We propose a taxonomy of cybercrime on the Ethereum blockchain and examine how cybercrime impacts victims’ risk-taking and returns. Our difference-in-differences analysis of a sample of victims and matched non-victims suggests that victims increase their long-term total risk-taking and earn lower risk-adjusted returns in the post-cybercrime period. Victims’ long-term total risk-taking increases because they increase diversifiable risk in the long term. The increased diversifiable risk correlates with victims’ withdrawal from altcoins after cybercrime. At the same time, the reduction in risk-adjusted returns correlates with increased trading activity and churn, due plausibly to managing cybercrime exposure. In the cross-section of Ethereum addresses, we show that the most-affluent victims take a systematic approach to restore their pre-cybercrime wealth level, while the least-affluent victims turn into gamblers. Finally, a parsimonious forensic model explains a good part of the addresses’ probability of being involved in cybercrime, both on the victim and the cybercriminal side.