Welcome to PYMNTS’ new series on crypto crime. In it, we’ll be taking a look at the crimes that have not only been committed in the cryptocurrency industry but have defined it — especially Bitcoin — in many people’s minds.
We’ll give you a look at the realities and the myths, the methods and tools and the ways authorities and private securities are starting to break through the mythical anonymity that many criminals — and honest people — believe shields their transactions.
Along the way, we’ll tell you some great stories to illustrate. Some will be funny, some will be whimsical, some will be sad and a few will be horrifying. A whole lot of them will be hard to believe. But they’ll all be true — or at least what Watergate journalist Bob Woodward called “the best obtainable version of the truth.”
See also: PYMNTS Crypto Crime Series: When Privacy Counts, Crypto Users Turn to Mixing Services
PYMNTS Crypto Crime Series: In India Hacking Case, Bitcoin Trail Leads to Hamas
PYMNTS Crypto Crime Series: The $612 Million Heist That Wasn’t
A decentralized finance project called Wonderland saw its token’s price collapse by 40% in a matter of hours yesterday when it was revealed that a key developer — the project’s co-founder, in fact — was connected to the QuadrigaCX exchange.
As tends to happen in crypto, and especially DeFi where due diligence is an often-ignored concept, an interested amateur sleuth digging around on their own discovered that the leader of a serious, multi-million-dollar project, known as 0xSifu to investors, appears to be Michael Patryn, co-founder of QuadrigaCX.
Just the exchange’s name was enough to tank Wonderland’s TIME governance token, which went from $670 to $260 in the space of 24 hours. It’s back up to $340 now that Patryn has stepped aside as treasurer of the project, which seeks to build a stablecoin backed by non-fiat currency assets.
There have been a lot of scams, frauds, rug pulls, and other types of crypto crimes that have cost investors billions over the years. But none was as wild, weird and in the end worrisome as the 2018 collapse of QuadrigaCX, then a top Canadian cryptocurrency exchange.
Read more: Feds Investigate QuadrigaCX’s $195M Crypto Mystery
But unlike many of the complex schemes that have bedeviled crypto over the years, this was a straight embezzlement/Ponzi scheme: The owner and CEO of the exchange, Gerald Cotton, allegedly stole client money to live a yacht-and-Lamborghini lifestyle and fund bad bets on a variety of risky crypto trades and then died — maybe — leaving investors out $190 million.
An exchange unravels
The QuadrigaCX scandal broke in waves as bad news turned into worse news, then sinister news, and then outright criminal news.
It starts with Gerald Cotton, who was widely described as a genial fellow with a good reputation in crypto and Crohn’s disease.
He and Patryn founded QuadrigaCX in late 2013, shortly before the Mt. Gox exchange hack — still far and away the largest crypto crime. Patryn departed well before the collapse and has not been accused of any wrongdoing.
By late 2018, it was the largest crypto exchange in Canada and had a solid reputation — it was the first exchange to win a money-services business license from Canadian regulator FinTRAC — and 76,000 clients.
Everything unraveled on Dec. 8, when Cotten was on his honeymoon in Jaipur, India. Taken ill with stomach pain, he was driven to a hospital and died of septic shock less than 24 hours later — allegedly. We’ll get back to that.
Not your keys, not your crypto
QuadrigaCX may have been a big exchange, but it wasn’t a big business. Cotton was apparently running it from his laptop without many employees by the time he died.
This was when the bad news hit the exchange’s customers. Like most exchanges, QuadrigaCX kept the vast majority of its crypto funds in cold wallets — essentially hard drives not connected to the Internet, so they cannot be hacked.
But no one else seemed to have the passwords to those cold wallets, and they could not be found. His widow claimed to have looked high and low but found nothing. A Canadian appointed auditing giant Ernst & Young as bankruptcy trustees.
Multiple backups of passwords spread among multiple people is crypto exchange 101 — something later investigations showed Cotton understood well. So, the search was on. E&Y did not cover itself with glory — at one point, it transferred $1 million of the funds it could find, largely held at other exchanges, to one of the password-locked accounts, effectively destroying it.
That’s the thing about bitcoin, ether, and other cryptocurrencies. Every transaction requires a private key code that is used to send the crypto. Once the payment is received, that code is used and a new one is generated. Lose that private key code and your crypto is effectively gone — “burned” in the lingo, just as effectively as a fire would burn a $20 bill.
Which brings us to a motto popular among experienced crypto investors: Not your keys, not your crypto. Meaning that when you store your bitcoin in an exchange’s wallet, you give it control of your private key — they couldn’t send it back to you otherwise — you are at their mercy.
Not exactly “lost”
Quadriga customers were still screaming, but the realization was setting in that if those codes were never found, they’d lost everything.
Then E&Y came out with a shocker: There was nothing stored on those cold wallets. QuadrigaCX had been cleaned out even before Cotton’s death. Forensic investigators pieced together an entirely new picture of Cotton: A con man and thief who ran the exchange as a private piggy bank, using Ponzi scheme tactics to keep investors in the dark.
The longer they looked, the sketchier QuadrigaCX became. For one thing, the platform was designed — at Cotton’s request — so that no access logs were made of any activity by anyone with full administrator privileges. And only one person had them.
See also: Lawyers Demand Proof That QuadrigaCX Founder Is Really Dead
While the exchange did require “know-your-customer” data, it wasn’t always enforced — for example in the case of accounts controlled by Cotton but registered under the Star Wars-themed names Aretwo Deetwo and Seethree Peaohh.
Another account, under the name Chris Markay was used to make trades and withdraw funds almost 300,000 times, in many cases trading phantom assets to customers in exchange for real ones — and charging the customers a fee for the privilege.
Nor did E&Y find any accounting records for the company. It did, however, have QuadrigaCX’s KYC information, which was over to the Canadian Revenue Agency — at its request.
So what happened to all the money? A lot of it went to bad crypto investments — Cotton was apparently not very good at picking winners — but a fair amount went to his extensive travels and extravagant lifestyle: $12 million in real estate, a Lexus and yacht, and — remember that “maybe” after Cotton’s death — a Cessna 400 aircraft.
The details of Cotton’s death in India, of “complications from Crohn’s disease, were always sketchy, and one gastroenterologist told Canada’s Globe and Mail that he was not comfortable with the diagnosis, and the fact that no autopsy was performed. His body was quickly embalmed and brought home a day later. He had written a will just four days before flying to India.
Plenty of creditors began demanding an exhumation and autopsy to see if the body really was Cotton.
Know-your-business (KYB)
Getting back to 0xSifu/Michael Patryn, he was also discovered to be Omar Dhanani. While not accused of any illegal actions in the QuadrigaCX case, Dhanani — who had legally changed his name — was jailed in the U.S. for 18 months “after pleading guilty to conspiracy to commit credit-and-bank card fraud in 2005, and burglary, grand larceny and computer fraud two years later,” Bloomberg said.
One of the strangest things about crypto is how often the developers of projects — particularly DeFi projects — that attract a lot of investor money are known by nothing more than a Twitter handle.
Take the case of Chef Nomi, creator of the SushiSwap DeFi exchange, or DEX. After creating the very popular DEX, he abruptly departed, cashing out his tokens and cleaning out $14 million worth of ETH, causing the SUSHI token to tank. The investors screamed “exit scam” (meaning a rug pull) and surprisingly, Chef Nomi came back, apologized profusely and turned the keys to the project over to Sam Bankman-Fried, the billionaire founder of the centralized FTX exchange — who was in no way involved in the project, just a highly trusted crypto community leader. Who was Chef Nomi? Good question.