LONDON — When Grant West was arrested on a train last year by undercover British police, surveillance footage showed passengers clapping at what looked like the quick capture of another petty criminal.
But West’s arrest was a milestone for Scotland Yard: The 25-year-old was the first cybercriminal taken into custody and had his Bitcoin currency, worth about $700,000, seized by London Metropolitan Police.
“These people generally feel they can operate with impunity, that they can’t be touched. We have now debunked that,” said Mick Gallagher, the police investigator who led the two-year covert operation.
A British court said Wednesday that West would be sentenced on May 25. His girlfriend, Rachael Brookes, an accomplice, was sentenced to two years community service.
West, who used the online name “Courvoisier,” pleaded guilty in December to a cyberattack on a fast-food firm plus multiple other offenses. Investigators said he was behind cyberattacks on more than 100 companies, including supermarkets, gambling shops and cellphone companies between July and December 2015.
He used phishing emails to lure people into revealing personal information, including passwords and credit card numbers, police said. West then sold the data to vendors on hidden websites known as the Dark Web. He converted his proceeds into Bitcoin and stored it across several virtual currency accounts.
“When it comes to transactions on the Dark Web, (people) nearly universally use cryptocurrency,” said Alex Lakatos, a lawyer in Washington, D.C., who has worked extensively on cases of forfeiture.”The use of virtual currency for illicit purposes has been a huge success.”
Investigators were able to confiscate West’s Bitcoin accounts because he was logged onto his laptop when he was arrested on the train. Police also took his laptop and found his encrypted access codes were saved on the computer.
While the sums seized from West are relatively modest, his case shows challenges law enforcement face when trying to track digital money, or cryptocurrencies — whether stolen or acquired through criminal activities.
Before West, Britain had made just one other such seizure. Two years ago, police in southern England seized more than $1 million in Bitcoin after searching the home of a suspect who was later convicted of selling drugs and money-laundering. Police found a Bitcoin password on a piece of paper in the suspect’s home.
Sharon Cohen Levin, an authority on money-laundering who spent more than two decades at the U.S. Attorney’s Office for Manhattan, said investigators often could identify that specific digital money was being used in criminal activity but were unable to identify who that money belongs to.
“There is not necessarily any place, for example, that you can subpoena to find information about Bitcoin-related activity,” she said.
Both Britain and the United States have struggled to figure out how to regulate Bitcoin and other cryptocurrencies.
Gallagher, with the Metropolitan Police, said there are more than 150 types of cryptocurrences allowing varying degrees of anonymity, and criminals have exploited their use.
One of the most well-known examples was used by a young Texan named Ross Ulbricht, also known as Dread Pirate Roberts. Ulbricht used Bitcoin to build a massive illegal narcotics empire known as Silk Road. The FBI needed to catch him red-handed to prove his guilt. After a lengthy investigation, the FBI finally swooped in to arrest Ulbricht in 2013 while he was logged onto his computer in a San Francisco public library.
Alexandre Cazes, the alleged mastermind behind the now shuttered Dark Web marketplace AlphaBay, amassed digital coins worth millions of dollars when he was found dead in a jail cell in Thailand last year. U.S. Justice officials concluded that Cazes, a Canadian citizen, killed himself, possibly to avoid extradition to the United States. AlphaBay sold illegal drugs, weapons and stolen identities.
There have also been an increasing number of large cryptocurrency thefts.
Coincheck, a digital currency exchange in Japan, lost more than $500 million in virtual assets in January after a hacking attack. In 2014, an estimated $400 million in Bitcoin was stolen from Mt. Gox, another digital currency exchange based in Japan.
Henri Arslanian, a Hong Kong-based cryptocurrency specialist at the consulting firm PwC, said some forms of digital money such as Bitcoin allow criminals to conduct “decentralized, anonymous and instantaneous” transactions.
He noted that cryptocurrencies may not always be the best option: “Cash still has many advantages over Bitcoin.”