Due Diligence on Rexxfield

So, you need a cryptocurrency investigator? How do you know who is legitimate? When choosing a partner for cryptocurrency investigations and asset recovery, thorough due diligence is essential. Rexxfield, a global leader in cyber and forensic investigations, and in specialising in blockchain technology we often receive questions about our capabilities, experience, and processes. To speed up this process, we’ve outlined key due diligence questions and our (typical) responses below.

Track Record in Cryptocurrency Investigations

Can Rexxfield recover stolen cryptocurrency?

Yes, and no. Rexxfield does have a proven record of accomplishment successful cryptocurrency investigation, but it is nowhere near as high as we want it to be. We have some public (and a few private) recovery success stories. Of our public ones, we have assisted in recovering over $2 million in stolen cryptocurrency, working across multiple jurisdictions. While most case details are confidential, we can reference these publicly confirmed cases (references below). We also have cases which have (so far) failed.

Some cases are almost impossible to get any sort of recovery (such as low loss cases, or crime nexus out of reach of law enforcement), but we rarely ever give up entirely on cases that we have accepted for investigation. We are constantly probing for new ways to get around roadblocks outside of our control (such as exchanges that will not cooperate, and the problem of law enforcement in the victim’s jurisdiction not accepting cases of financial crime involving cryptocurrency). The large majority (> 90%) of our cases are still works in progress, and so we do not yet know what an average success rate is (we will need at least years to determine that).

References:

• https://www.cryptopolitan.com/rexxfield-recovers-over-670000-btc-stolen/
• https://coinmarketcap.com/community/articles/6648b7e0db756b08486fa34f/
• https://rexxfield.com/case-study-successful-400000-usd-recovery-of-stolen-crypto-from-nigerian-scammers/
• https://www.linkedin.com/posts/michaelroberts777_case-study-successful-400000-usd-recovery-activity-7150467395806040065-eiT_

What is Rexxfield’s recovery rate and time frame?

The recovery rate and time frame depend on factors like the complexity of the laundering techniques and jurisdictional cooperation. There are too many factors to give a clear answer. That sounds like evasion, but consider these quite different scenarios:

Case 1

1. A romance scam started 24 months ago, and the victim transferred $300k over 12 months to investments that their ‘love interest’ had recommended. By the time they contact Rexxfield, they have lost $500k (after paying extra for fictitious taxes and AML compliance to the scammer). The victim contacts Rexxfield 8 months after they sent the last dollar, and the fake investment website and phones, email etc. are no longer active.
   • This case is ‘old’, and the elapsed time provided the scammers with plenty of time to launder the crypto through complex means,
   • They are well funded and well practiced ‘romance scammers’ who have minimized their mistakes,
   • The crime nexus is traced back to a location that has (at best) apathy to what is going on under their noses, or (at worst) partial government or local law enforcement protection,
   • Digital evidence has perished,
   • Although a significant loss, the case characteristics make it unattractive to law enforcement, and it becomes dead in the water.

Compare that to this case:

Case 2

1. A victim unknowingly activated a rogue smart contract that drained their software wallet,
2. $120k worth of various ERC20 tokens were drained and sent to an unidentified non-custodial wallet,
3. The victim contacts Rexxfield within 24 hours,
4. Rexxfield traces the crypto, places a 24hr watch of the destination non-custodial wallet,
5. In parallel, the victim engages Rexxfield to investigate (blockchain + OSINT),
6. Rexxfield works out crime nexus, locates other victims, and leverages law enforcement relationships in one or both of those locations. Rexxfield prepares an investigation,
7. After 2 or 3 days. Rexxfield detects the crypto moving, some of which goes to an exchange,
8. Rexxfield reaches out to the exchange, who places a temporary freeze on the account (so crypto can come in but not go out),
9. Rexxfield works with law enforcement, using Rexxfield’s investigation report (as a source of intelligence) to get a permanent freeze authorized by law enforcement (law enforcement direct to the exchange),
10. The investigation is advanced until a successful conclusion, with the victim knowing that their crypto is locked up tight and will be returned once the wheels of justice have concluded.

So it is clear that cases can have good and bad characteristics. But each case has many points of failure, and even ‘good’ cases can fail due to action/non action outside of our control. Some cases can be resolved within 3 months, but others we are still working on 2 years down the track.

Non-Crypto Cyber Crime

Non-crypto cases are usually easier to solve, here are some publicly available references to third party stories about various cyber crimes Rexxfield has had a role in (some ongoing, some completed):

• Rexxfield featured on Laura Whitemore Investigates. Here is the Youtube link for our segment only: https://youtu.be/MurX_qxPxlI
• We work a lot of Chinese Pig Butchering (Romance Scam) syndicates. Here is a 4-minute interview on BBC World News of Rexxfield’s founder, Michael Roberts: https://youtu.be/kZWH82ZvB5g
• The full 45-minute story on the Pig Butchering/Romance Scam that Rexxfield helped investigate: https://youtu.be/bW4wYV0V-5s
• Stalking case: This unlisted Youtube link has our segment only: https://youtu.be/MurX_qxPxlI
• Rexxfield helped “Brewdog” win against online troll: https://www.insider.co.uk/news/brewdog-boss-wins-case-against-28094583

---

Global Reach and Capabilities

How does Rexxfield address cross-border challenges?

With a global network of blockchain analysts, legal professionals, and law enforcement contacts, Rexxfield is equipped to tackle cross-border issues. We leverage advanced analytics and ever-expanding international partnerships to trace funds and pursue criminals even through jurisdictions resistant to enforcement or involving unregulated exchanges. As a private company, we are not restricted or bound by cross-border treaties (except in limited circumstances, such as sanctions). That means Rexxfield can make requests and make connections of key people unrestricted by bureaucracy, and public organization policy that has been designed for risk mitigation and not speedy justice.

---

Collaboration with Law Enforcement

What experience does Rexxfield have with law enforcement agencies?

Rexxfield collaborates regularly with law enforcement agencies across the globe, including the FBI (US), Europol, and Interpol, US-state law enforcement, federal law enforcement in many western countries, and a growing network of mission-orientated officers around the world (France, German, Serbia, UK, Australia, South East Asia, and West Africa to name some). By providing evidence packages that exceed expectations, we quickly build trust and prove our competence.

We also train law enforcement (who will have us) free of charge. Rexxfield has never charged law enforcement a dime for helping them. We help them improve their case clearance rates and increase their capabilities at the same time as helping the victim. This is good for the clients, and therefore good for our long-term business goals. Alignment of law enforcement goals, the client goals and our goals is like a rising tide raising all boats together.

Here are some examples of Rexxfield’s team working with law enforcement:

• https://www.linkedin.com/feed/update/urn:li:activity:7226950963834568705
• https://www.linkedin.com/feed/update/urn:li:activity:7129141768112984065
• https://www.linkedin.com/feed/update/urn:li:activity:7125174994690527233

Some of the Rexxfield team working for several months with the Nigerian EFCC.

---

Technology and Tools

What blockchain monitoring tools does Rexxfield use?

Rexxfield employs industry-leading blockchain forensic tools, and is an investigation partner of blockchain forensics leader Chainalysis, and we also proudly use many third party advanced investigative tools (alongside proprietary analytics). Some of these partners include:

• Maltego.com (and social links)
• Global.ledger
• Cube3.ai
• Intelx.io
• Pimeys.com
• IYE global.com
• Whoisxml
• Resecurity.com
• Osint.industries
• Predicta search

How does Rexxfield handle funds laundered through mixers?

Mixers like Tornado Cash pose challenges, but Rexxfield utilizes heuristic clustering, temporal analysis, and advanced tracing techniques to uncover patterns. Even when tracing stops due to mixing, we focus on identifying exit points—such as centralized exchanges or other endpoints—allowing us to reestablish the trail.

We cannot guarantee we can trace through mixes, but we can do so.

---

Legal Strategy for Asset Recovery

How does Rexxfield obtain freezing orders or enforce recovery?

It depends on the case. Refer to the earlier Case 1 and Case 2 examples and see the approach has significant differences. Generalizing, our process includes (some, not all of):

1. Engage with the victim to understand the crime and work to preserve evidence
2. Agree on an engagement agreement, deliverables, exclusions, and costs
3. Undertake a full investigation, gathering evidence and following leads
4. Sometimes we engage with the bad actors directly, or through the victim, to gather more evidence
5. If crypto is involved, we blockchain track and trace
6. We identify witnesses to the crime and can ghost-write subpoenas for data discovery
7. Work with stakeholders (victim, exchanges, banks, law enforcement etc) to prevent further laundering while the investigation is ongoing
8. We work with the stakeholders to determine the strategy for stopping the crime, bringing justice and restitution
   • Sometimes this is the criminal pathway,
   • At other times it is civil (which will involve the victim engaging lawyers as well).
9. Once law enforcement and/or lawyers are involved, we support their work (as a source, NEVER as an agent) throughout the subsequent process (at their discretion).

---

Conflict of Interest

Does Rexxfield work with entities that may present conflicts of interest?

No. Rexxfield does not represent cryptocurrency exchanges or entities that could create a conflict of interest. Our independence ensures unbiased service and full dedication to our clients’ goals.

We also do not use our tools and experience for ‘attacks’ on the third parties that we rely on for our investigations. Those relationships are too important for any one case outcome.

---

Reputation and References

Can Rexxfield provide references?

Absolutely. We can provide references from previous engagements and our partners. These references are available under confidentiality agreements to protect our clients’ privacy, and specific to your case type.

Please note that law enforcement can never recommend or endorse Rexxfield, but at conferences we attend together, they sometimes let endorsements slip out. One example:

“We relied heavily on the Rexxfield report in writing up our justification for why we wanted to open this case as your products made it very clear that there was significant ongoing criminal conduct targeting a victim in [location redacted]. Also to Rexxfield’s credit, the complex frauds unit at [location redacted] was eager to open based in part on your work.” – Active FBI Agent, 2023**.

** the FBI does not officially endorse Rexxfield or our products. Rexxfield is a source, not a law enforcement agent. This feedback is provided by an individual FBI field agent, and it does not necessarily represent the views or position of the FBI more broadly.

Are there any disputes involving Rexxfield?

At the time of writing, none before the courts in any country.

---

Cost Transparency

What is Rexxfield’s cost structure?

We provide clear, detailed pricing estimates that outline:

• We try and keep our base fees as low as possible (just to cover basic business expenses and salaries). Our base retainer for investigation work (such as blockchain and OSINT investigations, monitoring, tracing, social engineering and reporting),
• We use a step-wise approach to add costs as the services are needed, such as ghost-written subpoenas, and expert testimony,
• We usually charge recovery percentages for financial cases and success fees for achieving engagement objectives. This aligns our work with the goals of the client, and means we keep going like a ‘dog with a bone’ until success or all avenues are exhausted,
• Additional costs for third-party services through our partnerships, legal coordination, or travel (if necessary). Our commitment to transparency ensures clients are aware of all potential costs upfront, with no surprises during the investigation.

---

Conclusion: Why Rexxfield?

We highly recommend conducting thorough due diligence on Rexxfield. Many of our competitors are recovery scammers and impersonators, and so you can not be too careful. Conducting due diligence on Rexxfield means you will find our extensive experience, global capabilities, advanced technology, and dedication to transparency. Rexxfield has been in continuous operation since 2008 (verified on the Web Archive). You do not last that long unless you are doing a lot of things very well. For more information or to discuss how we can assist with your case, contact us today.

Whether you’re dealing with cryptocurrency theft, fraud, or asset tracing, Rexxfield is your trusted partner in achieving successful outcomes.

---