Cybercrime/IT criminal law

In recent years, the field of "cybercrime" has established itself as a separate area in criminal law. Our specialist lawyers for criminal law have relevant experience in advising and representing injured companies and individuals related to cybercrime, as well as in defending them.

Criminal law advice and corporate representation of injured companies, criminal charges in the area of bitcoin, ether, cryptocurrency, internet currency, bitcoin exchanges and bitcoin wallets (wallet hacks)

Unlike many, we have our own relevant findings and prosecution experience in incidents and criminal investigations in Germany and abroad in the area of Bitcoin, cryptocurrency, Internet currency, Bitcoin exchanges and Bitcoin wallets. The goal is to recover suffered damages for the company through seizure and arrest.

We know from experience with German and foreign investigative authorities and anti-money laundering authorities about the particular difficulty of working up the subject matter (often for the investigators), making it understandable, locating perpetrators and transfers in the blockchain, and initiating appropriate criminal proceedings in Germany, but also worldwide. It is true that some federal states have specialized cybercrime investigators; nevertheless, the cases are usually highly complex. However, it is a particular challenge for the damaged companies to obtain relevant data and information for the investigations in the first place or to obtain corresponding judicial decisions in a timely manner (e.g., to obtain data from providers, etc.).

Immediate, professionally filed criminal charges by criminal law practitioners and vigorously conducted and accompanied criminal proceedings at home and abroad are so important because prosecutors have the possibility to arrest localized Bitcoins/Cryptocurrencies/Internet currency at perpetrators or other recipients - often abroad - despite the use of "mixers" (arrest, seizure) and thus to secure for the damaged company (recovery assistance). Such matters are technically highly complex and difficult, so that we cooperate with internationally leading and recognized specialists and (private) investigators, for example in the field of bitcoin tracing, if required and requested. The goal is an immediate, legally secure and judicially usable clarification of the facts for the investigating authorities. Our task here is above all also to act as a professional communication interface in criminal law with the national and international criminal investigation authorities and anti-money laundering authorities and to enable and accelerate the recovery to be initiated.

So far, our specialist lawyers for criminal law have been able to gain experience with relevant investigative proceedings and investigative authorities in the field of cybercrime in many European countries (e.g. Great Britain, Belgium, Finland, Sweden, Hungary, Lithuania), but also, for example, China, Hong Kong, various countries in Asia or Indonesia (Philippines, Vietnam) and the USA.


Cybercrime in the broader sense refers to all criminal acts committed in connection with or using IT technology or the Internet or other networks, such as the darknet, or directed against these systems. In a narrower sense, the term cybercrime only refers to crimes that are directed against the Internet or IT structures and data networks, such as networks of public institutions or companies.

The term cybercrime in the broader sense accordingly includes:

  • Fraud and computer fraud, §§ 263, 263a StGB
  • .

  • Falsification of data relevant to evidence, § 269 StGB
  • .

  • Data integrity and data theft, §§ 202a - 202d StGB
  • Data alteration and computer sabotage, §§ 303a, 303b StGB
  • Hate crime on the Internet, which can range from insult (§§ 185 ff. StGB) to threat (§ 241 StGB) to incitement of the people (§ 130 StGB)
  • .

On the one hand, therefore, "classic" crimes, especially in the area of fraud, are shifting to the Internet. On the other hand, there is now a large number of malware programs with which IT structures of companies, public institutions but also private individuals can be targeted. The aim is also usually to extort money from those affected or to gain other economic advantages, e.g. in the case of hacker attacks on Bitcoin exchanges or Bitcoin wallets. In some cases, crimes in this area are also politically motivated, e.g., when public institutions are specifically attacked.

The forms of commission and malware occurring in connection with cybercrime include in particular:

  • Phishing and pharming.
    In so-called "phishing", passwords are usually tapped from the user. To do this, users are usually requested by e-mail to enter private data such as access data, account number, PIN or TAN. Alternatively, the computer of the affected person can also be infected by a Trojan, for example by pressing a link.
  • .

  • Skimming.
    "Skimming" refers to the spying of information stored on electronic payment cards and the access data (PIN). Based on this data, cards can be counterfeited and ultimately misused.
  • Ransomware.
    The term ransomware is composed of "ransom" and "malware" and describes a malicious program that prevents the use of data or the entire computer system of the affected person. The victim then receives a request to pay money in order to avert (further) damage. The ransom is regularly paid in cryptocurrencies (e.g. Bitcoins or Ethereum). The affected parties are often given only a short window of a few hours, otherwise there is a threat of permanent data loss.
  • Denial of Service (DoS) and Distributed Denial of Service (DDoS)
    Denial-of-service (DoS) and distributed denial-of-service (DDoS) describes an attack on a network by overloading it. With the help of a large number of simultaneous requests or accesses to a website or a system, this is overloaded. As a result, a website is no longer accessible and a system can no longer be used. This form of attack is also used partly for acts of extortion, but also partly to commit other crimes from the field of cybercrime during the attack, such as the installation of another malware.
  • .

  • Bitcoin mining.
    Bitcoins are now the most well-known cryptocurrency. It is a virtual currency that can be used worldwide without the involvement of a bank. The "coins" are limited to a certain number, but this must be created digitally first, the so-called "mining". Mining requires special hardware and regularly incurs such high electricity costs that it is not financially viable. Therefore, this is accessed with the help of malicious software on foreign computers and so their computing power tapped.
  • .

According to a 2017 study by the digital association Bitkom, more than half of companies in Germany (53%) have already fallen victim to industrial espionage, sabotage or data theft in the past two years. The number of unreported cybercrime cases is probably high. Attacks by malware are either not noticed or those affected, including companies, make the required payment in order to quickly obtain the release of the IT systems.

Current information on the security situation in the area of cybercrime can be found on the website of the German Federal Office for Information Security (BSl) at:

If you or your company have been the victim of a cybercrime attack, it is worthwhile to consult a lawyer specializing in criminal law at an early stage. We will be happy to advise you in the event of an attack and work for you with the specialized contacts at the authorities (often: state criminal investigation offices). We will also advise you on how to proceed, in particular on any criminal charges to be filed immediately. Due to the increasing frequency, it is also advisable to take preventive action. We support you in drawing up emergency plans and instructions in the event of a cybercrime attack. All of this serves to clarify the facts of the case and the perpetrators quickly and in a legally sound manner, and ultimately also to enforce claims for damages against perpetrators and third parties.