GLOBAL FINANCIAL CRIME REVIEW
( e. g., online research, coordination and ransom demands via encrypted messaging) and modern financial crime( i. e., money laundering via the use of cryptocurrency).
Crypto kidnapping modus operandi
1. Target identification
OCGs must identify and select a target that possesses significant cryptocurrency wealth by conducting open-source intelligence and monitoring public figures such as executives, influencers and any other profile of interest in the crypto space in order to obtain sufficient information about the target and determine their holdings.
2. Surveillance and profiling
Once a target is selected, OCGs gather detailed intelligence on the target’ s habits and security vulnerabilities via physical tailing and covert observation, which enables them to monitor entry / exit routines at home and office, as well as security gaps( e. g., lack of CCTV, bodyguard). OCGs may also focus on the target’ s family to identify potential emotional pressure points.
3. Risk assessment and feasibility study
OCGs may evaluate the likelihood of success and risk of capture by determining local law enforcement( LE) presence and assessing response times. OCGs typically recruit individuals acting as contractors in order to perform groundwork while remaining in the background. The success of a kidnapping operation heavily depends on the expertise of the OCG members. It is worth noting that in multiple cases of crypto kidnapping, younger individuals and even teenagers are recruited. As these individuals are criminally less experienced, they pose a higher risk of failure when conducting such operations
The success of a kidnapping operation heavily depends on the expertise of the OCG members
which are sophisticated by nature. However, OCGs consider them as low-cost resources that can be easily recruited with promises of financial gain. In addition, doing so enables senior OCG members to operate without being exposed or incurring the risk of being apprehended by LE. The use of younger individuals is also perceived as a low-risk, high-reward calculation as they face lower sentences if caught by LE due to their younger age. There are broader factors that can also explain why younger individuals get involved in such criminality such as the desensitization of violence among the youth in certain countries.
4. Planning the operation
OCGs strategically prepare the logistics of the kidnapping by selecting the abduction site( e. g., vehicle trap, home invasion), choosing a safe house or holding location and gathering tools such as weapons, zip ties, burner phones and blindfolds, as well as devices or software to force cryptocurrency transfers. The planning phase also requires the OCGs to assign roles in order to operate efficiently( e. g., leaders, abductors, negotiators, lookouts, tech specialists, money launderers, etc.) as well as to establish secure communication channels. OCGs prioritize anonymity and compartmentalization. As a result, the criminals on the ground often do not know the identities of others beyond their immediate role such as the leaders or money launderers. The most expert OCGs may conduct rehearsals or dry runs to test timing and refine their techniques. OCGs may also implement risk mitigation strategies by identifying possible escape routes and using fake identities, fake or cloned license plates or stolen vehicles in order to avoid detection or to escape from LE.
A striking example that highlights the structured planning and role distribution typical of OCGs is illustrated in the following case.
In April 2023, two criminals violently invaded a couple’ s home in Durham, North Carolina, after co-conspirators hacked the victims’ email and conducted days of surveillance. The attackers assaulted and restrained the couple at gunpoint, forcing the husband to grant access to his computer and cryptocurrency exchange account. A co-conspirator then remotely stole over $ 150,000 in cryptocurrency, which was laundered through anonymity-enhanced cryptocurrencies, instant exchanges and decentralized finance platforms lacking know your customer controls. 4
80 acamstoday. org