Even if malware is a fact of the modern digital world, and cryptocurrencies often a target of them, how we deal with those attacks is an important detail. Warith Al Maawali, who we\u2019ve previously reported on, lost $70,000 when his Coinomi wallet was drained of its funds. Now questions are being asked of it It happened the way he alleged it did. When we previously reported on the story, Al Maawali claimed a flaw in Coinomi\u2019s desktop wallet, which caused it to use Google\u2019s spellcheck API on the text of a seed phrase, allowed hackers to access his wallet and steal his funds. As a result, he blamed Coinomi for the loss, and demanded they make him whole. Now Coinomi, after enduring months of online attacks from Al Maawali, have hired the blockchain forensics firm CipherBlade to investigate what really happened. Although they admit to having been paid by Coinomi, they appear to have conducted a firmly independent and convincing investigation of what happened. The idea that the victim lost his funds because of a spell checker doesn\u2019t check out, they write. Analyzing the hackers wallet, if it was a result of someone gaining access to the Google API data, it should demonstrate a number of victims falling prey to the scam all at once. Instead, they found the hacker wallet receiving funds over a long period of time, dating back to October 2018, two months before Coinomi\u2019s desktop wallet launched. They also pointed to Al Maawali\u2019s story as part of their case. He claimed to have copy-pasted his seed phrase into the wallet. Malware exists to capture copy-pasted information from computers, and one could have easily recognized a seed phrase to then use to capture his funds. Their conclusion then, with the limited access they have to the evidence, is that it\u2019s much more likely Al Maawali fell victim to another type of malware, and played right into the hack. Frustrated that he lost his money, he blamed the wallet as the most visible reason, to him atleast, of what could have gone wrong. That\u2019s not the best approach to take, CipherBlade notes. Regardless of where you live, and how hip your local law enforcement might be, they recommend contacting your local police should you ever fall victim to a crypto scam. They write: \u201cNot only are many kinds of data easily obtained by law enforcement, but inaccessible to the average (or even the well-connected) citizen\u200a\u2014\u200aexchange account data being a prime example, as many major exchanges are happy to comply with legal requests, but are, in fact, prevented by regulations from giving out information without law enforcement contact.\u201d Not wanting to get too far ahead of themselves, they note they will work pro-bono for Al Maawali if he can prove he already contacted local police. Regardless of his case though, the morale of the story is clear and one that all cryptocurrency users should take note of. Just like with any other asset, if a thief takes your stuff, call the police before taking to Reddit.