A Canadian youth has been arrested in connection with an eight-figure Bitcoin theft reported last year, following an FBI and Secret Service investigation aided by a tech-crime team run out of the Santa Clara County District Attorney’s Office.
Police in Hamilton, Ontario — about 40 miles southwest of Toronto — announced Wednesday that a minor had been implicated in a March 2020 Bitcoin theft involving more than $36 million, which marks the largest known cryptocurrency theft from a single person, according to authorities.
Authorities also confirmed that the theft victim was Josh Jones, who gained prominence as an early Bitcoin investor.
The theft was originally reported to the FBI Los Angeles office. The South Bay-based Regional Enforcement Allied Computer Team was consulted because of its relatively extensive experience investigating cryptocurrency theft cases over the past four years.
DA investigator David Berry said the team helped federal and Canadian authorities navigate the intricacies of what is known as a “SIM swap” hack. A SIM swap typically involves hackers getting a mobile phone carrier to transfer access to a targeted person’s phone number, from the registered SIM card to one of theirs.
“Being in the early wave has put us in the position of having a lot of experience in how to go about investigating these cases,” he said.
Some SIM swap cases involve illegal insider access, though many intruders will comb through a person’s social media profile or use phishing emails to get answers to security questions. Once they have access to a person’s text messages, they can bypass most digital security barriers to banking, social media and cryptocurrency accounts.
Berry said once the March 2020 theft began garnering moderate attention in mainstream media and wide attention among cryptocurrency forums and blogs, his team began getting tips about the theft. They alerted the lead investigators in the case.
“People came out of the woodwork to (contact) our tip line,” Berry said.
The surge of tips may have been influenced by the international reputation — and in some circles, notoriety — the team has garnered for its cryptocurrency investigations. The group secured the country’s first-ever SIM swap conviction for a Boston man who used the method to steal $7.5 million in cryptocurrency from victims in California.
Police say the Canadian case gained traction after investigators discovered that some of the stolen funds were used to buy “an online username that was considered to be rare in the gaming community,” and that allowed them to locate the account holder.
The minor who was arrested is being prosecuted in Ontario, Canada. Police say they have seized more than $5.5 million in cryptocurrency related to the case.
Berry said there’s a wide range of monetary recovery in these kinds of thefts, in part because the currency can be split and distributed quickly and can become difficult if not impossible to trace.
“In some cases we’ve recovered every cent,” he said, “But in other cases, we’ve gotten nothing.”