QUADRIGA INITIATIVE
CRYPTO WATCHDOG & FRAUD RECOVERY PLATFORM
A COMMUNITY-BASED, NOT-FOR-PROFIT
$220 000 USD
JANUARY 2017
GLOBAL
UNKNOWN
DESCRIPTION OF EVENTS
"Colorado resident Andrew Schober’s stash of 16 Bitcoin was stolen from him in a 2018 malware attack, court documents allege. At the time, it was worth about $220,000 and was 95% of his net wealth."
In January 2017, Andrew Schober’s "computer was infected by a malicious program called Electrum Atom that stole £145,800 worth of Bitcoin from me." "A forensic investigation of Schober’s computer found he’d inadvertently downloaded malicious software after clicking a link posted on Reddit for a purported cryptocurrency wallet application called “Electrum Atom.” Investigators determined that the malware was bundled with the benign program, and was designed to lie in wait for users to copy a cryptocurrency address to their computer’s temporary clipboard."
"The malware was designed to wait for the user to copy a crypto wallet address to the temporary clipboard of his computer. When he tried to move 16.4 Bitcoins from his account to another, the malware changed his payment wallet address with a different address controlled by the two young men."
"Schober alleges that Benedict Thompson, of Hampshire, UK, and Oliver Read, of West Yorkshire, UK, orchestrated the theft when they were minors."
"Thompson is now studying computer science at the University of Warwick, the suit says, and Read previously studied computer science at Greenhead College in the UK."
"When the two were boys, they allegedly advertised criminal software on Reddit, where Schober inadvertently installed it, thinking it was a legitimate program."
"The malware was able to direct Schober’s bitcoin to a third-party account that allegedly belonged to Thompson and Read."
“He did not eat or sleep for days afterward and has been in a severe state of distress for the past three years.” It adds: “Mr. Schober was planning to use the proceeds from his eventual sale of the cryptocurrency to help finance a home and support his family.” "The cryptocurrency accounted for approximately 95 per cent of his net wealth at the time it was stolen from him."
"The stolen funds were then depositeed at the cryptocurrency exchange Bitfinex. With the help of an attorney and private investigation firm, the theft was traced to Oliver Paul Read, from Bradford, West Yorkshire. It seems your son has been using malware to steal money from people online."
"Schober spent $10,000 on an investigation and tracked the Bitcoin to the two teenagers in the U.K., documents say. Both Thompson and Read have studied computer science, including at a top U.K. university, the filing notes."
Schober then wrote a letter to the parents of Read, where he asked for the money to be returned. “Your son is obviously a very intelligent young man,” he wrote in 2018. “I do not wish for him to be robbed of his future.”
"As his parents, I am appealing to you first to give him the chance to make this right, without involving law enforcement. Your son is obviously a very intelligent young man. I do not wish for him to be robbed of his future, however it would not be just to let him inflict such a damaging blow to my future."
"If he returns what he stole in full, 16.4552 BTC, to [this address] by October 21, 2012, I will drop this matter and move on. If not, we will pursue recourse through Action Fraud. Given his age and the nature of the crimes, he would likely be charged as an adult. The minimum sentence for Theft: Category 1 Harm (>£100k) with high culpability, and Computer Misuse Section 3: Reckless Intent to Impair Operation, is 4 years and 6 months custody, plus payment of restitution."
"Now they are responding. One of the defendants —Hazel D. Wells — just filed a motion with the court to represent herself and her son in lieu of hiring an attorney. In a filing on Aug. 9, Wells helpfully included the letter in the screenshot above, and volunteered that her son had been questioned by U.K. authorities in connection with the bitcoin theft."
"Neither of the defendants’ families are disputing the basic claim that their kids stole from Mr. Schober. Rather, they’re asserting that time has run out on Schober’s legal ability to claim a cause of action against them."
“Plaintiff alleges two common law causes of action (conversion and trespass to chattel), for which a three-year statute of limitations applies,” an attorney for the defendants argued in a filing on Aug. 6 (PDF). “Plaintiff further alleges a federal statutory cause of action, for which a two-year statute of limitations applies. Because plaintiff did not file his lawsuit until May 21, 2021, three years and five months after his injury, his claims should be dismissed.”
"In August, lawyers for Hazel Davina Wells, the mother of Oliver Read, filed court papers that argued that the two year statute of limitations had passed before Mr Schober filed his case and asked a judge to dismiss the claim." "Schober’s attorneys argue (PDF) that “the statute of limitations begins to run when the Plaintiff knows or has reason to know of the existence and cause of the injury which is the base of his action,” and that inherent in this concept is the discovery rule, namely: That the statute of limitations does not begin to run until the plaintiff knows or has reason to know of both the existence and cause of his injury."
"The plaintiffs point out that Schober’s investigators didn’t pinpoint one of the young men’s involvement until more than a year after they’d identified his co-conspirator, saying Schober notified the second boy’s parents in December 2019."
In January 2017, Andrew Schober was tricked into downloading a malicious application which modified his clipboard. As a result, he ended up sending his bitcoin to 2 teenagers in the UK. The thieves did nothing to obscure the coins and deposited them directly on the Bitfinex platform. Andrew Schober spent tens of thousands of dollars and many years tracking down the culprits and is presently attempting to sue them. However, the statute of limitations limits claims to 2-3 years.
HOW COULD THIS HAVE BEEN PREVENTED?
All large transactions or new wallets should be tested first with a smaller value transaction.
Man Who Lost $800K of Bitcoin Sues Parents of Alleged Teenage Thieves - Decrypt (Jan 30)
https://krebsonsecurity.com/wp-content/uploads/2021/08/pro-se-wells.pdf (Feb 3)
Man Robbed of 16 Bitcoin Sues Young Thieves’ Parents – Krebs on Security (Feb 4)
Man sues over bitcoin stash stolen in 2018 and now worth $1M (Feb 4)
@briankrebs Twitter (Feb 4)
Andrew Schober Is One of Many Victims of Crypto Theft, but He's Taking Action | Live Bitcoin News (Feb 4)
Two British schoolboys stole nearly $1m in Bitcoin and families refused to give it back, US lawsuit claims (Feb 4)
Andrew Schober sues parents of young men who stole his 16 Bitcoins (Feb 4)
