One theory is that a data leak of users’ private keys has been exploited by malicious actors who are systematically accessing wallets and stealing their contents. If correct, the thefts again highlight the importance of cryptocurrency users protecting their private keys, which are the backbone of digital asset ownership. However, many of those affected by these thefts are blockchain savvy users or "crypto natives", which further emphasises the vulnerability of this asset class to exploits and other wrongdoing.

• Phishing scams, where wrongdoers create websites that appear to be legitimate crypto exchanges or wallets to trick users into entering their private keys. Once the keys are obtained, the wrongdoer can use them to access the user's account and steal their funds
• Malware, where wrongdoers use software to infect a user's computer or mobile device and track their keystrokes, allowing the attacker to obtain the private key. This method is often used in conjunction with phishing scams
• Physical theft, where a user stores their private key on a paper wallet or USB drive

To protect their private keys, owners of digital assets should take precautions such as using two-factor authentication, only accessing their wallets from secure devices, and keeping their private keys in a secure location. Users should also be cautious of suspicious websites and verify the legitimacy of an exchange or wallet before entering their private key.

• Try to identify how the theft occurred and take steps to mitigate the risk of further exploits. For example, users should check their device for any signs of malware or viruses and consider creating a new wallet with a new private key
• Contact the exchange or wallet provider where the stolen funds were held. They may be able to provide assistance in recovering stolen funds, although the success of this will depend on the specific circumstances of the theft
• Contact the token issuer for the currency in which the proceeds of theft are held. Some tokens can be frozen regardless of their address
• Report the theft to local criminal authorities
• Take legal advice. Lawyers specialising in crypto tracing and recovery can assist with:
  • Freezing stolen tokens or their proceeds
  • Obtaining disclosure to reveal the ultimate destination of the proceeds of stolen tokens and/or the identity of the wrongdoer
  • Securing judgment against the wrongdoer, so that once their identity is disclosed, enforcement action can be taken to recover the stolen assets (or their equivalent value)
  • Liaising with law enforcement agencies to ensure all asset recovery tools and leverage are being used to maximum effect

Harneys has a proven track record of assisting the victims of crypto theft recover their assets.