person slipping Bitcoin into their pocket

How to Recover Stolen Cryptocurrency

Legal AssistantAdministrative Law, Consumer Law, Criminal Law, Regulatory Law, Resources

The theft of cryptocurrencies such as Bitcoin and Ethereum is becoming increasingly common and has become a high priority target for fraudsters.

According to a recent report compiled by Chainalysis, cybercriminals made away with a whopping $14 billion worth of crypto assets in 2021, translating to a 79% increase in crypto-related crime compared to the previous year. Scamming and hacking were the two biggest forms of crypto-related crimes reported.

The question on most investors’ minds is: Can cryptocurrency be stolen, and if so, can you get it back? Here’s everything you need to know about how to recover stolen cryptocurrency.

Can My Bitcoin Be Stolen?

The short answer is—yes. To understand how this would be possible, you need to familiarize yourself with how this widely popular form of cryptocurrency came into being.

Bitcoin was first launched in 2009 and was designed to be a decentralized virtual currency. The idea behind its creation was that it was supposed to be independent of government and bank oversight and would not be regulated by any single administrator. Instead, every transaction would be recorded on a public ledger referred to as a blockchain, which is how all currency activities would be logged and verified.

Since its creation, security has been a major concern for crypto. On the one hand, the blockchain technology on which Bitcoin runs is extremely difficult to hack. It is constantly being analyzed and improved upon by Bitcoin users, making the possibility of hacking the framework it runs on near-impossible and very unlikely.

On the other hand, simply because the technology Bitcoin runs on is difficult to hack doesn’t necessarily mean that your investment is safe. Fraudsters employ other avenues to steal crypto-assets at different phases of the trading process.

Digital Wallets and Crypto Exchanges

Bitcoins and other forms of cryptocurrencies are stored in wallets. Users rely on digital currency platforms known as crypto exchanges to trade (buy, sell, and exchange) crypto assets. Coinbase is one of several popular crypto exchanges.

These two components pose some inherent security risks that may lead to the loss of crypto assets through theft and other types of fraudulent activities. While the developers of these platforms are always looking for ways to improve their overall security, fraudsters mainly focus on using dubious means to gain access to people’s wallets before proceeding to empty them of the crypto assets contained within.

Two-factor authentication is the most commonly used security measure implemented on these platforms during a cryptocurrency transaction. The transaction’s security is linked to an individual’s phone number or email address, which subsequently means that anyone who has access to any of the two components can verify and validate the transactions.

If a sufficiently motivated hacker can determine a good amount of your non-crypto-related personal information, they have everything they need to hack your wallet and transact without your knowledge or authorization.

The widely publicized Coinbase hacking is one of many hacks, scams, and frauds that have plagued individual investors who’ve had their crypto assets stolen after cybercriminals capitalized on security loopholes in crypto wallets and exchanges.

How to Steal Crypto – Entering the Mind of a Cybercriminal

If you don’t voluntarily give up your wallet login credentials to a third party, the next logical question would be how do cybercriminals steal crypto assets? Here is an overview of the five main ways they use to hack your crypto wallet.

1. Phishing

Phishing attacks are as old as the internet itself. It is undoubtedly the most widely used yet effective method fraudsters use to entice unsuspecting users into freely giving up their access credentials. They use highly sophisticated forgery skills to create exact replicas of legitimate crypto trading websites that are impossible to discern from the real thing.

In a bid to be even more convincing, these cybercriminals send phishing “confirmation emails” or emails notifying the user of a “potential hack.” These emails contain malicious links to the fake replica sites that prompt users to input their authentication information which is then stolen from them and used to access the real site.

The best way to avoid falling victim to this is to pay close attention to the spelling of the site’s domain name. They often contain some inconsistencies that are hard to spot at first glance. For instance, instead of (, the fake site’s domain name would read something like (

2. Compromised Two-Step Authentication

This technique specifically targets individuals involved in crypto transactions. Since most (if not all) of these platforms require users to have two-factor authentication enabled on their accounts, fraudsters focus on intercepting these verification SMS texts. It can be done by SIM-card cloning, wiretapping, or voice phishing (also referred to as “phishing”), to “recover” access to the user’s digital wallet or confirm fraudulent, unauthorized crypto transactions.

3. Malware Infection

This one is an oldie but goodie in the crypto hacking world. Cybercriminals infect the user’s device with keylogging software to steal their PIN and password when they enter them.

Fraudsters may also use cross-scripting injections into the user’s web pages to redirect them to malicious websites that, in most cases, the browser fails to pick up. Unbeknownst to the user, these sites steal sensitive user details or install malware on their devices.

4. Mobile Apps

Unfortunately, not all cryptocurrency trading mobile apps are secure. This can be attributed to security loopholes resulting from poor architecture and open backdoors. As a result, they leave the users vulnerable to man-in-the-middle attacks and data breaches involving the leakage of API keys and other sensitive user information derived from unencrypted databases.

In other cases, hackers may employ methods such as PIN guessing and brute-force attacks to gain access to your wallet and perform unauthorized transactions. If the attackers gain access to a sufficient number of accounts, they can manipulate the market to drive up demand or create a supply shortage, effectively increasing or decreasing the positions of certain cryptocurrencies.

5. Unsafe Security Keys

To perform any crypto-related transaction on the blockchain, you need a public key and a private key.

A private-key functions as a digital signature and is only available to the owner of the cryptocurrency. The user needs it to authorize any transactions they do. A public key is used as a confirmation tool for the private one when receiving transactions.

Users store their private keys in their crypto wallets. If you lose it, you will permanently be locked out of the platform and will no longer be able to access your assets. In the same breath, if anyone other than you obtains your private key, they can use it to transfer all your funds and crypto assets to their wallets.

Since crypto transactions are anonymous, identifiable only by their respective keys, it becomes impossible for you to track your money and assets without the help of law enforcement agencies. It’s your best bet if you hope to recover your stolen assets.

Hackers employ a host of methods to steal crypto owners’ private and public keys. Some of these include using compromised apps with spell checkers browser extensions and exploiting the existing system vulnerabilities. Hot wallets are a popular target for hackers since they run on a centralized system and are always connected to the internet.

On the flip side, cold wallets are a much safer alternative. They are maintained on separate hardware storage devices and are not connected to the internet. The hacker would need physical access to the device to obtain the keys. The downside to them is that if the device in question gets damaged or lost, you can also kiss your crypto assets goodbye.

Seed Phrase vs Private Key – Understanding the Difference

hand holding a paper containing a seed phrase

What is a private key, and how is it different from a seed phrase? As mentioned in the previous section, every cryptocurrency wallet, such as Bitcoin, consists of a private key and a public key. Simply put, private keys are used to send transactions on the blockchain, while public keys are used to receive transactions.

You can think of a private key as the equivalent of an ATM PIN that grants you access to your bank account. By using your unique PIN to access your account, you’re essentially proving to the ATM that you are indeed the account owner. If someone else knows the code, they too would be able to spend the money in your bank account.

In the same way, a private key proves to the crypto network that you own the Bitcoin, Ethereum, and all other crypto assets in your wallet. Private keys come in the form of a 256-bit number that consists of random values between 0 and 2256 which can be expressed as 115,792,089,237,316,195,423,570,985,008,687,907,853,269,984,665,640,564,039,457,584,007,913,129,639,936.

You wouldn’t want to enter such a number every time you need to transact crypto assets. That’s where a seed phrase comes in.

What Is a Seed Phrase?

A seed phrase is a mnemonic representation of the randomly generated 256-bit number that makes up the private key. It can either take the form of a 12-word or 24-word phrase consisting of a combination of random words picked from a 2,048-word list.

An example of a 12-word seed phrase would be:

Young plastic lumber board quote invite history skull dove kit robust regular

If someone gets a hold of this phrase, they essentially have access to your wallet.

Can I Sue if Cryptocurrency Is Stolen?

The rise in cases involving stolen crypto assets has seen a proportional increase in the number of crypto litigation against digital wallets and exchanges. If you’ve fallen victim to cybercriminals gaining unauthorized access to your crypto wallet and transacting your assets on a crypto exchange, the general answer is—yes, you can sue if your Bitcoin or any other cryptocurrency is stolen.

The next logical question would be: Who is the defendant in a cryptocurrency lawsuit? In most cases, civil action is taken against the crypto exchange and the digital wallet. You can do this individually or join a class action suit if you can prove that the actions (or lack thereof) of the exchange or wallet you use to transact resulted in the loss of your crypto assets.

Additionally, there are some civil suits that have been introduced against the coin companies.

How to Sue for Cryptocurrency Loss

Cryptocurrency transactions cannot be reversed. The only way you can recover your funds is if the recipient refunds the assets.

The first step is to file a formal complaint with the following government agencies:

You can then pursue litigation by joining a class action suit or sue the defendants individually in a single suit.

How to Serve a Defendant in a Foreign Country

If the entity you want to sue is based outside US borders, you’re probably wondering how to serve a foreign corporation in such instances. First, you’ll need to establish whether the country in question is part of an international treaty on service. Second, you’ll also need to establish whether the country is opposed to a specific form of service.

There are generally two options you can use:

  1. Service by the US Postal Service
  2. Service by an international express-mail firm

Regardless of the method you use, it will need to be in the form of restricted delivery with a request for a return receipt.

Alternatively, you can serve a foreign defendant under the provisions of the Hague Convention. With this option, you, through your lawyer, will send a request for service to that country’s “Central Authority.” This is the department that handles and executes requests for service.

First, you’ll need to file a motion with a US court for the Issuance of Request for Service Abroad. The court will then execute Form USM-94 and embed its official seal. Next, the court may send you the executed form and leave it to you to forward it to that foreign country’s Central Authority or deliver it directly without your involvement.

Need help from a legal expert? Chat online with a Laws101 attorney right now.