Cryptocurrency Disputes: Theft and Hacks of Digital Wallets
The cryptocurrency market is growing rapidly, but this expansion is accompanied by a significant increase in disputes involving theft and hacking of digital wallets. In Switzerland, a jurisdiction recognised for its favourable regulatory framework for digital assets, these disputes represent a major challenge for crypto-asset holders. Our law firm assists victims in recovering their digital assets and defending their interests, drawing on the specifics of Swiss law and its application to blockchain technologies.
Types of Attacks and Swiss Criminal Qualifications
The following table presents the main methods of cryptocurrency theft and their characterisation under Swiss law:
| Type of attack | Description | Criminal classification (SCC) | Possible civil liability |
|---|---|---|---|
| Phishing / fake exchange site | Imitation of a legitimate service to steal private keys or credentials | Art. 146 SCC (fraud), art. 143 SCC | Perpetrator; exchange if negligent notification |
| SIM swapping | Takeover of phone number to bypass 2FA | Art. 146 SCC, art. 143bis SCC | Perpetrator + telephone operator (art. 41 CO) |
| Exchange hack (server breach) | Exploitation of platform vulnerabilities to access hot wallets | Art. 143bis SCC, art. 144bis SCC | Exchange (art. 97 CO — security failure) |
| Malware / keylogger | Malicious software intercepting private keys or seed phrases | Art. 143 SCC, art. 144bis SCC | Identified perpetrator |
| Smart contract exploit | Exploitation of flaws in DeFi smart contract code | Art. 143bis SCC depending on circumstances | Developers / auditors (professional liability) |
| Insider theft | Misappropriation by an employee or administrator with key access | Art. 138 SCC (breach of trust), art. 158 SCC | Employer (art. 55 CO) + perpetrator |
Swiss Legal Framework Applicable to Cryptocurrency Theft
Swiss law offers a particularly favourable environment for handling cryptocurrency litigation. For theft and hacking cases, Swiss criminal law applies fully:
- Art. 143 SCC: data theft (custodial sentence of up to 5 years)
- Art. 143bis SCC: unauthorised access to a computer system
- Art. 144bis SCC: data damage
- Art. 146 SCC: fraud (if cunning deception)
On the civil side, the Code of Obligations allows contractual liability of service providers (art. 97 CO) to be engaged in case of breach of their security obligations, as well as tortious liability (art. 41 CO) against identified attackers.
Strategies for Recovering Stolen Assets
Recovery of stolen cryptocurrencies requires rapid action combining technical analysis and legal measures:
Blockchain Transaction Tracing
The transparent nature of many blockchains allows the path of stolen assets to be tracked using specialised forensic analysis tools (Chainalysis, Elliptic, etc.). This traceability is a major asset in legal proceedings. When stolen cryptocurrencies pass through centralised exchange platforms subject to KYC regulations, identification of perpetrators becomes possible.
Provisional Measures and Asset Attachment
Swiss law allows rapid measures to freeze identified digital assets:
- Criminal seizure (art. 263 CPC): blocking of assets as soon as a criminal investigation is opened
- Super-provisional measures (art. 261 ff CPC): emergency ruling without prior hearing of the opposing party
- Blocking request addressed directly to exchanges identified as recipients
- Notification to authorities: MROS (Money Laundering Reporting Office Switzerland), fedpol, cantonal cybercrime units
Liability of Exchanges and Service Providers
Exchange platforms operating in Switzerland under FINMA regulation are required to meet high cybersecurity standards. Their liability may be engaged on several grounds:
- Contractual liability (art. 97 ff CO): breach of diligence and security obligations under the general terms and conditions
- Tortious liability (art. 41 CO): negligence in implementing adequate security measures
- Liability for auxiliaries (art. 101 CO): failures attributable to staff or subcontractors
Frequently Asked Questions on Cryptocurrency Theft and Hacks in Switzerland
Which articles of the Swiss Criminal Code apply to cryptocurrency theft?
Several provisions apply depending on the facts: art. 143 SCC (data theft), art. 143bis SCC (unauthorised access to a computer system), art. 144bis SCC (data damage), art. 139 SCC (theft, if physical appropriation of a medium), art. 146 SCC (fraud, if deception). Swiss criminal law provides solid grounds, but the difficulty lies in identifying perpetrators who are often located abroad.
How do you prove ownership of stolen cryptocurrencies for legal proceedings?
Ownership is established by: the history of acquisition transactions (exchange statements, bank confirmations), possession of private keys (seed phrase, wallet files) before the theft, blockchain addresses associated with a KYC-verified account at an exchange. Blockchain forensic analysis can corroborate these elements. In cases of phishing theft, communications (emails, SMS) are essential additional evidence.
Can an exchange be held liable for a hack of a user account?
Yes, if the theft results from a security flaw in the platform (rather than imprudent behaviour by the user). Contractual liability (art. 97 CO) and tortious liability (art. 41 CO) may be engaged. FINMA-regulated Swiss exchanges are required to meet high security standards. A breach of these standards (insufficient authentication, lack of encryption, etc.) constitutes strong evidence.
Is it possible to recover stolen cryptocurrencies if they have been sent to a foreign exchange?
It is possible but complex. This requires: (1) blockchain analysis to identify the destination exchange, (2) international mutual legal assistance via CEEJ or MLAT conventions, (3) cooperation from the foreign exchange (easier if regulated: Coinbase, Kraken, etc.). Speed of action is critical: if funds are still on the exchange before being re-transferred, a freeze may be possible.
Is SIM swapping a criminal offence in Switzerland?
Yes. SIM swapping (fraudulent takeover of a phone number to bypass two-factor authentication) constitutes fraud (art. 146 SCC) or unauthorised access to a computer system (art. 143bis SCC). The telephone operator may also face civil liability (art. 41 CO) if it transferred the number without appropriate diligence.