Australian police crack coded wallet, seize $5.9M in crypto

Australian police crack coded wallet, seize $5.9M in crypto

Australian police say they have cracked a coded cryptocurrency wallet backup containing AU$9 million (about US$5.9m), after an AFP data scientist deciphered a manipulated numerical sequence found on a suspect’s phone.

In remarks at the National Press Club, AFP Commissioner Krissy Barrett called it “miraculous work” and praised the analyst now known internally as a “crypto safe cracker.” The Australian police crack coded crypto wallet case centers on a 24-word seed phrase concealed behind altered number strings.

What we know: Australian police crack coded crypto wallet

During a search, AFP digital forensics found password-protected notes and an image with random words and numbers divided into six groups, with over 50 variations. Investigators suspected a link to a crypto wallet, but the alleged offender refused to provide access an offense in Australia that can carry up to 10 years’ imprisonment.

A data scientist reviewing the strings noticed they “felt wrong,” theorizing a human had added a leading digit to some sequences. By removing the first number from each group, the sequence decoded into a valid 24-word recovery seed opening a wallet with AU$9 million.

How the decoding worked

The AFP account suggests the suspect attempted a “booby prize” by front-loading digits to obfuscate the order. The solution strip the first digit in each sequence—converted the numbers to the correct indices for the BIP-39 wordlist (seed phrase), according to the speech. Public reports from independent outlets describe the same method and value restrained. Australian Federal Police+1

Seizure and next steps

The crypto has been restrained by the Criminal Assets Confiscation Taskforce (CACT). If a court orders confiscation, the funds will be transferred to a Commonwealth account and redistributed for crime prevention by the Home Affairs Minister, per AFP. The Commissioner also noted the same analyst recently recovered >AU$3 million in a separate case using a different technique.

Timeline: Australian police crack coded crypto wallet

• Search & discovery
  Phone notes and an image with multi-group number strings found.

• Forensic review
  Team suspects a wallet connection; suspect withholds keys.

• Analyst breakthrough
  Remove the first digit of each group → 24-word seed.

• Access & restraint
  Wallet opens; AU$9m restrained by CACT pending court.

Context & Analysis

 The case underscores a recurring theme in crypto forensics: human patterns can betray attempts at obfuscation. While automated tools hunt for algorithmic structure, small “human” tweaks like prepending digits can stand out to an experienced analyst. The AFP’s account also connects this recovery with broader Operation Kraken-era actions targeting encrypted criminal infrastructure and asset restraint in Australia.

Conclusion

The AFP’s disclosure shows how skilled investigation and human intuition can break through attempts at hiding assets behind “security through obscurity.” Careful forensic work exposed what complex concealment could not fully protect.

The seized AU$9 million is now being handled under Australia’s proceeds-of-crime framework. Courts will determine whether the funds are confiscated and later redirected to programs that support crime prevention and community safety.

FAQs

Q : What did the AFP actually do?

A : They decoded a manipulated number sequence into a 24-word seed phrase and accessed a crypto wallet holding AU$9 million, then restrained the funds through the Criminal Assets Confiscation Taskforce (CACT).

Q : Who is the “crypto safe cracker”?

A : An unnamed AFP data scientist credited by the Commissioner for the breakthrough.

Q : How were the numbers decoded?

A : By removing the first digit of each sequence, which revealed the correct indices for the 24-word seed phrase.

Q : Is the money confiscated?

A : Not yet. The funds are restrained; a court must order confiscation before any redistribution to crime-prevention programs.

Q : What crimes are alleged?

A : The suspect allegedly stockpiled crypto by selling a “tech-type product” to alleged criminals, though no conviction is mentioned in the AFP report.

Q : Has this happened before at the AFP?

A : Yes. The same analyst reportedly recovered more than AU$3 million in a separate case using different forensic techniques.

Q : Why is the case significant for crypto security?

A : It demonstrates that human-made obfuscation can be detected and reversed, highlighting the importance of disciplined seed-phrase handling and expert crypto forensics.

Facts 

• Event
  AFP data scientist decodes manipulated numeric sequences to recover a 24-word seed phrase; AU$9m crypto wallet opened and restrained

• Date/Time
  2025-10-31T12:00:00+05:00

• Entities
  Australian Federal Police (AFP); Criminal Assets Confiscation Taskforce (CACT); Commissioner Krissy Barrett; Home Affairs Minister Tony Burke

• Figures
  AU$9 million (~US$5.9m) restrained; prior recovery >AU$3m (separate case)

• Quotes
  “Crypto safe cracker” and “miraculous work” Krissy Barrett, AFP Commissioner

• Sources
  AFP National Press Club address https://www.afp.gov.au/news-centre/speech/national-press-club-address-afp-commissioner-krissy-barrett ; Decrypt  https://decrypt.co/346755/australian-police-use-crypto-safe-cracker-to-access-6m-stash