Ian Balina was reviewing initial coin offerings, the crypto industry’s equivalent of an initial public offering, live on YouTube in 2018 when a hacker emptied $2 million worth of cryptocurrency from one of his wallets. It may have been the old college email address he used as a backup for another account that left him vulnerable. His bravado about his accumulated wealth probably didn’t help.
When a viewer noticed in the comments section that his wallet was empty, Balina said he thought he was being trolled. But he checked and saw the funds were gone, he later said in a YouTube video detailing the hack.
It was a humiliating mistake for a prominent crypto evangelist who wrote the book on crypto investing. But these fumbles are not uncommon, especially for the uninitiated who may store their wallet keys poorly or send crypto to fake investors who promise them tempting but unrealistic returns. Once the crypto is gone, they have little option to recover their investment other than to call people like Richard Sanders.
Sanders is the type you seek when all your monkeys are gone. He and his company, CipherBlade, investigate digital thefts of $100,000 or more and other online crimes by tapping into blockchains, or digital public ledgers that record every transaction and change of hands cryptocurrencies make.
Sanders specializes in blockchain investigations. Taking on the Balina case, he followed a group of teenage hackers to a Discord channel. He joined, pretending to be a 19-year-old woman, gained their trust and eventually learned how they carried out the scheme. (Balina did not respond to a request for comment on where his case now stands and what role CipherBlade played, but he said on YouTube in 2021 that the hackers had been caught. The FBI did not respond to a question about criminal charges related to the case.)
CipherBlade is the closest thing to 911 the crypto world has. The schemes Sanders and his investigators are uncovering could be fraudulent investments run by people posing as crypto traders or wallet hacks and breaches of cryptocurrency exchanges — easy money given to thieves by casually storing wallet keys. But there are also romance scams, embezzlement, ransomware attacks and extortion, where people get others to willingly part with crypto and then run off with the change. There are also soon-to-be ex-spouses hiding money from each other in crypto.
Sometimes Sanders’ work is to clear the names of crypto exchanges accused of money laundering. Others follow money on the blockchain that is used for crimes as devastating as human trafficking. In the new world of digital wealth, riffs on classic crimes flourish. The disastrous difference for victims, however, is that government investigators have largely been ill-equipped to dig into these scams, and the decentralized nature of crypto means there are no institutionalized protections for investments.
US consumers lost more than $1 billion in cryptocurrencies to fraudsters between January 2021 and March 2022, according to the Federal Trade Commission, and $14 billion was stolen worldwide in 2021, according to Chainalysis, a leading blockchain data platform. In February, the FBI launched a virtual assets unit, and in May the SEC said it would nearly double the size of its crypto-asset and cyber unit, bringing the total to 50. Officials have seized more stolen crypto than they can handle, and the federal government in 2021 had to contract with a bank that was able to store and liquidate the assets.
But even that bank, Anchorage Digital, was later criticized for failing to comply with anti-money laundering regulations. In the tangled web of blockchains, government investigations move slowly. Federal agents take on crypto fraud as just a subset of the wide range of thefts they investigate. Sanders’ operation, which includes nine people, is far more nimble.
Even a blockchain scout has limitations. As a private enterprise, CipherBlade lacks subpoena power. Sanders cannot go rogue and facilitate the return of money. Instead, he’s a new kind of middle man, a private investigator for the growing number of people who are losing wealth in crypto.
“We’re basically handing these cases to the police on a silver platter,” he told Morning Brew. “We say, ‘We’ve done everything for this person who is shy about doing things that we don’t have the legal power to do’.”
Government officials have been slower to catch up, but they are getting better at investigating and prosecuting crypto cases. In February 2022, officials announced the FBI’s largest seizure ever: $3.6 billion related to a 2016 hack of the virtual currency exchange Bitfinex. Many people associate bitcoin with anonymity; the very online couple behind the money laundering in that scam, Heather Morgan and Ilya Lichtenstein, showed the world how untrue it was.
It’s highly traceable, especially for experts like Sanders, and it even makes it easy to find criminals in some cases. Wallets seem anonymous, but after a robbery, people will often want to convert crypto to cash. This is usually done on larger exchanges that require KYC, or know your customer, regulations that require people to provide identifying information. But even with extra attention, law enforcement cannot bring all crypto fraudsters to justice.
“As [much as] law enforcement is going to increase the amount of resources it’s going to put into this problem, it’s never going to catch up,” said Tal Lifshitz, a lawyer who focuses on cryptocurrencies and digital assets. “There will always be room for private investigators, private lawsuits and lawsuits to fill in the gaps for the cases that the government just won’t pursue.”
Get smarter in just 5 minutes
Get the daily email that makes reading the news actually fun. Stay informed and entertained, for free.
Cue people like Sanders. He started as an enthusiast and has grown into a full-time investigator. The 32-year-old is not a pseudonymous person online. From his home office in Pittsburgh, he speaks quickly, describing complicated crypto scams—and how not to become a victim who needs to hire him. This is where he digs into fraud and crimes from around the world. (He’s also a devoted Swiftie, and his office doubles as a dance floor when he takes breaks from analyzing blockchains to dance to “Shake It Off”. )
Former military, Sanders said he enlisted in the Army at 17 and served in Iraq and Afghanistan. He went on to work in psychological operations for the army. That’s where he learned to find “unconventional solutions to unconventional problems,” he said, a skill that translates to hunting crypto on blockchains. “There was no playbook for this type of investigation. We have created the playbook.”
Sanders would not say exactly how he got into blockchain research and learned to scour the web for these transactions. There is no direct pipeline to this type of work. But he said he started CipherBlade in 2017 after helping some friends in the crypto world who had been hacked or scammed. Word spread, and Sanders had more work than he could handle as a solo blockchain enthusiast, he said.
CipherBlade now has ties to Chainalysis and other major investigative players in the blockchain world, and has been contracted by the US government to serve as an expert witness (it is one of several companies that the government has cumulatively paid millions of dollars to investigators. The Sanders case was employed for is ongoing and he declined to elaborate on its nature until it ends).
In addition to hackers, Sanders said his firm investigates civil cases, such as divorce cases where a spouse has hidden money by investing in cryptocurrency. There are also romance scams climbing into the six-figure range. Sanders said he has received reports from people seeking his investigative skills, but he can’t help them if they don’t want the authorities involved; for example, if they are concerned about having committed tax evasion.
“The bottom line is this: We are not a rogue agency … we operate within the bounds of the law,” Sanders said.
But it’s not just about chasing riches after people who forgot to lock their wallets. Sanders works with the nonprofit Anti-Human Trafficking Intelligence Initiative. He looks at the wallet addresses the initiative has scraped from the dark web and analyzes them, looking for links to crypto exchanges, such as Coinbase. Law enforcement can then use this information to subpoena identifying information to arrest buyers and traffickers.
The impeccable nature of the blockchain’s record-keeping sheds new light on the perpetrators of crimes like these. Instead of using bitcoin to buy and sell exploited material anonymously, people often leave a paper trail.
“When it comes to blockchain analytics, it’s not just about going after these pots of hundreds or thousands of bitcoin and getting somebody super rich,” he said. “I personally am going to have, as just one example, a lot more interest in a bitcoin wallet that processes even several hundred dollars of child exploitation material or terrorist financing than a wallet that processes, say, 100 times that amount of fraud proceeds. “
In the world of fraud, however, the magnifying glass has been turned on Sanders. CipherBlade wrote a report disputing the findings of The Wall Street Journal which claimed that a crypto exchange, ShapeShift, had allowed unfettered money laundering on its platform. (The report claimed The Wall Street Journal had overstated ShapeShift’s problem.) Some scouts investigated CipherBlade’s background and questioned the company’s claims of recovering millions in stolen crypto and credibility, but had no evidence to contradict it. It’s not surprising that someone resembling a crypto bounty hunter might raise eyebrows. Sanders believes skeptics are right to ask questions and poke holes in the industry.
“I actually agree with a lot of them a lot of the time,” he said of the skeptics. “But it’s kind of ironic—I’ve actually taken their side on quite a few things against my industry. They’re right: This industry needs a lot more skepticism.”
Sanders himself is a crypto industry skeptic but a blockchain believer. He has spent enough time embedded there to see the power and potential of the technology, but has also seen too many people make mistakes. “I’m so frustrated because the technology behind this, the underlying technology, is fascinating, amazing. And I’m a true believer in blockchain technology,” he said. “If you look at the industry right now, the majority of the volume and the participants are speculative investments. And it doesn’t look good.”
But as long as there are scams and cover-ups and mysteries to uncover on the blockchain, there is work for Sanders.