The Cyber Sleuth: How an IRS Agent Took Down Crypto Criminals and Rescued Children

This is part 7 of my series on Who Is Government?: The Untold Story of Public Service by Michael Lewis.

Picture this. It’s early morning in Hamburg, New York. A guy named Jarod Koopman is teaching Brazilian jiu-jitsu. He weighs 180 pounds and he just pinned a 280-pound student to the floor without breaking much of a sweat. Then he changes clothes, drives to an office, sits down at a computer, and spends the day hunting terrorists and child predators through cryptocurrency.

That’s who Jarod Koopman is. And here’s the thing: most people have no idea he exists, because he works for the IRS.

The Most Underrated Agency in America

The IRS has a PR problem. The agency’s own commissioner once opened a public presentation with a Simpsons clip where Homer leans out a taxi window and boos at the IRS building. That’s the vibe. People hate the IRS. Politicians use it as a punching bag. Fox News called IRS criminal agents threats who could “hunt down and kill middle-class taxpayers.” Lauren Boebert called them armed robbers. Congress literally passed a bill capping how many bullets the IRS can buy.

But here’s what’s actually happening inside that agency. A small cybercrime unit, started by Koopman with about three people and a coffeemaker they had to buy out of pocket (it wasn’t on the approved procurement list), has:

• Rescued 23 children from ongoing sexual abuse
• Seized a quarter-million child abuse videos
• Arrested 370 alleged pedophiles
• Made the largest-ever seizure of cryptocurrency headed to Hamas, al-Qaeda, and ISIS
• Sent the CEO of the world’s biggest crypto exchange to prison
• Returned more than $12 billion to crime victims and the U.S. Treasury

All while being chronically underfunded, understaffed, and publicly mocked.

How a Lacrosse Player Became a Crypto Crime Fighter

Koopman grew up in New York’s Finger Lakes region, played lacrosse at Nazareth University, majored in accounting, and had zero plans to become one of the most effective cybercrime investigators in the world. He found his way into the IRS because a fellow student came back from an internship saying she’d just helped execute a warrant on a drug dealer. Koopman’s reaction: “Wait, the IRS does that?”

His early cases were white-collar fraud. He’d sit across tables from elderly people who had lost their retirement savings to con artists. That stuck with him. “You want to get the person responsible for that,” he says. And he did. He rose fast, from field agent to supervisor to running a whole unit, all while insisting he never wanted to go into management. Classic cop thing: loves the work, ends up running the shop.

The Bitcoin Bet Nobody Expected to Win

Around 2012, Koopman and a young agent named Chris Janczewski started talking about this strange new thing called bitcoin. They heard about it on a Joe Rogan podcast, of all places. They bought some with their own money just to understand how it worked. Bitcoin was $40 a coin. (It’s now around $57,000. Koopman’s response: “Should’ve kept it.”)

But here’s the problem everyone missed at the time: people thought bitcoin was untraceable. The whole pitch was anonymity. You could move money anywhere without governments or banks seeing it.

What they got wrong is that every single bitcoin transaction is recorded permanently on a public ledger called the blockchain. Nothing gets deleted. Nothing gets revised. So if you could just figure out who owned a particular wallet address, you’d have a paper trail so solid you could build a prison out of it.

That’s exactly what Koopman’s team learned to do.

The Dread Pirate and the Gmail Address

So here’s what happened with Silk Road, the dark web drug marketplace. For two years, federal agencies including the DEA and FBI had been chasing its creator, who called himself “Dread Pirate Roberts” after the character in The Princess Bride. The DEA was going undercover as cartel bosses. The FBI was tracing drug buyers across the country.

One of Koopman’s agents, Gary Alford, just Googled it.

His insight was simple. Before Silk Road was a billion-dollar criminal enterprise, its creator was just some guy excited about a cool new project. He hadn’t yet learned to be careful. Alford searched for the very first mentions of Silk Road online, dug through old drug forums and coding chat rooms, and found a username “Altoid” hyping the new marketplace and simultaneously asking for coding help of exactly the kind you’d need to run it. Altoid had posted an email address on one thread, then went back and deleted it. But one commenter had already quoted it in their reply: [email protected].

Ross Ulbricht is now serving two life sentences plus 40 years. And because the blockchain is permanent, Koopman’s team kept finding more Silk Road money years after the arrest. One stash, recovered in 2021 from a circuit board hidden in a popcorn tin in a bathroom closet in Georgia, was worth $3.36 billion.

Oh, and then Koopman’s team also caught a DEA agent and a Secret Service agent who had been stealing from Silk Road while supposedly investigating it. That detail is wild enough that the FBI agent on the case compared it to a “Breaking Bad” episode where Hank turned out to be corrupt all along.

The Kids Who Needed Help Most

Koopman says the case that matters most to him started in a dingy apartment near Seoul in 2015. A man named Jong Woo Son set up a website called “Welcome to Video” on a server in his bedroom. It sold videos of children being sexually abused, some as young as six months old. Buyers paid in bitcoin or uploaded their own abuse material to trade.

Son made one mistake. He forgot to hide his server’s IP address in the page source code. An agent right-clicked on the homepage, selected “view source,” and there it was.

Koopman’s team worked around the clock. His own kids were the same age as some of the victims in those videos. When they finally made the arrest in Seoul, Janczewski flew there and sat in a car outside the apartment, remotely coaching Korean police on how to secure the computer evidence, because South Korean law didn’t let him go in.

The result: 370 arrests, 23 children rescued, a quarter-million videos seized. Two of those 370 arrested turned out to be Homeland Security officers. Another was an assistant principal at an Atlanta high school.

Rickrolling Terrorists

Here’s a story that’s both impressive and genuinely funny. Hamas’s military wing tweeted their bitcoin wallet address asking people to donate to “the Palestinian Resistance.” They literally posted it publicly on X.

Koopman’s team used that to trace the network, identify linked accounts, and then quietly take over al-Qassam’s websites and donation buttons. They did the same for ISIS and al-Qaeda fundraising sites. For about a month, while the Justice Department prepared indictments, every dollar sent to those terrorist sites went directly to the U.S. Victims of State Sponsored Terrorism Fund instead.

And Janczewski, apparently unable to fully resist, set it up so that anyone who clicked the Hamas logo got redirected to Rick Astley’s “Never Gonna Give You Up.”

Terrorists getting rickrolled while their crypto funds U.S. crime victims. That’s a thing that actually happened, and the IRS did it.

Taking Down Binance

The biggest case came when Koopman’s team found evidence that Binance, then handling $65 billion a day in U.S. transactions, was letting terrorists, ransomware gangs, North Korean state hackers, and sanctions-busting entities from Iran, Syria, and Russia use its platform freely. All Binance needed to open an account was an email address.

The investigation took five and a half years. The lead agent, Adam Rutkowski, had a computer science background and basically gave up his retirement timeline to finish it. The team filed the financial equivalent of search warrants on Google and Amazon Web Services, collected massive amounts of transaction data, traced IP addresses, and dug through internal company chats. One compliance executive wrote: “Is washing drug money too hard these days, come to Binance we got cake for you.”

The CEO, Changpeng Zhao, eventually chose to plead guilty rather than spend his life unable to leave Dubai. He got four months in a California federal prison, paid a $50 million fine, and stepped down. Binance paid $4.3 billion, one of the biggest criminal settlements in history, and turned over records that will generate hundreds more prosecutions.

The Part That Should Bother You

Koopman’s agents cap out at about $130,000 a year. People with their skills in the private sector make three or four times that. Janczewski, who helped crack Silk Road and fly to Seoul to arrest a child abuse ring operator, left to work for a blockchain analytics firm. When he asked for permission to buy a day pass to an airline lounge after a grueling case in Thailand, he was denied.

Koopman has never considered leaving. “It’s not about that,” he says. “It’s about the mission.” In private sector work, his skills protect one company. At the IRS, he protects everyone.

At a 500-person cybersecurity conference in DC, the organizer asked for a show of hands: who here knows the IRS is involved in cybercrime? About 10 people raised their hands.

That’s the gap this chapter is trying to close. And that’s why it matters.

Book: Who Is Government?: The Untold Story of Public Service by Michael Lewis | ISBN: 9798217047802

Previous: The Number - Consumer Price Index | Next: The Equalizer - Pamela Wright