FBI traces and grabs back $150 million theft that was turned into bitcoins

FBI traces and grabs back $150 million theft that was turned into bitcoins

On December 1, 2021, the Tokyo police arrested an employee of Sony Life Insurance on suspicion of fraudulently obtaining 17 billion yen through an illegal money transfer from an overseas unit.

On the same day 3,879 bitcoins, worth about $150 million, were seized by law enforcement, and on the December 20 the US government took action in federal court to return it back to Sony.

The theft

The funds were embezzled by Sony employee Rei Ishii, who pretending to conduct a legal fund transfer in May 2021. He allegedly transferred the money from SA Reinsurance Ltd’s bank account to a different bank account overseas, by falsifying transaction instructions, which caused the funds to be transferred to an account that Ishii controlled at a bank in La Jolla, California. He then quickly converted the funds to bitcoins, as criminals do.

Although Sony had a double authentication process set up for international money transfers, requiring both Ishii and his supervisor to sign them off, Ishii is said to have instructed the company’s bank to change the contact email address for his boss, which enabled him to initiate and sign-off money transfers.

Sony Life Insurance discovered the unapproved money transfer in August, and US law enforcement were able to trace the bitcoin transfers to a specific Bitcoin address, and then to an offline cryptocurrency cold wallet.

The recovery

The FBI—in cooperation with Japan’s National Police Agency, the Tokyo Metropolitan Police Department, Tokyo District Public Prosecutors Office, the Japan Prosecutors unit on Emerging Crimes (JPEC), and with assistance from Sony and Citibank—then obtained the private key needed to control the Bitcoin address. This allowed them to recover all the bitcoins that could be traced back to the theft.

An FBI press release on the matter spells out how long the long arm of the law is when agencies in different countries cooperate:

Second, the FBI’s footprint internationally through our Legal Attaché offices and the pre-existing relationships we have established in foreign countries—in this instance with Japan—enabled law enforcement to coordinate and identify the subject. The FBI’s technical expertise was able to trace the money to the subject’s crypto wallet and seize those funds … Criminals should take note: You cannot rely on cryptocurrency to hide your ill-gotten gains from law enforcement.

The end?

The FBI intends to return the stolen funds to the victim, and Ishii has been charged in Japan. However, the FBI continues to investigate the crime. The Major Frauds and Public Corruption Section and Asset Recovery Section of the US Attorney’s Office for the Southern District of California is handling the proceedings, with significant assistance from the Department of Justice Criminal Division’s Money Laundering and Asset Recovery Section and Computer Crime and Intellectual Property Section.


Pieter Arntz

Malware Intelligence Researcher

Was a Microsoft MVP in consumer security for 12 years running. Can speak four languages. Smells of rich mahogany and leather-bound books.