How Criminals are Cashing In

 In AML Surveillance, Bitcoin

            Although it appears that some of the luster has worn off of the unprecedented cryptocurrency craze seen between late 2017 and early 2018, these platforms remain very attractive options for both experienced and novel investors looking to cash in on the next potential surge seen in this realm. The same holds true for financial criminals looking to exploit this market for personal gain and the funding and facilitation of additional illicit activity. Although some “experts” and even representatives from several prominent countries around the world have argued that cybercurrencies have little to no impact on terror financing and organized crime within their respective regions, the fact remains that international governments are quite fearful of the potential ramifications that may be had on the global financial system with the continued growth of this market without strict regulation and supervision. Cybercurrencies have been left increasingly vulnerable to exploitation by criminals across the globe as global regulators have struggled to formulate a collective solution that would govern all coins in each respective domain, especially since cryptocurrency status as legal tender varies from country to country. One seasoned securities professional believes that cryptocurrency has become the driving force behind the vast majority of illegal activities seen online in 2018, with new avenues for targeting unsuspecting victims and promoting illegal endeavors opening up each and every day. Others have speculated that dark web transactions and the criminal groups behind them propelled the rise in Bitcoin, Ethereum, and other digital currency values seen over the last several years, with this cycle likely to continue for some time.

The conundrum posed by this technology is at least in part what has made this topic so captivating, as the possibility to completely revolutionize finance via these means from both a business and personal standpoint is evident. However, the same reasons that cybercurrencies have become such a transcendent part of life today are much the same reasons it has become an invaluable asset for cyber-criminals looking to prosper through the demise of individuals and financial organizations while keeping their activity anonymous. The anonymity provided through the bulk of crypto-platforms seen today allows cyber-criminals to operate relatively undetected, as no links are able to be made between the parties involved in an individual transaction and the persons behind them, allowing their identities to remain concealed. An increasing number of criminals have begun to obscure their illicit paths using technology, making it all the more difficult for criminal investigators to identify and apprehend those behind the large-scale crimes and breaches that continue to make international headlines. As a result, countries across the world are actively working to reduce the anonymous nature of cybercurrencies in order to limit the funding of terrorist organizations and to reduce financial crime (i.e. money laundering) altogether. While taking the initial steps to implement such efforts is commendable, they will likely be rather difficult to follow through on however. This is due in large part to the complex and consistently-changing tactics being utilized by cyber-criminals today, schemes that are growing more advanced and difficult to stop with each passing day.

So long as currency exchanges lack adequate security and risk management procedures, not to mention oversight from federal regulators, cyber-criminals will be able to capitalize on these markets to make millions upon millions of dollars. Thus the more secure approach being taken by both the platforms themselves and the national governments of countries where these currencies are being operated will be key to limiting the negative effects and outcomes seen in the future. The article “Five Ways Cyber-Criminals are Trying to Cash in on Crypto-Currency”, cited in BSA News Now on May 3rd, 2018, discusses recent trends seen in the way cyber-criminals are using cryptocurrencies to assist in their attacks. Crypto-mining has developed into a hot-button issue in this realm. The article writes that “from PCs to routers to phones to browsers, illicit crypto-currency miners compromise systems, install malware and execute programs to crunch the numbers needed to generate tokens in their preferred currency” (Lemos, 2018). Attackers have capitalized on vulnerabilities found in online applications and programs to target and attack web servers using their malware programs, which often allow them to target visitors of these programs and sites as well. These criminals are not set in their ways either, as they generally tend to migrate to different programs with new vulnerabilities that they discover rather than resting on their laurels following successful attacks, a process that allows their string of illicit activity to continue. These malware attacks can also extend to the wallets of unwitting consumers. eWeek notes that while there has been a significant increase in the number of crypto-mining payloads seen in 2018, there has also been “an increase in malware targeting the wallets used by consumers to store the security keys needed to sign and verify crypto-currency transactions”, in what has come to be known as “virtual pickpocketing” (Lemos, 2018). These activities have become big business for criminals of late, as many consumers fail to adequately protect their assets by keeping them in offline storage (i.e. “cold wallets”).

Perhaps the most fruitful venture for criminals thus far has been the targeting of blockchain infrastructure and ledgers used to record transactions for personal gain however. One might recall a major breach in this regard seen in 2016, where the Decentralized Autonomous Organization (DAO), a blockchain-based venture capital fund based on computer protocols known as “smart contracts”, was drained of approximately $70 million (3.6m Ether) by a hacker using a tactic known as a recursive call. In this case “the attacker was able to ‘ask’ the smart contract (DAO) to give the Ether back multiple times before the smart contract could update its own balance” (Madeira, 2018). While the issue was eventually amended, it represented a significant issue moving forward. Additionally, the scope of this activity now transitioning outside of the cyber realm and into the drug trade. In fact, the Department of Homeland Security and the U.S. Immigration and Customs Enforcement (ICE) are now using blockchain technology to expose the identities of criminals and money launderers using crytocurrencies to pay for the trafficking of illicit drugs. Greg Nevano, deputy assistant director of the Department of Homeland Security, stated “in support of its diverse financial investigative efforts, ICE uses undercover techniques to infiltrate and exploit peer-to-peer crypto-currency exchangers who typically launder proceeds for criminal networks engaged in or supporting dark net marketplaces” (Lemos, 2018).

Although criminals have continued to become adept in new technologies and loopholes that can be used to their advantage, it seems that financial authorities in some of the world’s more developed countries are too advancing in their ways to thwart this activity and promote increased domestic and financial security.

Stay Current.  Register to receive daily alerts here.

Recent Posts
Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text.