Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Money Laundering. Show all posts
U.S. law enforcement
Cryptonator German law enforcement Laundering Money Laundering ransom payments seized stolen cryptocurrency Technology U.S. law enforcement

Cryptonator Seized for Laundering Ransom Payments and Stolen Cryptocurrency

 

U.S. and German law enforcement have taken down the domain of Cryptonator, a cryptocurrency wallet platform allegedly used by ransomware groups, darknet marketplaces, and other illegal services. The platform's operator, Roman Boss, has been indicted on charges of money laundering and running an unlicensed money service business.

Cryptonator, established in 2014, allows users to store and exchange various cryptocurrencies within their personal wallets. However, according to blockchain investigation firm TRM, Cryptonator did not implement necessary anti-money laundering controls, enabling anonymous or pseudonymous users to conduct illicit activities.

The primary domain "cryptonator.com" now displays a seizure notice. The operation involved the U.S. Department of Justice, the FBI, the IRS:CI, the National Cryptocurrency Enforcement Team, the German Federal Criminal Police Office (BKA), and the Attorney General's Office in Frankfurt am Main.

Between 2014 and 2023, Cryptonator wallet addresses reportedly engaged in significant transactions, including:

- $25 million with darknet markets and fraud shops
- $34.5 million with scam addresses
- $80 million with high-risk exchanges
- $8 million with ransomware-associated addresses
- $54 million with hacked and crypto theft operations
- $34 million with illegal cryptocurrency mixers
- $17 million with sanctioned addresses

TRM links Cryptonator's transactions to entities such as Hydra Market, Blender.io, Finiko, Bitzlato, Garantex, Nobitex, and an unidentified terrorist group. The U.S. government has previously sanctioned Hydra Market, Bitzlato, Garantex, and Blender.io.

The Department of Justice's complaint alleges that Cryptonator's account creation process, requiring only an email and password, failed to comply with know-your-customer (KYC) regulations. It also accuses Boss of facilitating illicit activities, including discussions about supporting cryptocurrencies popular in darknet markets, such as Monero, and offering API key integrations for illegal platforms.

The complaint seeks penalties for money laundering, operating an unlicensed money service business, injunctions against Boss, damage relief, and asset seizures. The DOJ revealed that Cryptonator processed over $235 million in illicit funds.
Read more »
North Korea Hackers
Asian Payment Firm Cryptoc Cyber Crime Money Laundering North Korea Hackers

Lazarus Hacking Group is Using Asian Firms to Launder Stolen Crypto

 

Cambodian payments company received crypto worth over US$150,000 from a digital wallet employed by North Korean hacking group Lazarus, blockchain data shows, a glimpse of how the criminal outfit has laundered funds in Southeast Asia. 

Huione Pay, based in Phnom Penh and offers currency exchange, payments and remittance services, received the crypto between June 2023 and February this year, according to the previously unreported blockchain data reviewed by Reuters. 

The crypto was transferred to Huione Pay from an anonymous digital wallet that, according to blockchain experts, was used by a hacking outfit to deposit funds stolen from three crypto firms in June and July 2023. 

The United States' Federal Bureau of Investigation said in August last year that Lazarus stole US$160 million from the crypto firms: Estonia-based Atomic Wallet and CoinsPaid; and Alphapo, registered in Saint Vincent and the Grenadines. 

They were the latest in a series of heists by Lazarus that the US said was funding Pyongyang's weapons programmes. Cryptocurrency allows North Korea to circumvent international sanctions, the United Nations has said.

The crypto might have assisted the regime pay for banned goods and services, according to the Royal United Services Institute, a London-based defence and security think tank. 

Huione Pay's board said the company had not known it "received funds indirectly" from the hacks and cited the multiple transactions between its wallet and the source of the hack as the reason it was unaware.

Rhe wallet that sent the funds was not under its management, Huione added. 

Huione Pay — whose three directors include Hun To, a cousin of Prime Minister Hun Manet — refused to elaborate why it had received funds from the wallet or provide details of its compliance policies. The firm stated Hun To's directorship does not include day-to-day oversight of its operations. The National Bank of Cambodia (NBC) said payments companies such as Huione weren't allowed to deal or trade in any cryptocurrencies and digital assets.

US blockchain analysis firm TRM Labs told Reuters that Huione Pay was one of a number of payment platforms and over-the-counter brokers that received a majority of the crypto stolen in the Atomic Wallet hack. Brokers connect buyers and sellers of crypto, offering traders a greater degree of privacy than crypto exchanges. 

TRM also said the attackers conceal their tracks by converting the stolen crypto via a complex laundering operation into different cryptocurrencies, including tether (USDT) — a so-called "stablecoin" that retains a steady value in dollars.
Read more »
Mule Accounts Menace
Cyber Attacks CyberCrime Cyberhackers Cybersecurity CyberThreat Money Laundering Mule Accounts Menace

Unveiling the Mule Accounts Menace in Modern Money Laundering

 


In a recent statement, a member of the RBI's board of governors has urged banks to step up efforts against mule accounts. According to Piyush Shukla, money mules in India do much more than move money. A MULE ACCOUNT IS a bank account that receives funds from illegal activities and then transfers those funds to other accounts, thus serving as a bridge for money laundering and other illegal practices to take place. 

It is not uncommon in India to come across people who are opening mule accounts based on their bank accounts that they are offering in place of money as payment. The account holder's onboarding process is not automated in this way, which makes it more difficult to detect such accounts. Even though there are ways to put a stop to these accounts, the right controls and monitoring of the user's behaviour throughout the lifecycle of the account can be employed to give the user the greatest protection. 

Last November it was reported about the arrests of six people in Bengaluru about the alleged operation of 126 mule accounts. There has been raised concern by the Reserve Bank of India (RBI) earlier this week regarding certain banks having a huge number of fraudster accounts used for fraudulent transactions and loan evergreening by their customers. In a move to curb digital fraud, Shaktikanta Das, the governor of the Reserve Bank of India, has directed banks to crack down on the use of mule accounts as well as increase customer awareness and education initiatives.

Money mules can be generally categorized into five different kinds based on their level of complicity in a money laundering scheme and the way they are employed. A victim mule is a person who is unaware, for example, that his account has been compromised and that it is being abused by a fraudster who wants to launder money through his account. An incident of data breach most likely resulted in the victim's account details being leaked. 

Money mules can also come in the shape of misled parties, who are misled into sending and receiving money on behalf of fraudsters, believing that the money they are sending and receiving is clean. It is not uncommon for mules to respond to job advertisements they find interesting, and they respond to one or more of them that involve them executing transactions on behalf of the employers. One of the most common types of money mules is the deceiver. He or she opens new accounts by using stolen or synthetic identities to send and receive stolen funds. 

One way in which money is mulled is through the use of "peddlers", or people who sell their information to fraudsters, who then use that information to send and receive stolen funds. Mules can also be accomplices, who can open a new account in his name or use an existing one to send and receive funds at the direction of a fraudster, who instructs him to do so. In the study conducted by BioCatch, a digital fraud detection company, it was revealed that nine out of ten accounts were undetected as mule accounts by one of its Indian partners. 

During the first month of documented mule account activity, 86% of the sessions that were posted from within India were documented, however after a month those numbers dropped to just 20%, and 16% of those sessions were using a VPN to access such accounts. Although most of the activity in mule accounts happens in Bhubaneswar—15% —Lucknow and Navi Mumbai are each responsible for 3.4% of the activity. Two cities in West Bengal, Bhagabatipur and Gobindapur, recorded 1.7% and 2.6% of mule account activity, respectively. In comparison, Mumbai and Bengaluru reported 2.2% and 1.8% of such activity, respectively. 

To help customers prevent their bank accounts from becoming mule accounts, the following practices are recommended: 
1. Treat all unexpected communications, especially those offering lucrative, effortless jobs, with scepticism. 
2. Unrealistically high payments for straightforward tasks should raise alarms. 
3. Be wary of job offers with ambiguous descriptions and responsibilities, particularly if money transfers are involved. 
4. Scammers often pressure customers into making swift decisions, such as hurriedly confirming their identity or claiming a reward. Customers must pause and assess their demands carefully. 
5. Be extremely cautious while using unconventional payment methods, such as gift cards or virtual currencies. 

 In October 2023, the Reserve Bank of India (RBI) tightened the customer due diligence (CDD) norms by instructing banks and regulated entities to adopt a risk-based approach for periodic updating of know-your-customer (KYC) data. According to the latest Master Directions, the risk-based approach for periodic updating of KYC has been amended to state: “Registered Entities (REs) shall adopt a risk-based approach for periodic updating of KYC, ensuring that the information or data collected under CDD is kept up-to-date and relevant, particularly where it is high-risk.” 

Furthermore, the Master Directions emphasize that instructions on opening accounts and monitoring transactions should be strictly adhered to, to minimize the operations of money mules. These mules are used to launder the proceeds of fraud schemes, such as phishing and identity theft, by criminals who gain illegal access to deposit accounts. 

Banks are required to undertake diligence measures and meticulous monitoring to identify accounts operated as money mules, take appropriate action, and report suspicious transactions to the Financial Intelligence Unit.
Read more »
Money Laundering
Bank Scam Bengaluru Cyber Crime Fraud Money Laundering

Digital Arrest Scam: Bengaluru Man Loses Rs 3.8 Crore to Scammers


A 73-year-old man recently lost Rs 3.8 crore due to the 'digital arrest' threat posed by fraudsters impersonating law enforcement officers. The fraudsters held him under 'digital arrest' from May 5 to 10, saying that he was under Mumbai police monitoring because a parcel shipped in his name to Taiwan contained drugs.

The Setup

It all started on May 5 at 10 a.m., when Rajkumar (name changed), an Indiranagar resident and retired MNC executive, got a call from 8861447031. The caller claimed as a 'FedEx' logistics executive and supplied Rajkumar's Aadhaar and mobile numbers. 

He said that a package shipped to Taiwan under Shankar's name contained five passports, a laptop, 3kg of clothing, and 150 grams of MDMA. He forwarded the phone to a "police officer" after claiming a case against him had been filed at Mumbai's Andheri East cyber police station.

The Deception

A man claimed to be Rajesh Pradhan, DCP (Cybercrime), Andheri and informed Shankar that he was under digital arrest until the inquiry was completed. They warned to arrest him if he left his residence and instructed him to isolate himself in a room. Later, they made a video call to him, and Shankar noticed a police station in the backdrop and assumed he was speaking with actual cops.

Pradhan informed Rajkumar that this was a high-profile and sensitive matter involving VIPs. He was told not to mention their call with anybody and threatened with arrest if he did not obey their instructions. 

The Money Transfer

The con artist added that they discovered a bank account opened in his name that was being used for money laundering. They allegedly examined the charges against him, which included money laundering, NDPS, and other criminal actions, before offering to assist him. 

To protect the account, he was ordered to move the full balance in his bank accounts to Reserve Bank of India (RBI) accounts.

The Aftermath

After promising to repay him after his transactions were verified, they convinced Shankar to send money to their accounts in several transactions. 

After transferring Rs 3.8 crore, Rajkumar was promised that the return would be in his account within 30 minutes of verification and the connection was discontinued. Rajkumar only realized he had been duped after the crooks went mute.

The digital arrest is fake: DCP

According to Kuldeep Kumar Jain, DCP (East), Shankar submitted a report on May 13, and they were able to freeze Rs 9 lakh within two days.

A case has been filed under the Information Technology Act and IPC section 420 (cheating and dishonestly inducing delivery of property).

According to Jain, such claims should not be taken seriously. The police force has no idea of digital arrests or online (virtual) investigations. If you receive such calls, simply disconnect and report them to your nearest police station or the 1930 cyber helpline. If you lose any money, you should contact the police right away. Delays in filing complaints will have an impact on recovery rates.

Read more »
Payment Scam
Banking scam Cyber Crime Money Laundering Mule Account Payment Scam

Mule Recruitment Scheme: Scammers Making Innocents Accomplices Into Money Laundering

Mule Recruitment Schemes

If an online offer seems too good to be true and needs managing money, it is a possible mule recruitment scam

RBI and NPCI warn users

The National Payments Corporation of India (NPCI) and RBI regulations advise not using Indian payment systems for banned or blacklisted website categories such as porn sites, gambling, Chinese laundering/loan apps, Forex trading sites, or other shadowy websites. 

To escape this restriction, scammers use Mule accounts to receive money through Indian payment ways like bank accounts, credit cards, UPI, debit cards, and VPA. 

What is a Mule account?

A Mule account is a famous term in cybercrime that looks for any account used for moving money illegally received through illegal activities. These accounts mostly belong to those who, intentionally or unintentionally, have been tricked into playing the illegal money laundering act.

Not aware of being part of a bigger scam, these individuals or “money Mules” are tricked into letting unknown scammers use their accounts to hide the source of laundered money. Scammers make these payments look legit through sly schemes and baits, hiding the money’s shadowy inheritance before it goes to the final destination. 

“We detect 18 to 20 thousand cases every single day for a National Bank. These mule accounts are usually owned by regular people who are either tricked into opening them or knowingly use them at the behest of some monetary payments. We advise people not to share their account details or give access to anyone. Fraudsters can use your credentials for such illegal activity” said Amit Relan, Co-founder and CEO of mFilterit. 

Tricking of customers

Money Mules fall into two categories: willing participants and duped participants. The scammers approach the Mule account customer online via emails, social media, websites, etc. Customers are fooled into believing they will get money in their bank account through commissions or incentives. After that, the scammer transfers laundered money into the Mule account. 

Scammers attack vulnerable and naive individuals, using lucrative job scams or fake online relationships to scam people. The victims are fooled through false promises of easy money for not-so-harmful activities like transferring goods or money. If an online job opening seems too good to be true or needs managing money or services, it is most likely a Mule recruitment scam. 

“Fraudsters might pose as authentic organizations like banks or government agencies to deceive victims into divulging personal or financial details. Phishing emails frequently include hyperlinks or attachments that, once clicked or opened, can deploy malware or direct users to fake websites crafted to steal sensitive information” said Dhiren. V. Dhedia, Head- Enterprise Solutions, CrossFraud. 

How to be safe?

Be cautious, if someone else controls your bank account, you are risking your savings and facing possible criminal charges. You should stay updated and informed to not fall for the mule scam. 

Sharing your personal banking details with people you don’t trust is a big no, even if they have a believable story or offer.


Read more »
Tornado Cash
Cyber Attacks CyberCrime Cyberhackers Cybersecurity Money Laundering Tornado Cash

North Korean Hackers' $12M Ethereum Laundering Via Tornado Cash Unveiled

 


It has been reported that North Korean hackers associated with the Lazarus Group have exploited Tornado Cash in a recent development to launder approximately $12 million worth of stolen Ethereum (ETH) in the last 24 hours, using the coin mix-up service Tornado Cash. 

According to blockchain analytics firm Elliptic and experts from other organizations, the Lazarus Group was responsible for the theft of $100 million in cryptocurrency from HTX and its HECO Bridge in November of 2023, according to blockchain analytics firm Elliptic. HTX, a cryptocurrency exchange, and its cross-chain bridge, HTX Eco Chain, or HECO, have been flagged by the analytics firm Elliptic as being engaged in on-chain activity since March 13 indicating that Lazarus Group hackers have transferred cryptocurrency worth $12 million to Tornado's wallets. 

A decentralized and non-custodial privacy tool, Tornado Cash was stolen in November from the cryptocurrency exchange HTX and its cross-chain bridge, HTX Eco Chain. Tornado Cash is a blockchain-based decentralized, non-custodial cryptocurrency. It is a smart contract-based system that allows users to deposit ETH and ERC-20 tokens at one address and then withdraw them at another address with the help of smart contracts. 

This service and others that blend tokens from different sources to disguise funds are known as Tornado Cash and other mixers. The US Treasury blacklisted the service in August 2022 after it had been used to launder more than $7 billion in cryptocurrency since it was established in 2019. 

The department has alleged that the mixer has been used to launder more than $7 billion over the past two years. Nevertheless, Sinbad.io itself was seized in November 2023 by US authorities, which eliminated another avenue by which hackers could commingle. Consequently, the group appears to have returned to Tornado Cash to launder funds at scale and obscure the transaction trail while using Tornado Cash's decentralized architecture and resistance to raids. 

Finally, Elliptic suggests that it is possible to explain the resurgence of Tornado Cash reliance by the Lazarus Group due to law enforcement activities targeting services such as Sinbad.io and Blender.io, which has reduced the availability of large-scale mixers. The group has opted to take advantage of Tornado Cash's continued operation despite sanctions to take advantage of smart contracts' security and decentralized nature on blockchain networks, as they have few viable alternatives. 

As part of this effort, the authorities are also targeting the developers of such mixers as well. In a recent U.S. investigation, Tornado Cash's developers, Roman Storm and Alexey Pertsev, were charged with numerous offences, including conspiracy to commit money laundering, conspiracy to violate sanctions, and conspiracy to operate an unlicensed money-transmitting business. 

A similar development occurred on March 12 with the conviction of Bitcoin Fog's founder of money laundering. There have been several Lazarus Group operations going on for more than ten years now. As far as U.S. officials are concerned, they have stolen over $2 billion worth of cryptocurrency that was used to help fund North Korean programs for the development of weapons of mass destruction as well as ballistic missiles. In 2019, the United States government sanctioned the group by issuing sanctions against them.
Read more »
Money Laundering
Crypto Cyber Crime Cyberattacks Federal Regulations Money Laundering

Crypto In Trouble: A US Money Laundering Scandal Has Charged The Latest Exchange

Crypto currency

In the recent crackdown on crypto-associated cybercrime, the U.S. Department of Justice issued charges against Aliaksandr Klimenka.

Klimenka is accused of working with Alexander Vinnik and other individuals from July 2011 to July 2017 to operate BTC-e, an unregulated digital currency exchange, and to participate in a money laundering scheme, according to unsealed indictments.

The US Targets Another Cryptocurrency Exchange

The US Justice Department has accused BTC-e of being a hub for money laundering and cybercrime. The company is said to have provided high anonymity trading services that drew in customers who were heavily involved in illicit activities.

The news statement states that the site allegedly enabled financial transactions resulting from a variety of illegal activities, including computer hacking, fraud, identity theft, and drug trafficking.

Authorities emphasize BTC-e's involvement in cybercrimes and point out that it operated on American servers reportedly in violation of mandatory anti-money laundering procedures and "know your customer" (KYC) guidelines.

Furthermore, according to the government agency, BTC-e violated federal regulations mandating strict anti-money laundering protocols by failing to register as a money services organization, despite its substantial operations within the United States.

The arrest of Klimenka in Latvia last December, according to the US Department of Justice, was a significant milestone in their "efforts to combat cryptocurrency-facilitated crimes."

After making his first court appearance in San Francisco, Klimenka is being kept in detention and could receive a hefty 25-year maximum term if found guilty. The accusations highlight the U.S. government's increased emphasis on crimes involving digital assets, with the National Cryptocurrency Enforcement Team (NCET) leading inquiries into cryptocurrency misuse.

The press release stressed that the joint actions of the FBI, Homeland Security Investigations, IRS Criminal Investigation, and U.S. Secret Service underscore "the federal commitment to dismantling networks that leverage digital currencies for illegal activities."

Use of Cryptocurrency in Illegal Activity Falls to Record Lows

Despite the US government's claim, new research from the cryptocurrency analysis company Chainalysis suggests that just a tiny portion of blockchain transactions are utilized for illicit purposes.

$24 billion was received by "illicit addresses" in 2023, mostly from "sanctioned entities" according to US government records. This is a significant decrease from its 2022 value of approximately $40 billion, as shown in the following chart.

Read more »
Money Laundering
Canadian Intelligence Crypto Crime Cyber Security Financial crime report Money Laundering

Canadian Financial Intelligence Agency Predicts Crypto Crime to Surge Rapidly

 

As the use of cryptocurrency grows, more criminals are likely to start using it to raise, move, and conceal money outside of the established banking system, according to Canada's financial intelligence agency. 

In a report published on Monday, the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) stated that ransomware attacks and the concealment and cleaning of fraudulent profits are the most frequent types of criminal activity involving cryptocurrencies. 

Fintrac expanded its strategic intelligence programme to increase its knowledge and comprehension of the risks and vulnerabilities related to virtual currencies by building on the funding it had received in the previous two years' budgets. 

“Fintrac continues to operate in a challenging environment with new and evolving technologies and financial products, rapidly shifting global financial systems and geopolitical events constantly shaping our work,” agency director Sarah Paquet stated in the report. 

Every year, the agency sifts through millions of pieces of data from insurance firms, banks, money services enterprises, securities dealers, real-estate brokers, casinos, and others to track down money linked to illegal activities. It then actively shares details on suspected cases with police and other law enforcement agencies. 

Businesses that exchange foreign currencies, transfer money, cash, or buy or sell money orders or traveler's cheques, or deal in virtual currency must first register with Fintrac before offering these services to the general public. 

According to the report, the continued use of unregistered money services businesses creates challenges for those attempting to discover money laundering and terrorist financing via traditional financial channels. 

“Suspicious transactions reported to Fintrac have highlighted the significant role of third-party intermediaries, such as professional money launderers and money mules, in facilitating underground banking and the laundering of criminal proceeds,” the report further reads. 

While the majority of illicit cryptocurrency transactions involve the laundering of criminal proceeds—a small proportion of total virtual transactions—Fintrac has observed that terrorist groups around the world are increasingly using virtual currencies to finance their operations. 

This trend is especially visible among those associated with ideologically driven violent extremism, who distrust regulated and centralised financial systems. There has also been an increase in loosely connected entities within expansive movements that transcend national boundaries in recent years, as well as the persistence of cross-border funding networks and online fundraising efforts. 

Additionally, the report discovered that there is a significant reliance on mixing services and high-risk exchanges for laundering cryptocurrency and converting ransoms back into cash.
Read more »
Subscribe to: Posts (Atom)