Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label KYC. Show all posts
Transak
cryptocurrency Data Breach KYC Ransomware Transak

Data Breach Exposes 93,000 Transak Users Due to Employee’s Device Misuse

 





Transak is an operation that enables users to buy cryptocurrencies using the Metamask, Binance, and Trust Wallet platforms. The company has just announced a data breach that exposed the names and identity documents of approximately 93,000 users. According to the company, the data breach happened through the misutilization of work equipment by the employee.


Facts of the Breach

The hack went through a company due to an abuse of work times by one of its employees through the use of his laptop for non-work purposes. In reality, it happened to be a malicious script run unknowingly by the employee. It gave cybercriminals access to one of the firm's third-party Know Your Customer (KYC) authentication services. It means that only 1.14% of users were affected, but even the leaked data contained sensitive personal documents like passports, ID cards, and selfies.

According to the Transak CEO, Sami Start, the leaked information was not about sensitive matters like social security numbers, bank statements, or emails. However, it's quite a serious concern in terms of privacy. The firm is terming this incident "mild to moderate" as no financial information was leaked.

 

Ransomware Group Claims Responsibility

The group behind the ransomware attack has now claimed responsibility for it and is trying to get a ransom out of Transak so that it does not publish any more of its data. It has already published parts of this stolen data online and says it has an even greater dataset, all up of over 300 GB in total, comprising sensitive personal documents, proof of address, financial statements, and so on. They have threatened to leak or sell the remaining data unless their threats are met.

However, despite the threat, Transak has not entered into negotiations with the attackers. Start averred that the company had reached out to affected customers and had also notified law enforcement agencies and relevant data regulators of the attack. He also believes that the ransomware group is inflating its report of data that they have obtained since only a subset of their KYC data was involved.


Cause and Impact

The vulnerability on the system of the KYC vendor is what hackers exploited after obtaining illegal access through the compromised employee's device, making the breach of data possible. This is an incident that brings out more sharply the risks involved when work equipment is misused or even failed to follow cybersecurity protocols. The affected employee was dismissed from the company afterward.

The CEO continued to say that the rest of the other systems were not affected within the system; the hackers had access only to this one KYC service. No other systems had been, nor would have been, compromised. Therefore, no information has leaked. Only a few rumours were spread that some other significant systems have been compromised.


Transak's Response

Transak is working with data regulators to manage the breach and is working on steps that will prevent this from happening again. The company assured its users also that there was no sensitive information stolen including one's password, credit card details, or a social security number. However, the exposure of their personal identification documents still poses risks for those affected users.

The aftermath of this incident has seen the company looking at various ways it can enhance its security measures to avoid such a breach from happening in the future. Even though the damage done is still under calculation, the response of Transak to the ransomware gang explicitly proves that latter has a stance on maintaining integrity despite the challenges posed to it by cyber-hoodlums.


The Transak data breach thus presents as a wake-up call to business by upholding proper cybersecurity in the management of work-related devices. With increased cyber-attacks on the crypto industry, businesses have to raise their mechanisms of protection for user data. Here, the hack demonstrated the possible risks that may be uncovered when security measures get badged by malicious actors.


Read more »
KYC
Artificial Intelligence Cryptourrency Cyber Security CyberCrime CyberThreat Cyberthreats Deepfakes KYC

AI Deepfakes Pose New Threats to Cryptocurrency KYC Compliance

 


ProKYC is a recently revealed artificial intelligence (AI)-powered deep fake tool that nefarious actors can use to circumvent high-level Know Your Customer (KYC) protocols on cryptocurrency exchanges, presenting as a very sophisticated method to circumvent high-level KYC protocols. A recent report from cybersecurity firm Cato Networks refers to this development as an indication that cybercriminals have stepped up their tactics to get ahead of law enforcement. 

It has been common practice for identity fraud to involve people buying forged documents on the dark web to commit the crime. There is a difference in approach, however, between ProKYC and another company. Fraudsters can use the tool in order to create entirely new identities, which they can use for fraud purposes. Cato Networks report that the AI tool is aimed at targeting crypto exchanges and financial institutions with the special purpose of exploiting them. 

When a new user registers with one of these organizations, they use technology to verify that he is who he claims to be. During this process, a government-issued identification document, such as a passport or driver's license, must be uploaded and matched with a live webcam image that is displayed on the screen. A design in ProKYC maximizes the ability of customers to bypass these checks by generating a fake identity, as well as a deepfakes video. Thereby, criminals are able to circumvent the facial recognition software, allowing them to commit fraud. 

As noted in the press release from Cato Networks, this method introduces a new level of sophistication to the crypto fraud industry. A Cato Networks report published on Oct. 9 reported that Etay Maor, the company's chief security strategist, believes that the new tool represents a significant step forward in terms of what cybercriminals are doing to get around two-factor authentication and KYC mechanisms. 

In the past, fraudsters were forced to buy counterfeit identification documents on the dark web, but with AI-based tools, they can create brand-new ID documents from scratch. This new tool was developed by Cato specifically for crypto exchanges and financial firms whose KYC protocols require matching photos of a new user's face to their government-issued identification documents, such as a passport or a driver's license taken from the webcam of their computers.  

Using the tool of ProKYC, we have been able to generate fake ID documents, as well as accompanying deepfake videos, in order to pass the facial recognition challenges used by some of the largest crypto exchanges around the world. The user creates an artificially intelligent generated face, and then adds that AI-generated profile picture to a template of a passport that is based on an Australian passport. 

The next step is the ProKYC tool, which uses artificial intelligence (AI) to create a fake video and image of the artificially generated person, which is used to bypass the KYC protocols on the Dubai-based crypto exchange Bybit, which is not in compliance with the Eurozone.  It has been reported recently by the cybersecurity company Cato Networks that a deepfake AI tool that can create fake fake accounts is being used by exchanges to evade KYC checks that are being conducted. 

There is a tool called ProKYC that can be downloaded for the price of 629 dollars a year and used by fraudsters to create fake identification documents and generate videos that look almost real. This package includes a camera, a virtual emulator, facial animations, fingerprints, and an image generation program that generates the documents that need to be verified. A recent report highlights the emergence of an advanced AI deepfake tool, custom-built to exploit financial companies’ KYC protocols. 

This tool, designed to circumvent biometric face checks and document cross-verification, has raised concerns by breaching security measures that were previously impenetrable, even by the most sophisticated AI systems. The deepfake, created with a tool known as ProKYC, was showcased in a blog post by Cato Networks. It demonstrates how AI can generate counterfeit ID documents capable of bypassing KYC verification at exchanges like Bybit. 

In one instance, the system accepted a fictitious name, a fraudulent document, and an artificially generated video, allowing the user to complete the platform’s verification process seamlessly. Despite the severity of this challenge, Cato Networks notes that certain methods can still detect these AI-generated identities. 

Techniques such as having human analysts scrutinize unusually high-quality images and videos or identifying inconsistencies in facial movements and image quality are potential safeguards. Legal Ramifications of Identity Fraud The legal consequences of identity fraud, particularly in the United States, are stringent. Penalties can reach up to 15 years in prison, along with substantial fines, depending on the crime's scope and gravity. With the rise of AI tools like ProKYC, combating identity fraud is becoming more difficult for law enforcement, raising the stakes for financial institutions. Rising Activity Among Scammers 

In addition to these developments, September saw a marked increase in deepfake AI activity among crypto scammers. Gen Digital, the parent company of Norton, Avast, and Avira, reported a spike in the use of deepfake videos to deceive investors into fraudulent cryptocurrency schemes. This uptick underscores the need for stronger security measures and regulatory oversight to protect the growing number of investors in the crypto sector. 

The advent of AI-powered tools such as ProKYC marks a new era in cyber fraud, particularly within the cryptocurrency industry. As cybercriminals increasingly leverage advanced technology to evade KYC protocols, financial institutions and exchanges must remain vigilant and proactive. Collaboration among cybersecurity firms, regulatory agencies, and technology developers will be critical to staying ahead of this evolving threat and ensuring robust defenses against identity fraud.
Read more »
synthetic ID fraud
AI tools Cyber Security Financial Loss Identity Fraud KYC SSN synthetic ID fraud

How Synthetic Identity Fraud is Draining Businesses


 

Synthetic identity fraud is quickly becoming one of the most complex forms of identity theft, posing a serious challenge to businesses, particularly those in the banking and finance sectors. Unlike traditional identity theft, where an entire identity is stolen, synthetic identity fraud involves combining real and fake information to create a new identity. Fraudsters often use real details such as Social Security Numbers (SSNs), especially those belonging to children or the elderly, which are less likely to be monitored. This blend of authentic and fabricated data makes it difficult for organisations to detect the fraud early, leading to financial losses.

What Is Synthetic Identity Fraud?

At its core, synthetic identity fraud is the creation of a fake identity using both real and made-up information. Criminals often use a legitimate SSN paired with a fake name, address, and date of birth to construct an identity that doesn’t belong to any actual person. Once this new identity is formed, fraudsters use it to apply for credit or loans, gradually building a credible financial profile. Over time, they increase their credit limit or take out large loans before disappearing, leaving businesses to shoulder the debt. This type of fraud is difficult to detect because there is no direct victim monitoring or reporting the crime.

How Does Synthetic Identity Fraud Work?

The process of synthetic identity fraud typically begins with criminals obtaining real SSNs, often through data breaches or the dark web. Fraudsters then combine this information with fake personal details to create a new identity. Although their first attempts at opening credit accounts may be rejected, these applications help establish a credit file for the fake identity. Over time, the fraudster builds credit by making small purchases and timely payments to gain trust. Eventually, they max out their credit lines and disappear, causing major financial damage to lenders and businesses.

Comparing Traditional VS Synthetic Identity Theft

The primary distinction between traditional and synthetic identity theft lies in how the identity is used. Traditional identity theft involves using someone’s complete identity to make unauthorised purchases or take out loans. Victims usually notice this quickly and report it, helping prevent further fraud. In contrast, synthetic identity theft is harder to detect because the identity is partly or entirely fabricated, and no real person is actively monitoring it. This gives fraudsters more time to cause substantial financial damage before the fraud is identified.

The Financial Impact of Synthetic Identity Theft

Synthetic identity fraud is costly. According to the Federal Reserve, businesses lose an average of $15,000 per case, and losses from this type of fraud are projected to reach $23 billion by 2030. Beyond direct financial losses, businesses also face operational costs related to investigating fraud, potential reputational damage, and legal or regulatory consequences if they fail to prevent such incidents. These widespread effects calls for stronger security measures.

How Can Synthetic Identity Fraud Be Detected?

While synthetic identity fraud is complex, there are several ways businesses can identify potential fraud. Monitoring for unusual account behaviours, such as perfect payment histories followed by large transactions or sudden credit line increases, is essential. Document verification processes, along with cross-checking identity details such as SSNs, can also help catch inconsistencies. Implementing biometric verification and using advanced analytics and AI-driven tools can further improve fraud detection. Collaborating with credit bureaus and educating employees and customers about potential fraud risks are other important steps companies can take to safeguard their operations.

Preventing Synthetic Identity Theft

Preventing synthetic identity theft requires a multi-layered approach. First, businesses should implement strong data security practices like encrypting sensitive information (e.g., Social Security Numbers) and using tokenization or anonymization to protect customer data. 

Identity verification processes must be enhanced with multi-factor authentication (MFA) and Know Your Customer (KYC) protocols, including biometrics such as facial recognition. This ensures only legitimate customers gain access.

Monitoring customer behaviour through machine learning and behavioural analytics is key. Real-time alerts for suspicious activity, such as sudden credit line increases, can help detect fraud early.

Businesses should also adopt data minimisation— collecting only necessary data—and enforce data retention policies to securely delete outdated information. Additionally, regular employee training on data security, phishing, and fraud prevention is crucial for minimising human error.

Conducting security audits and assessments helps detect vulnerabilities, ensuring compliance with data protection laws like GDPR or CCPA. Furthermore, guarding against insider threats through background checks and separation of duties adds an extra layer of protection.

When working with third-party vendors businesses should vet them carefully to ensure they meet stringent security standards, and include strict security measures in contracts.

Lastly, a strong incident response plan should be in place to quickly address breaches, investigate fraud, and comply with legal reporting requirements.


Synthetic identity fraud poses a serious challenge to businesses and industries, particularly those reliant on accurate identity verification. As criminals become more sophisticated, companies must adopt advanced security measures, including AI-driven fraud detection tools and stronger identity verification protocols, to stay ahead of the evolving threat. By doing so, they can mitigate financial losses and protect both their business and customers from this increasingly prevalent form of fraud.


Read more »
Scam
Android Users APK Files bank account cyber attack Financial Fraud KYC Scam

New APK Scam: Protect Your Bank Account from Fraudsters


 


Punjab and Sind Bank (PSB) recently issued a public notice alerting customers to a new scam involving fraudulent messages and malicious APK files. This scam threatens grave  financial losses if customers do not take proper precautions.

How the APK Scam Works

Step 1: Creating Panic with Fake Messages

Scammers initiate the fraud by sending text messages that mimic legitimate bank communications. These messages claim that recipients must update their Know Your Customer (KYC) information to avoid having their bank accounts blocked. The fraudulent messages create a sense of urgency, making recipients more likely to follow the instructions.

Kaushik Ray, Chief Operating Officer of Whizhack Technologies, explains that these messages exploit users' fears and desires, bypassing rational judgement. The goal is to trick recipients into downloading a malicious APK file, a common format for Android apps.

Step 2: Installing Malicious APK Files

Once recipients are convinced by the false narrative, they are instructed to download and install an APK file. These files often contain malware. Upon installation, the malware grants hackers access and control over the victim's mobile device.

Step 3: Executing Cyber Attacks

With control of the device, hackers can perform various malicious activities. These include installing a keylogger to capture sensitive information like banking credentials and passwords, launching ransomware attacks that lock the device until a ransom is paid, and accessing the clipboard to steal copied information such as account numbers.

How to Protect Yourself from APK Scams

To protect against these scams, PSB advises customers to take the following precautions:

1. Avoid Downloading Files from Unknown Sources: Only download apps from trusted sources like the Google Play Store.

2. Do Not Click on Suspicious Links: Be wary of links received in unsolicited messages, even if they appear to be from your bank.

3. Block and Report Suspicious Contacts: If you receive a suspicious message, block the sender and report it to your bank or relevant authorities.

4. Never Share Personal Information Online: Do not disclose personal or financial information to unverified sources.

Why APK Scams Target Android Users

Ray highlights that this scam primarily targets Android users because APK files are specific to Android devices. iOS devices, which use a different file format called IPA, generally have stricter controls against installing third-party apps, making them less vulnerable to this type of attack. However, iOS users should remain vigilant against phishing and other scams.

Real-Life Impacts of the APK Scam

Imagine receiving a message that your bank account will be frozen if you do not update your KYC information immediately. This could lead to panic about how you will pay for everyday expenses like groceries, school fees, or utility bills. Scammers exploit this fear to convince people to download the malicious APK file, giving them access to your device and your money.

Stay alert, verify the authenticity of messages, and protect your personal information to safeguard your financial assets.


Read more »
Singapore
Cyber Crime Cyber Safety CyberCriminal data security Data Stolen Data Theft Database Breach Hacker attack KYC Singapore

Cybercriminals Threaten Release of Stolen World-Check Database, Exposing Millions to Financial Risk

 

A financially motivated criminal hacking group, self-identified as GhostR, has claimed responsibility for the theft of a confidential database containing millions of records from the renowned World-Check screening database. The stolen data, totaling 5.3 million records, includes sensitive information used by companies for screening potential customers and assessing their links to sanctions and financial crime.
 
World-Check, a vital tool for conducting "know your customer" (KYC) checks, enables companies to identify high-risk individuals with potential ties to money laundering, government sanctions, or other illicit activities. The hackers disclosed that they obtained the data from a Singapore-based firm with access to the World-Check database, though the specific company remains unnamed. 

A portion of the stolen data encompasses individuals sanctioned as recently as this year. The compromised records include details of current and former government officials, diplomats, politically exposed persons (PEPs), individuals associated with organized crime, suspected terrorists, intelligence operatives, and even a European spyware vendor. These individuals are deemed high-risk for involvement in corruption, bribery, or other illicit activities. 

The stolen data comprises a wealth of sensitive information, including names, passport numbers, Social Security numbers, online cryptocurrency account identifiers, bank account numbers, and more. Such a breach poses significant risks, as it could potentially expose innocent individuals to unwarranted scrutiny and financial harm. 

Simon Henrick, a spokesperson for the London Stock Exchange Group (LSEG), which oversees World-Check, clarified that the breach did not originate from LSEG's systems but involved a third party's data set. While LSEG did not disclose the identity of the third-party company, they emphasized their commitment to collaborating with the affected party to safeguard data integrity and notify relevant authorities. 

Privately operated databases like World-Check are not immune to errors, raising concerns about the accuracy and fairness of their content. Past incidents, such as the 2016 leak of an older World-Check database, underscore the potential repercussions of erroneous data, including wrongful accusations and financial repercussions for innocent individuals. 

The breach highlights the critical need for enhanced cybersecurity measures and regulatory oversight to protect sensitive personal information and mitigate the risks associated with data breaches. As investigations into the incident continue, stakeholders must prioritize transparency, accountability, and proactive measures to prevent future breaches and safeguard consumer data privacy.
Read more »
Technology
Biometric Security Data Privacy Facial Recognition KYC Technology

Is Facial Biometrics the Future of Digital Security?

 



Within the dynamic sphere of digital technology, businesses are continually seeking innovative solutions to streamline operations and step up their security measures. One such innovation that has garnered widespread attention is facial biometrics, a cutting-edge technology encompassing face recognition and liveness detection. This technology, now available through platforms like Auth0 marketplace, is revolutionising digital processes and significantly enhancing security protocols.

What's Facial Biometrics?

Facial biometrics operates by analysing unique facial features to verify an individual's identity. Through face recognition, it compares facial characteristics from a provided image with stored templates for authentication purposes. Similarly, face liveness detection distinguishes live human faces from static images or videos, ensuring the authenticity of user interactions. This highlights the technology's versatility, applicable across various domains ranging from smartphone security to border control measures.

Streamlining Digital Processes

One of the key benefits of facial biometrics is its ability to streamline digital processes, starting with digital onboarding procedures. For instance, banks can expedite the verification process for new customers by comparing a selfie with their provided identification documents, ensuring compliance with regulatory requirements such as Know Your Customer (KYC) norms. Moreover, facial biometrics eliminates the need for complex passwords, offering users a secure and user-friendly authentication method. This streamlined approach not only strengthens security but also improves the overall user experience.

A Step-Up In The Security Measures

Beyond simplifying processes, facial biometrics adds an additional layer of security to business operations. By verifying user identities at critical junctures, such as transaction confirmations, businesses can thwart unauthorised access attempts by fraudsters. This proactive stance against potential threats not only safeguards sensitive information but also mitigates financial risks associated with fraudulent activities.

Embracing the Future

As facial biometrics continues to gain momentum, businesses are presented with an array of opportunities to bolster security measures and upgrade user experiences. Organisations can not only mitigate risks but also explore new possibilities for growth in the digital age. With a focus on simplicity, security, and user-centric design, facial biometrics promises to redefine the future of digital authentication and identity verification.

All in all, facial biometrics represents an impactful milestone in the realm of digital security and user convenience. By embracing this technology, businesses can achieve a delicate balance between efficiency and security, staying ahead of unprecedented threats posed by AI bots and malicious actors. However, it is imperative to implement facial biometrics in a manner that prioritises user privacy and data protection. As businesses work out the digital transformation journey, platforms like Auth0 marketplace offer comprehensive solutions tailored to diverse needs, ensuring a seamless integration of facial biometrics into existing frameworks.


Read more »
KYC
Blockchain Crypto Chain cryptocurrency Cyber Attacks CyberCrime Cybersecurity Illicit Funds KYC

Rising Tide of Illicit Funds: $4 Billion Washed Through Cross-Chain Crypto

 


Criminals in the cryptocurrency world use blockchain technology as one of the main means to launder money since it allows them to send digital assets across blockchain networks without being traceable or frozen by a centralized service. They do this with the help of so-called cross-chain bridges, and the dollar amount involved is getting larger and larger every year. 

Elliptic, a blockchain analytics firm specializing in blockchain monitoring and analysis, has conducted a comprehensive analysis of a few cross-chain bridges, including RenBridge, to determine how much bitcoin has been laundered each year since 2020, according to new research. 

There are several types of cross-chain crime, but the most obvious one is the swapping of crypto assets between different tokens or blockchains without any legitimate purpose - often in quick succession and frequently for the sole purpose of concealing their criminal origins. 

There is a growing trend, popularly referred to as "chain-hopping" or "asset-hopping", to launder crypto assets across different chains to minimize the risk of theft or loss. This was revealed in a recent report published by blockchain industry surveillance firm Elliptic, which found that $7 billion of "illicit or high-risk funds" have been laundered using decentralized exchanges (DEXs), cross-chain bridges, and non-KYC exchanges that do not require customer identification. 

In July this year, Elliptic had already reached the staggering $6.5 billion mark in terms of such activities, surpassing a prediction made last year that it would reach that sum by the end of 2023. According to the report, several illicit activities are becoming more complex as criminals take advantage of the growing complexity of cross-chain transfers, including derivative trading and limited orders on market exchanges, to conceal their money laundering activities. 

A report released by the United Nations said that approximately $2.7 billion worth of funds were laundered in these manners over one year, from July 2022 to July 2023. There are several different estimates made by Elliptic analysts of the amount of money that will be laundered through DEXs, bridges, and coin swaps by the end of the year 2023. 

By the end of 2025, the amount that will be laundered through DEXs, bridges, and coin swaps will be $10.5 billion. A mere $4.1 billion was laundered through these platforms at the time, with the amount of illicit assets just over $1.4 billion. 

Despite this, Elliptic's estimate to reach $7 billion has been exceeded, and as a result, the current figure will surpass it. In addition to the $2.7 billion laundered through cross-chain and cross-asset services, the company discovered that over the period July 2022 to July 2023, an additional $2.7 billion was laundered. 

The Lazarus Group was responsible for $900 million of the total amount of illicit funds laundered through cross-chain bridges, making it the largest source of all the funding laundered through cross-chains in the world. 

Elliptic has identified the Lazarus Group as one of the largest sources of illicit funds that are laundered across chains through cross-chain bridges, according to its data. Elliptic's data shows that cross-chain crime is the third most prevalent source of a variety of crimes and that it accounts for approximately one-seventh of the total amount of cross-chain crimes reported. 

The criminals have probably come up with more sophisticated cross-chain methods to obscure their laundering activities nowadays, such as derivative trading and limit orders. A series of cyberattacks have been linked to the Lazarus Group dating back to 2010 that have been suspected of being carried out by a group that has links to the North Korean government. 

Although the exact number of these groups remains a mystery, their impact on the world of crypto money laundering cannot be denied, largely due to the sheer size of their membership. The DEXs are peer-to-peer exchanges where cryptocurrency traders can directly exchange assets and information; cross-chain bridges are protocols used to allow crypto traders to transfer assets and information between different independent blockchain networks using cross-chain bridges. 

Coin swaps, on the other hand, refer to a tool that allows users to convert a pair of coins directly into a different exchange rate without having to open an account with each of them. According to a research report published by blockchain analytics firm Elliptic, several criminal organizations have laundered more than US$4 billion worth of illicit crypto gains using decentralized exchanges (DEX), cross-chain bridges, and coin swap services.
Read more »
VCRT
AML cryptocurrency Cyber Attacks Cyber Criminals FBI KYC Ransomware VCRT

Cryptocurrency Exchanges Linked to Ransomware

 


Nine cryptocurrency exchange websites have been taken down by the FBI and the Ukrainian police in a daring joint operation. Cybercriminals and ransomware gangs use these websites to launder money for cybercriminals. This is because these websites facilitate money laundering by criminals operating online. Ukrainian prosecutors' offices and the Virtual Currency Response Team were also involved in the operation. 

Several virtual currency exchange services were seized by the FBI on Monday. These services may have been used by cybercriminals to launder money obtained through ransomware hacks. As a result of a collaboration between the FBI's Detroit Field Office and Ukrainian police, the Detroit FBI field office seized virtual currency exchanges used by criminals for anonymous transactions, the United States Department of Justice has announced. 

There is a press release that states that the FBI also received support from the Virtual Currency Response Team (VCRT), the National Police of Ukraine, and the regional prosecutors as a result of the 'crypto exchanges' operation. 

  1. 24xbtc.com 
  2. 100btc.pro 
  3. pridechange.com 
  4. 101crypta.com 
  5. uxbtc.com 
  6. trust-exchange.org 
  7. bitcoin24.exchange 
  8. paybtc.pro 
  9. owl.gold 
These websites allow you to anonymously buy Bitcoin, Ether, and other cryptocurrencies. They offer Russian and English exchange services with few Know Your Customer (KYC) or Anti-Money Laundering (AML) restrictions. In addition to online forums dedicated to criminal activity, websites are also advertised. 

These exchange servers have been shut down, and their domain names have been taken over by US authorities. Several exchanges were accused of offering anonymous cryptocurrency exchange services to website visitors. These visitors included cybercriminals, scammers, and many other bad actors, offering these services anonymously to site visitors. 

The FBI has accused these crypto exchanges of being used by cyber criminals, including scammers, ransomware operators, and hackers, for laundering money. Additionally, the FBI stated that these exchanges did not have a license. This acted as support for criminal activities under US laws. 

Two servers were confiscated. These servers were located in different parts of the world including the US, Ukraine, and several European countries. Cybercriminals used the exchanges to launder money from illegal activities, and the authorities are using the seized infrastructure to identify and track down those hackers.

It should be noted that both the English and Russian-language exchanges that offered similar services and avoided money laundering were censured by the FBI for the lack of anti-money laundering measures and the collection of Customer knowledge information, or none at all. The FBI claims that these sorts of unlicensed, rogue exchanges are one of the most critical hubs of the cybercrime ecosystem. 

Users have been able to convert their cryptocurrency into coins that are more difficult to track down on websites that have been seized anonymously. Hackers disguised the source of the money they stole and avoided detection by law enforcement agencies.

There is a lot of variety on these sites. Users can get live help and instructions in both Russian and English covering a wide range of cybercrime communities. 

The FBI's announcement indicates that noncompliant virtual currency exchanges that operate in violation of the United States Code, Sections 1960 and 1956, act as hubs for cybercrime. They have lax anti-money laundering programs and collect little information about their customers. These exchanges are significant cybercrime centers.

A search was conducted at the home of former FTX executive Ryan Salame early this month. This was part of the FBI's investigation into Salame's role as an advisor to Bankman-Fried at the time. 

During an operation conducted by the FBI and Ukrainian police, the FBI and Ukrainian police took down nine websites known as 'crypto exchanges'. These websites were well known for serving as money launderers for ransomware groups and cyber criminals. As part of an organized campaign, the daring action was undertaken by a cybercriminal who wanted to destroy the digital infrastructure that allows him to make money from his malicious actions by “interfering” with it and using it for his malicious goals. 


Read more »
User Privacy
Data Breach KYC Upstox User Data User Privacy

Hackers Expose Contact and KYC Details of Upstox Clients

 

Upstox, India's second-biggest broking firm in terms of the number of active customers, disclosed that its databases, including contact details and know-your-customer (KYC) details, may have been breached. The Delhi-based discount brokerage firm, anyway thought that it has improved its security systems at its servers manifold recently, on the suggestions of a global cyber-security firm against a suspected data breach. 

The organization has guaranteed the customers that their funds and securities are protected and remain safe. Sources propose that Upstox has endured a huge information breach that has uncovered some significant information like Aadhaar, PAN, bank account numbers, canceled cheques, signatures, and photographs apart from other personally identifiable information like passport, mobile numbers, and email addresses.

“On receipt of e-mails claiming unauthorized access into our database, we have appointed a leading international cyber-security firm to investigate possibilities of breach of some KYC data stored in third-party data warehouse systems. This morning, hackers put up a sample of our data on the dark web,” a company spokesperson said in an e-mailed statement. 

The spokesperson added that as a proactive measure, the organization has started numerous security upgrades, especially at the third-party warehouses, continuous 24x7 monitoring, and additional ring-fencing of its network. 

“As a matter of abundant caution, we have also initiated a secure password reset via OTP for all Upstox users. Upstox takes customer security extremely seriously. Funds and securities of all Upstox customers are protected and remain safe. We have also duly reported this incident to the relevant authorities,” the spokesperson said. The spokesperson further said that at this point, “We don't know with certainty the number of customers whose data has been exposed.” 

Upstox, upheld by investors like Tiger Global and Ratan Tata, has more than 3,000,000 clients. In an announcement note on the organization site, Upstox co-founder and CEO Ravi Kumar said funds and securities of customers are protected and remain safe. 

“Funds can only be moved to your linked bank accounts and your securities are held with the relevant depositories. As a matter of abundant caution, we have also initiated a secure password reset via OTP. Through this time, we have also strongly fortified our systems to the highest standards,” he said.
Read more »
Mobikwik
10 crore Data Breach Data Leak KYC Mobikwik

Data Leak of 10cr Users: ‘The Largest KYC Data Leak in History’

 

According to cybersecurity researcher Rajshekahar Rajaharia, mobile payment app Mobikwik came under attack after the data of 10 crores of its users was posted for sale on a hacker website on the dark web. The alleged data breach was conducted by a group of hackers known as the ‘Ninja Storm,' who have also been selling the ‘leaked' details online since March 26. 

The data is being sold for 1.5 Bitcoins, which is nearly Rs 63 lakhs, as per a post by the hacker community. Ever since tens of thousands of people have taken to Twitter to share screenshots of their personal information being exposed. It is the ‘largest KYC data leak in history,' according to cybersecurity researcher Elliot Laderson. 

Personal information of merchants who obtained loans via Mobikwik is also said to be available for purchase in exchange for bitcoins. Over 4 crore Mobikwik customers' card details and hashes are reportedly included in the leak. 

The Gurugram-based fintech firm has maintained a denial of its involvement in the breach, accusing the researchers who made the infringement public of being "media-crazed" and offering "concocted files" as evidence. "We thoroughly investigated and did not find any security lapses. Our user and company data are completely safe and secure," said a spokesperson from Mobikwik. 

On January 20, a hacker named 'Jordan Daven' took over 8 terabytes (TB) of private user data from Mobikwik's main server and posted it on dark-web websites, according to Rajaharia. “Regular keys and passwords should have been changed and logs should have been monitored to prevent this kind of security compromise,” he said. 

Furthermore, in February, Rajaharia claimed that a hacker was selling Mobikwik user data, including PAN card numbers, Aadhar numbers, debit/credit card numbers, phone numbers, and other personally identifiable information that is typically exchanged mostly during Know Your Customer (KYC) process. 

To complicate things, Mobikwik claims that its technology has not been hacked. In a statement, it said, “Some media-crazed so-called security researchers have repeatedly attempted to present concocted files wasting precious time of our organization as well as members of the media.“ 

It isn't the first time Mobikwik has been the target of a cyber-attack. The business witnessed another information security incident in 2010. 

According to reports, the Reserve Bank of India is keeping an eye on such security breaches and has enacted many new regulations, along with the upcoming payment aggregator and payment gateway guidelines, that will limit customer data exposure to a few databases of approved gateways.
Read more »
Subscribe to: Posts (Atom)