 2022

Aside from all the problems regularly appearing in the cryptocurrency space, there are also many crooks ready to relieve people of the coins they are holding, no matter how much the value has dropped.

The line of break-ins, exploits, and scams is never-ending. Plus, no matter how much someone like Senator Kirsten Gillibrand (D-N.Y.) says in an interview with Bloomberg Technology that “the interesting nature of blockchain technology is that it’s a hundred percent transparent, so if you want to trace who bought or sold something through cryptocurrency, you can do that pretty easily,” you can’t. Having an online address is not the same as having someone’s identity.

It’s up to the consumer—that is you—to be careful and know when something might smell fishy and require being wrapped in old newspaper and tossed into the trash.

But as happens with technology, the scam use of it also continues to advance, as is apparent in a forfeiture filing by the United States Attorney’s Office for the Central District of California. The defendant: “Approximately 40.997711 EthereumETH -1.1% Digital Currency.”

As the complaint reads, “P.M. is a resident of, and does business within, Orange County, California, within the Central District of California. P.M. controls an investment vehicle which invests in digital currencies, including Ethereum.”

So, there’s an owner of Ethereum cryptocurrency, whose identity is being protected, that maintained a cryptocurrency wallet with Coinbase.

“On or about December 21, 2021, the victim, P.M., received a pop-up message identifying an error while attempting to log into the Victim Account held at Coinbase on his laptop,” the complaint continues. “The pop-up message stated, ‘Due to a recent activity your account has been blocked. Please contact our support team at +1-810-420-8046 to remove account restrictions.’ P.M. called the identified telephone number and was connected to someone purporting to be a Coinbase representative. The individual P.M. spoke with identified himself as Ankit Anwaral (‘Ankit’). Ankit knew P.M.’s log in information and P.M.’s current location. Ankit stated to P.M. that, in order to authenticate his information, P.M. needed to transfer his cryptocurrency balance from his Coinbase account to a Coinbase Pro account, which was a more sophisticated account designed for investment professionals. Ankit directed P.M. to download a remote desktop application called ‘Anydesk’ onto his laptop to allow Ankit to remotely control P.M.’s computer. Once P.M. did so, persons unknown began to transfer P.M.’s funds. Shortly after, P.M. noticed that 40.997711 Ethereum, valued at $165,145.40 at that time, had been transferred out of the Victim Account. Due to Ankit’s misrepresentations, P.M. did not realize he had been defrauded until the full contents had been transferred out of the Victim Account.”

The cryptocurrency then went through “numerous transfers before being reassembled in other wallets in order to conceal the corrupt source.” (Again, when someone says that all blockchain activity is “transparent” and that people’s identities are easily discovered, you can disregard the individual as someone who knows far less than they think.)

“The thing that struck me about this, I was impressed by the fact that the DOJ was filing such a civil enforcement action,” says Tal J. Lifshitz, a partner in Kozyak Tropin & Throckmorton ‘s complex litigation department and co-chair of the firm’s cryptocurrency, digital asset, and blockchain group. He adds that “999 times out of a thousand,” the Department of Justice answer to someone filing a complaint would be, “We understand you Mr. Victim were defrauded but it’s your own fault.”

But there’s a federal lawsuit instead, very possibly because the person who was defrauded is well-connected.

Commonly, people get duped by scams that prey on fear or greed. There’s typically a red flag. Giving a phone number to call is one of them. You always call the main number of the company and asked to be transferred to the person or something like a fraud department.

However, in this case the fraudster had some significant information about the victim. Was it malware that was on the person’s computer and providing data that would be convincing? Some kind of penetration of Coinbase’s systems? Maybe it was a different type of mechanism.

Whatever it was, reputable companies will not have someone online giving you a phone number to call because it’s too redolent of a scam.

Be aware that when there’s a lot of money potentially changing hands, there are people who won’t blink twice at trying to confuse you into doing something foolish. Take your time to do the basics like calling the company through an independently provided number, ask questions. Anyone trying to push you past the speed to intelligent consideration is someone not to trust.

Follow me on Twitter or LinkedIn. Check out my website.

Click here to read the original article.

Click here to read the original PDF.

A Swift $1 Billion Settlement Shows ‘It Can Be Done’: Lead Counsel Discuss Surfside Condo Collapse Class Action

By Raychel Lean
July 19, 2022

Welcome to Southeast Takeaways, a weekly look at news of the legal profession that will highlight important developments to help you manage your firms, grow your practices and serve your clients better.

Click here to read the original pdf.

Click here to read the original article.

 

Miami-Dade Jury Returns $35M Verdict in High-Profile Real Estate Dispute

By Michael Mora
July 15, 2022

The defendants in the litigation included some of the most prominent business people in South Florida who own property on an exclusive Caribbean island.

Click here to read the original pdf.

Click here to read the original article.