Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Laundering. Show all posts
U.S. law enforcement
Cryptonator German law enforcement Laundering Money Laundering ransom payments seized stolen cryptocurrency Technology U.S. law enforcement

Cryptonator Seized for Laundering Ransom Payments and Stolen Cryptocurrency

 

U.S. and German law enforcement have taken down the domain of Cryptonator, a cryptocurrency wallet platform allegedly used by ransomware groups, darknet marketplaces, and other illegal services. The platform's operator, Roman Boss, has been indicted on charges of money laundering and running an unlicensed money service business.

Cryptonator, established in 2014, allows users to store and exchange various cryptocurrencies within their personal wallets. However, according to blockchain investigation firm TRM, Cryptonator did not implement necessary anti-money laundering controls, enabling anonymous or pseudonymous users to conduct illicit activities.

The primary domain "cryptonator.com" now displays a seizure notice. The operation involved the U.S. Department of Justice, the FBI, the IRS:CI, the National Cryptocurrency Enforcement Team, the German Federal Criminal Police Office (BKA), and the Attorney General's Office in Frankfurt am Main.

Between 2014 and 2023, Cryptonator wallet addresses reportedly engaged in significant transactions, including:

- $25 million with darknet markets and fraud shops
- $34.5 million with scam addresses
- $80 million with high-risk exchanges
- $8 million with ransomware-associated addresses
- $54 million with hacked and crypto theft operations
- $34 million with illegal cryptocurrency mixers
- $17 million with sanctioned addresses

TRM links Cryptonator's transactions to entities such as Hydra Market, Blender.io, Finiko, Bitzlato, Garantex, Nobitex, and an unidentified terrorist group. The U.S. government has previously sanctioned Hydra Market, Bitzlato, Garantex, and Blender.io.

The Department of Justice's complaint alleges that Cryptonator's account creation process, requiring only an email and password, failed to comply with know-your-customer (KYC) regulations. It also accuses Boss of facilitating illicit activities, including discussions about supporting cryptocurrencies popular in darknet markets, such as Monero, and offering API key integrations for illegal platforms.

The complaint seeks penalties for money laundering, operating an unlicensed money service business, injunctions against Boss, damage relief, and asset seizures. The DOJ revealed that Cryptonator processed over $235 million in illicit funds.
Read more »
North Korea Hackers
cyber attack Financial Exploit Laundering Lazarus Group Linkedin North Korea Hackers

North Korean Hackers Exploit LinkedIn in Targeted Attacks

 


The North Korean hacker group Lazarus has once again made headlines, this time for exploiting LinkedIn in their cyber operations. According to a report by blockchain security analytics firm SlowMist, Lazarus hackers are leveraging the professional networking platform to target unsuspecting users and pilfer their assets through malware attacks.


LinkedIn Used as a Trojan Horse

This involves Lazarus members masquerading as blockchain developers seeking employment opportunities in the cryptocurrency industry. By posing as job seekers, they lure in vulnerable targets, enticing them to share access to their code repositories under the guise of collaborative work. However, the innocuous-seeming code snippets provided by the hackers contain malicious elements designed to syphon off confidential information and assets from the victims' systems.


History of Innovation in Cybercrime

This tactic isn't new for Lazarus, as they previously employed a similar strategy in December 2023, posing as recruiters from Meta. Back then, they convinced victims to download malware-infected coding challenges, which, when executed, granted remote access to their computers.


Lazarus: A Cyber Threat

Lazarus has earned a notorious reputation in the cybersecurity realm since its emergence in 2009. The group is infamous for orchestrating some of the largest cryptocurrency heists, including the 2022 Ronin Bridge hack, which saw a staggering $625 million being stolen.


Laundering Techniques

Once they've plundered their ill-gotten gains, Lazarus employs sophisticated techniques, such as crypto mixing services, to launder the funds back to North Korea. Reports suggest these funds are funnelled into financing the country's military endeavors.


Industry Response and Countermeasures

In response to persistent cyber threats, crypto companies are advocating for heightened security measures and conducting awareness seminars to educate employees about potential risks. The industry's proactive stance has led to the implementation of robust security protocols and increased investment in cybersecurity to safeguard against data breaches and financial theft.


The recent exploits by Lazarus serve as a stark reminder of the ever-present dangers lurking in the digital realm. As cyber threats continue to expand, it's imperative for individuals and organisations alike to remain careful and adopt proactive measures to mitigate risks and be digitally secured.


By staying informed and proactive, investors, traders, and social media users can collectively work towards thwarting cyber threats and safeguarding digital assets in an increasingly interconnected world.


Read more »
TrendMicro
Bitcoin Canti Conti CorvusInsurance Cyber Crime Cybersecurity Darkweb DigitalCurrency Elliptic Extortion Garantex Hackers Laundering Ransomware TrendMicro

Researchers: 'Black Basta' Group Rakes in Over $100 Million

 

A cyber extortion group believed to be an offshoot of the infamous Russian Conti hacker organization has reportedly amassed over $100 million since its emergence last year, according to a report published on Wednesday by digital currency tracking service Elliptic and Corvus Insurance.

The group, known as "Black Basta," has allegedly extorted at least $107 million in bitcoin, with a significant portion of the laundered ransom payments flowing to the sanctioned Russian cryptocurrency exchange Garantex, as revealed in the joint report. Attempts to contact Black Basta through its dark web site were unsuccessful. Garantex, which faced U.S. Treasury sanctions in April of the previous year, expressed support for global initiatives combatting cybercrime and urged information-sharing regarding the hackers' finances, pledging to block suspicious funds.

Elliptic co-founder Tom Robinson characterized Black Basta's substantial earnings as making it "one of the most profitable ransomware strains of all time." The researchers arrived at this figure by identifying known ransom payments linked to the group, tracing the laundering of digital currency, and discovering additional payments.

Robert McArdle, a cybercrime expert from security firm TrendMicro not involved in the report, deemed the reported Black Basta figure "certainly in a believable range for their operations."

The Elliptic-Corvus report also presented evidence linking Black Basta to the now-defunct Russian group "Canti." Conti, formerly a prominent ransomware gang, gained notoriety for coercing victims through data encryption, ransom demands, and threats to publish stolen information. 

The report suggests that individuals from Conti, following the dismantling of its leak site after Russia's invasion of Ukraine and the subsequent posting of U.S. bounties on its leadership, may have reorganized and rebranded, with Black Basta potentially being a manifestation of this restructuring.

"Conti was perhaps the most successful ransomware gang we've seen," remarked Robinson. The recent findings indicate that some individuals responsible for Conti's success might be replicating it with the Black Basta ransomware, he added.
Read more »
Subscribe to: Posts (Atom)