In The Beekeeper (2024), the core wrongdoing is a highly recognisable piece of online fraud. Retired teacher Eloise Parker is targeted by a phishing‑style tech support scam: a fake computer warning leads her to call a bogus helpline, she is persuaded to grant remote access and follow instructions which result in her life savings – including over $2 million from a charity fund she controls – being transferred out of her accounts. When she realises everything has gone, she takes her own life, and her neighbour Adam Clay responds by hunting down the call‑centre operation behind the scam.
If you transpose that scenario into a UK setting, the conduct is very familiar. The scammers’ lies about who they are and what they’re doing would fit comfortably within fraud by false representation under section 2 of the Fraud Act 2006. Their use of remote access tools, spoofed screens and fake online interfaces to get into the victim’s banking and email accounts would almost certainly amount to unauthorised access to computer material and potentially unauthorised acts with intent to impair under sections 1–3 of the Computer Misuse Act 1990. Once the funds are moved through layers of accounts, or converted into other assets, the usual money‑laundering provisions under the Proceeds of Crime Act 2002 would also be engaged.
Cryptocurrency “hacking” in the UK often looks very similar in method, even if the end product is different. Many crypto cases start with the same kind of social engineering seen in The Beekeeper: phishing emails, fake investment platforms, cloned exchange websites or “support” chats that trick victims into revealing wallet seed phrases, private keys or two‑factor authentication codes, or into installing remote access software. Technically, that behaviour is still charged as fraud (false representations about the nature of the service or investment) combined with Computer Misuse Act offences for accessing or interfering with computer systems and data without authority. The fact that the target is a crypto‑exchange account or self‑custody wallet, rather than a high‑street bank account, doesn’t give rise to a wholly new species of offence.
The main difference lies in the rail the criminals use to move and disguise the proceeds. In The Beekeeper, the stolen money passes through conventional accounts controlled by the scam network; in many UK cases today it is quickly converted into cryptoassets and pushed through mixers, cross‑chain bridges and multiple wallets to frustrate tracing. But for English law, cryptoassets are treated as a form of property capable of being stolen or fraudulently obtained, and dealing with them as “criminal property” will engage the same money‑laundering offences as fiat. In that sense, the film’s call‑centre fraud is simply the analogue precursor of modern UK crypto hacking: both rest on social engineering, unauthorised access and rapid digital movement of value, even if Jason Statham’s remedy bears little resemblance to what actually happens in the Crown Court.
Recent Cryptocurrency Fraud Court Cases (2019–2025)
United Kingdom – Civil Cases
AA v Persons Unknown [2019] EWHC 3556 (Comm) – In this landmark case, an insurer paid a Bitcoin ransom after hackers infected its insured client’s systems with malware and demanded $950,000 in BTC for a decryption key . After payment, the insurer traced about 96 of the 109.25 BTC ransom to an address linked to the Bitfinex exchange . The High Court recognized Bitcoin as “property” and granted a proprietary injunction and disclosure order against Bitfinex, treating the exchange as constructive trustee of the ransom proceeds . This allowed the insurer to freeze the assets and compel information identifying the hackers, illustrating how ransomware attackers stole crypto by extorting victims and laundering the proceeds through exchanges .
Ion Science Ltd v Persons Unknown (High Court, 21 Dec 2020, unreported) – A UK company fell prey to a fraudulent initial coin offering (ICO) scheme. Scammers posing as a Swiss investment firm “Neo Capital” induced the claimant’s director to transfer about 64.35 BTC (≈£577k) as an “investment,” even persuading him to give them remote access to his computer to execute the transfers . In reality, “Neo Capital” was fictitious, and the funds were swiftly moved offshore. The High Court granted a worldwide freezing order and Bankers Trust disclosure orders against two cryptocurrency exchanges (Binance and Kraken) where the stolen Bitcoin was traced . The case shows crypto can be stolen by classic investment scams: the fraudsters convinced the victim to invest in a fake crypto venture, then siphoned his Bitcoin to exchange wallets under their control.
Fetch.ai Ltd v Persons Unknown [2021] EWHC 2254 (Comm) – Here, unknown hackers breached the claimants’ cryptocurrency accounts on Binance and carried out unauthorized trades. In a 12-second window, the fraudsters sold roughly $2.6 million of the claimants’ crypto to an unknown buyer at undervalue without permission . By effectively “baiting” a quick sale to themselves or an associate, they drained the victim’s holdings. The Commercial Court responded with robust interim relief: it divided the defendants into categories (the perpetrators; those who received assets at a discount; and any innocent third-party recipients) . It then issued a proprietary injunction and a worldwide freezing order to freeze the misappropriated assets, and granted Bankers Trust and Norwich Pharmacal orders compelling Binance to disclose information to help identify the wrongdoers and trace the funds . This case highlights how exchange accounts can be compromised and crypto assets swiftly sold off, and how courts freeze assets and gather information even when the ultimate buyer might claim to be a bona fide purchaser.
Danisz v Persons Unknown & Huobi Global [2022] EWHC 280 (QB) – An individual investor (SD) was lured by a social media advertisement into putting £27,000 worth of Bitcoin into an online crypto investment program called “Matic Markets” . The value of her Bitcoin rose, but when she attempted to withdraw funds, the platform refused and cut off communication. An expert traced SD’s Bitcoin and discovered it had been secretly transferred out of Matic’s wallet without her knowledge . Some of the stolen BTC ended up in a wallet on the Huobi exchange . The High Court granted an urgent proprietary injunction and a worldwide freezing order against the scammers to prevent further dissipation, and a Bankers Trust order requiring Huobi to disclose customer identity and transaction data for the destination wallet . This case is a clear example of a “pig-butcher” investment scam, where fraudsters create a fake trading platform that accepts deposits and then absconds with the cryptocurrency instead of honoring withdrawal requests.
D’Aloia v Persons Unknown & Ors [2022] EWHC 1723 (Ch) – Mr. D’Aloia was duped by a clone online brokerage: a scam website masquerading as a legitimate U.S.-regulated trading platform . Over time he was induced to transfer ~£2.5 million in USDT (Tether) stablecoin to wallets controlled by the fraudsters . After the fraud came to light, he traced the funds through multiple blockchain addresses, ultimately finding some of his USDT had been cashed out via accounts on a Thai crypto exchange (Bitkub) . The court treated the unknown scammers as proper defendants and, in an innovative step, allowed service of court documents via NFT airdropped to the fraudsters’ wallet to notify them . D’Aloia obtained interim freezing injunctions and later pursued a constructive trust claim against the exchange that held part of the loot. Although his claim against the exchange (Bitkub) was later dismissed due to insufficient tracing evidence , the case demonstrated how fraudsters built a fake investment portal to steal crypto deposits, and it set a precedent for using blockchain technology itself (NFTs) to reach anonymous thieves .
Jones v Persons Unknown [2022] EWHC 2543 (Comm) – A British investor, Mr. Jones, was persuaded by fraudsters to transfer 90 BTC (worth several million pounds) into what turned out to be a fake online investment platform . Blockchain analysis revealed his Bitcoin had moved into a wallet on the Huobi exchange . When neither the scammers nor Huobi responded in court, the judge entered a default judgment and made a novel order: Huobi was deemed a constructive trustee of the 90 BTC and was ordered to deliver up the stolen cryptocurrency back to Mr. Jones . Huobi complied by transferring 98 BTC (the principal plus interest and costs) to an English wallet, deducting the sum from an internal account belonging to a third-party (Kyrrex) . (Kyrrex later tried and failed to overturn the judgment .) The fraudulent conduct at the heart of the case was a classic phony investment scam – the scammers created a sham trading platform to convince the victim to send them Bitcoin, which they then routed through an exchange . This judgment was significant in confirming that even a crypto exchange (if holding stolen assets) can be ordered to return stolen coins as constructive trustee .
Tulip Trading Ltd v Bitcoin Association & Ors – (High Court [2022] EWHC 667 (Ch); Court of Appeal [2023] EWCA Civ 83) – Tulip Trading, a company controlled by Dr. Craig Wright, claimed it lost access to Bitcoin worth around $4 billion due to a hack. Unknown persons hacked Dr. Wright’s home network in early 2020 and stole the private keys to two Bitcoin addresses holding approximately 111,000 BTC . With the keys gone, Tulip was effectively deprived of its Bitcoin (the thieves could move or sell the funds). Unable to identify the hackers, Tulip took the unprecedented step of suing 16 Bitcoin core developers, arguing that since they maintain the Bitcoin software, they owed fiduciary or tortious duties to introduce a software “patch” to help restore Tulip’s stolen coins . The High Court initially struck out the claim, but in 2023 the Court of Appeal held there was a “serious issue to be tried” on whether developers might owe a limited duty in such circumstances . Central to the case is the nature of the fraud: a cyber-intrusion and theft of cryptographic keys. The hackers’ breach meant Tulip’s Bitcoin was irretrievably taken, exemplifying how control of crypto can be lost through hacking even without the protocol itself being compromised. (The case now proceeds to trial on the developers’ duties, but it underscores the massive stakes when billions in crypto are stolen by anonymous attackers.)
LMN v Bitflyer Holdings Inc & Ors [2022] EWHC 2954 (Comm) – LMN, a U.K.-based cryptocurrency exchange, suffered a serious hack in 2020, resulting in “millions of dollars’ worth” of various cryptoassets being illicitly transferred out of LMN’s customer wallets . The thieves siphoned the assets through numerous transactions; however, LMN’s forensic experts traced the stolen crypto to deposit addresses at six international exchanges (including Bitflyer and others) where the funds had landed . Because the wrongdoers were unidentified, LMN sued the exchanges’ holding companies to obtain information. The High Court (Butcher J) embraced the new CPR 6.36 service gateway for fraud, allowing LMN to serve out of jurisdiction, and granted extensive disclosure orders (Bankers Trust orders) against the foreign exchanges . The exchanges were compelled to hand over KYC records and transaction details for accounts linked to the hack . This enabled LMN to pursue the ultimate perpetrators. The fraud itself was a straightforward exchange hack: attackers breached LMN’s security and stole digital assets directly from the exchange’s wallets, then attempted to hide by spreading the loot across multiple trading platforms. The case demonstrates the English courts’ willingness to assist victims in tracing and recovering crypto by piercing through exchange anonymity when hackers strike .
United Kingdom – Criminal Case
R v Zhimin Qian (Southwark Crown Court, 2025) – Qian Zhimin, a Chinese national, was prosecuted in the UK as the mastermind of a massive Ponzi scheme that operated in China and laundered its proceeds through Bitcoin. Between 2014 and 2017, Qian’s company defrauded approximately 128,000 investors in China, raising roughly ¥40 billion (≈£5.5 billion) with false promises of high returns . About ¥6 billion (£840 million) of the victims’ money was siphoned off by the conspirators and used to purchase over 61,000 BTC, which Qian held to conceal the funds . She fled to London with these Bitcoin. In 2021, Scotland Yard seized Qian’s crypto stash (worth over $6 billion by 2025) – the largest cryptocurrency seizure ever . Qian pleaded guilty to money laundering and was sentenced in 2025 to 11 years 8 months’ imprisonment . The fraudulent conduct in this case was a colossal Ponzi investment scam: Qian’s operation conned victims into investing in a fake wealth scheme, then converted a chunk of the fraud’s fiat proceeds into Bitcoin to hide and later cash out. This cross-border scheme underscores how cryptocurrency is used to launder the fruits of fraud on a vast scale – in Qian’s case, turning billions from a pyramid scheme into anonymized digital assets.
International Cases – Criminal
United States v. Peraire-Bueno (S.D.N.Y. indictment 2024) – Brothers James and Anton Peraire-Bueno (MIT-educated developers) were charged in the US with a first-of-its-kind crypto fraud that exploited the mechanics of the Ethereum blockchain. Prosecutors alleged the brothers spent months planning a “high-speed bait-and-switch” attack on automated trading bots . In April 2023, they executed a 12-second sequence of malicious transactions that lured rival traders’ bots into a trap and drained about $25 million in cryptocurrency from those victims’ accounts . Specifically, the pair discovered a vulnerability in MEV-boost (software used by Ethereum validators) and manipulated block validation to include a deceptive bundle of trades . They made a trade that appeared highly profitable to algorithmic bots, tricking the bots into biting; but the trade had a hidden payload that redirected value to the brothers’ own accounts at the moment of block confirmation . Essentially, they tampered with blockchain consensus to pickpocket other traders. The case went to trial in late 2025. While the first jury deadlocked (resulting in a mistrial) , the prosecution vividly illustrated a new form of crypto fraud: exploiting smart-contract and blockchain protocols to outwit victims’ software and steal crypto without traditional “hacking” of accounts. (US authorities intend to retry the case, underscoring its importance in drawing the line between aggressive trading and criminal fraud.)
United States v. James Zhong (S.D.N.Y. 2022 conviction) – Zhong pulled off one of the largest Bitcoin thefts on record by exploiting a vulnerability in the Silk Road dark web marketplace. In September 2012, the then-22-year-old discovered that by rapidly sending withdrawal requests to Silk Road’s Bitcoin wallet (using a bug that allowed multiple withdrawals for a single deposit), he could trick the system into paying out far more Bitcoin than he put in . Using a series of dummy accounts and a “double-click” exploit on the withdrawal button, Zhong stole approximately 50,000 BTC from Silk Road in a matter of days . (At the time, those coins were worth only around $600k; by 2021 their value exceeded $3.3 billion.) Zhong then hid the coins for nearly a decade, moving them through mixing services and stashing the keys in devices (even a single-board computer concealed in a Cheetos popcorn tin) . He was finally caught in 2021 when agents traced some blockchain clues and raided his Georgia home, finding 50,676 BTC. Zhong pleaded guilty to wire fraud for the 2012 theft , and in 2023 he was sentenced to one year in prison. This extraordinary case of fraudulent asset appropriation hinged on technical manipulation of a crypto platform: Zhong didn’t con a person, but rather exploited a software flaw to make Silk Road’s system erroneously transfer him vast amounts of Bitcoin .
R v Cameron Redman (Ontario Superior Court, 2023) – A Canadian teenager, Cameron Redman, was convicted for a SIM-swap heist that stole cryptocurrency now valued at $37 million. On 22 February 2020, Redman hijacked the mobile phone number of a Los Angeles-based crypto investor by tricking the phone company into a SIM card swap . With control of the victim’s number, Redman intercepted SMS-based two-factor authentication codes and breached the victim’s online wallets. He then drained 1,547 BTC and 60,000 BCH (Bitcoin Cash) from the victim’s accounts – worth about $37 million at the time . After stealing the coins, the youth laundered them through hundreds of micro-transactions and multiple exchanges to obscure the trail . He was eventually caught by a joint investigation involving an on-chain analyst (who linked him to subsequent social media hacks) and Canadian police. In 2025, Redman – then an adult – was sentenced to 12 months in prison and ordered to pay restitution . This case typifies the “SIM swap” fraud vector, wherein criminals seize control of a victim’s phone number to bypass security and thereby steal large sums of cryptocurrency. The fraudulent conduct was essentially identity theft and unauthorized access: Redman impersonated the victim to the phone carrier, then used that access to breach crypto wallets and transfer out digital assets .
U.S. v. Nicholas Truglia (S.D.N.Y. 2021 plea) – Another notable SIM-swap case involved Nicholas Truglia, who was part of a ring that targeted wealthy crypto holders. Truglia and co-conspirators fraudulently ported victims’ phone numbers and then used the access to steal over $20 million in cryptocurrency from just one victim, blockchain investor Michael Terpin . Truglia helped launder the proceeds by using his own Binance account to convert and transfer some of the stolen coins . In a related civil suit, a California court entered a $75.8 million judgment against Truglia for the theft . Criminally, Truglia pleaded guilty to wire fraud conspiracy in New York and was later sentenced to 18 months in federal prison . The scheme exemplified how fraudsters social-engineer mobile providers and then raid victims’ crypto wallets, with Truglia brazenly boasting online about his illicit gains (which he spent on luxury watches, cars, and nights out) . Both the Redman and Truglia cases show that while the technology is cutting-edge, the core fraud – stealing credentials to misappropriate assets – remains an age-old story of theft, only now the “loot” is digital currency.
Each of these cases paints a piece of the larger narrative of cryptocurrency fraud in recent years. From Ponzi schemers and exchange hackers to deceitful investment platforms, protocol exploits, and SIM-swapping identity thieves, the courts have grappled with novel facts but a common theme: fraudsters prey on trust and technical gaps to separate victims from their cryptoassets. In response, courts in the UK and internationally are adapting traditional legal remedies to this new landscape – freezing wallets worldwide, compelling exchanges to divulge information, recognizing crypto as property, and even permitting service via blockchain – all in service of the fundamental goal of undoing the fraud or at least holding the perpetrators to account . The above cases, taken together, form an analytical chronicle of how cryptocurrencies have been stolen through fraudulent conduct and how the legal system is evolving to meet the challenge. Each scenario differs in method – whether by deception, extortion, code manipulation, or identity theft – but all underscore that while the technology is new, the law’s ultimate task remains age-old: tracing “what has become of the property” and providing justice for those defrauded.
