Displaying items by tag: Cryptocurrency

The European Union Agency for Law Enforcement Cooperation, or Europol, 09/10/2019 released its annual Internet Organized Crime Threat Assessment (IOCTA) report for the year. And we weren’t surprised to find that ransomware, despite its palpable decline in volume these past few months—a trend we’ve also seen and documented—remains the most prominent threat in terms of prevalence and financial damage.

While the IOCTA report talks about online threats that both consumers and businesses face on a daily basis, it also puts data at the center of it all. We rely on it—often, all too much—and criminals know this. And yet, most threat actors behind attack campaigns rely on our data to make their attacks more successful, compelling us to take action. After all, nowadays an attack that doesn’t use data against its owners wouldn’t be much of a money-earning scheme.

Threat actors can deprive organizations and individuals’ access to their own files by encrypting and holding them for ransom, such is the case for ransomware. And they can also deny the average user access to an organization’s data (and services) through Distributed Denial of Service (DDoS) attacks. According to Europol, such attacks with an extortion element in them are the most prevalent.

Data also enables other forms of online crime like fraud. Criminals are primarily after financial data, such as credit card information, online banking credentials, and cryptocurrency wallet data. They are also after personally identifiable information (PII) and other login credentials. Such data fuels other profitable, targeted attacks like business email compromise (BEC) scams, spear phishing, and account takeovers.

There is also the challenge of data overload, particularly in the realm of child sexual exploitation (CSE) crimes. The staggering amount of material online detected by law enforcement and private companies continues to increase to the point that it’s putting a strain on law enforcement resources to investigate these crimes. One contributing factor to the increase of availability of CSE material online is that more underage users are accessing and using social media, thus, criminals reach and communicate with them via these platforms.

Other IOCTA findings:

• The IOCTA report also noted that key infection vectors are phishing and remote desktop protocol (RDP) vulnerabilities. Simple patching can address vulnerabilities. As for phishing, did you know that you can be targeted on your desktop and smart phone?
• Organizations are growing more concerned about sabotage performed by malicious insiders.
• Ransomware tactics have shifted, from a scattergun approach of infecting systems to a more focused and refined targeting of profitable victims. This means that ransomware proponents target those with a greater ability to pay a ransom than the average, normal user.
• BEC is evolving. There have been campaigns wherein threat actors used malware and network intrusion.
• Self-generated explicit material (SGEM) is on the uptick. Young children now have access to high-quality smart phones, which enables them to produce and share SGEM, either voluntarily or under coercion. The rising number of SGEM victims will likely to continue. Parents and guardians: Please talk to your kids about this, and other online risks.
• Jackpotting, also known as black-box attacks, against ATMs are becoming more widespread and accessible due to tools like Cutlet Maker being more available on the dark web.
• Card-not-present (CNP) fraud and skimming continue to plague financial institutions. Don’t be a victim of skimming.
• Due to law enforcement activity and extensive DDoS attacks against hidden services, many have grown distrustful of the onion router (Tor) environment. While underground market administrators are currently exploring alternatives, a migration to a new platform will not likely happen yet.

Source: Europol

Source: Malwarebytes Labs

Report for the first three months of the current year CipherTrace Cryptocurrency Intelligence (April 2019).

Cryptocurrency Thefts, Scams, and Fraud Could Tally More than $1.2 Billion in First Quarter 2019.

Criminals stole more than US$356 million from exchanges and infrastructure during the first quarter of 2019. Among these losses, exit scams—which CipherTrace is considering the implosion of QuadrigaCX to be one—robbed cryptocurrency users of nearly US$195 million. On top of these numbers, the New York Attorney General’s Office revealed what they allege is a fraud involving the loss of $851 million by a major cryptocurrency exchange, Bitfinex. Cyber criminals also developed ingenious new techniques to drain millions more from user accounts and wallets. These thefts only represent the losses that are visible. CipherTrace estimates the true number of crypto asset losses was much higher.

46% Increase in the Number of Cross-Border Payments from US Cryptocurrency Exchanges Over the Last Two Years.

CipherTrace research conducted in Q1 revealed a major hole in the current cryptocurrency regulatory fabric with respect to cross-border payments. An analysis of 164 million BTC transactions revealed that cross-border payments from US exchanges to offshore exchanges increased from 45% from the twelve months ending Q1 2017 to 66% in the twelve months ending Q1 2019. This is significant because according to the International Consortium of Investigative Journalists, “$8.7 trillion, 11.5 percent of the world’s wealth, is hidden offshore.”

Once these payments reach exchanges and wallets in other parts of the globe they fall off the radar of US authorities. For now, it is uncertain if these cross border inter-exchange payments trigger the FinCEN requirement that “MSBs must keep a five-year record of currency exchanges greater than $1,000 and money transfers greater than $3,000.” But experts recommend MSBs retain tax ID/SSN for these transactions.

A Significant Wave of Regulation Is Coming to the Cryptocurrency Economy.

Ultimately, thieves and scam artists will need to launder the cryptocurrency stolen or scammed in Q1 2019. Furthermore, this will require innovative new ways to cash out, and turn all that tainted virtual money into clean, spendable fiat currencies. And they will also need to get it done under the much more watchful eyes of government regulators and banks as a tsunami of tough new global anti-money laundering (AML) and counter-terror financing (CTF) regulations will roll over the crypto landscape in the coming year. As of April 2019, 17 countries plus the European Union within the jurisdiction of the Financial Stability Board had at least some regulation or standard-setting bodies dealing with cryptocurrencies. These bodies will be responsible for implementing regulations that enforce FATF policy and AMLD5.

In light of the huge losses suffered by users of QuadrigaCX, regulators in Canada and around the world are rethinking controls on the internal business practices and security operations of exchanges. In addition, regulators are beginning to recommend bans on privacy coins, as criminals are coming to prefer these new anonymous altcoins to bitcoin because they are more difficult to trace. Banks also continue to face problems coping with the coming wave of regulations as they increasingly recognize there are undetected cryptocurrency operations that are using their fiat payment networks and customer accounts. Plus, courts in some countries have ruled that banks must do business with licensed cryptocurrency companies.

Crypto Crime Evolves and Expands from the Virtual to the Real World.

The previous year’s crypto crime spree was dominated by major external exchange hacks around the globe—with the biggest occurring in Q1 2018. However, in the first quarter of this year, insiders, extortionists and scammers attempted a more diverse range of crypto crimes. As just one example, kidnappers in Norway demanded nine million euros (approximately US$10.3 million) ransom in Monero, a privacy coin, for a billionaire’s wife, who has not yet been returned. There were also two large insider thefts/misappropriations (QuadrigaCX and Bitfinex). This shift suggests that security against external hackers at exchanges is maturing under the pressure from regulators and customers to take necessary measures to prevent losses.

The geopolitical implications of cryptocurrencies also took center stage in Q1 2019 with countries competing to attract crypto businesses and foster related economic growth. Conversely, overt attempts to evade sanctions by hostile nations show that economic adversaries recognize the money laundering and terrorist financing potential of crypto assets. On March 6, 2019, the UN Security Council reported North Korean state-backed hackers successfully breached at least five cryptocurrency exchanges in Asia between January 2017 and September 2018, causing $571 million in losses.

Q1 2019 Crypto Crime Highlights:

- Thieves and scammers stole more than $356 million from exchanges and users.

- Customers suffered losses of approximately US$195 million when Canada’s major cryptocurrency exchange, QuadrigaCX, imploded after the CEO mysteriously perished in India, allegedly along with the passwords to virtually all of the exchange’s assets. CipherTrace analysis casts severe doubt that this was anything other than a theft, fraud, or foul play.

- On March 26, the New York Attorney General’s Office brought suit against the parent company of Bitfinex and Tether.
- The AG claimed Tether had failed to disclose a secret transfer of funds from the fiat pool of funds supposedly backing tether, which converted tether from asset-backed to debt-backed unbeknownst to tether holders.
- Bitfinex allegedly lost $851 million. The source of the loss was a Panamanian payment processor also used by QuadrigaCX.

- Iran announced the imminent launch of its long-rumored Crypto Rial, a state-backed stable coin developed with the express purpose of circumventing political sanctions and overcoming sanctions-related restrictions by SWIFT.

- The Russian Duma approved international use of the domestically developed SPFS as a ‘SWIFT alternative’ for cross-border payments in an effort to avoid political sanctions.

- The French government issued a report recommending a ban on privacy coins.

- The UN published the findings of a private report that concluded North Korean hackers looted $571 million from five cryptocurrency exchanges in Asia.

- Courts in some countries forced financial institutions to bank crypto asset businesses.

- The Bank of Mexico reportedly proposed banning financial institutions from transacting with crypto exchanges, citing money laundering and terror financing risks.

Source: CipherTrace.

On March 27, 2019, training for students of the 7th stream of the BCL (Blockchain Lawyers) supplementary education program was completed at the Federation Council. 

As part of that, the audience in a round table format along with the first deputy chairman of the Federation Council Committee on Economic Policy, the founders and teachers of the course, as well as invited experts discussed the regulation of the digital economy and modern technologies in Russia.

Natalya Manuilova paid special attention to the following issues: that the Bank of Russia had several new and important documents aimed at fulfilling the requirements of the legislation in the area of countering the legalization (laundering) of proceeds from crime and the financing of terrorism (AML/CFT). Important on the approach to the organization of work in this direction.

Thus, one of these documents is Directive No. 5083-U of 02/27/2019 “On Amendments to the Regulation of the Bank of Russia of March 2, 2012 No. 375-P“ On the Requirements for the Rules of Internal Control of a Credit Organization to Counter Legalization (Money Laundering) criminal proceeds and the financing of terrorism. ” In accordance with the changes that will come into force on 04/05/2019, the ML/TF risk management systems in credit institutions will have to take into account the results of a national risk assessment of transactions (transactions) in order to legalize (launder) proceeds from crime, and the financing of terrorism, posted on the official website of the authorized body on the Internet information and telecommunications network.

The possibility for credit institutions to install in the Risk Management Programs “other factors independently determined by the credit organization” scares many, but these factors must be fixed, fixed in the Rules of the credit organization. And no one has canceled a systematic approach - why are some requirements for some, and others for others? “Documentary fixation” will compel to substantiate certain AML/CFT measures.

In accordance with the Bank of Russia Newsletter No. IN-014-12/27 of 03/27/2019 “On Approaches to the Procedure for the Implementation of Credit Rights by Credit Institutions Provided by Sub-clause 1.1 of Clause 1 of Article 7 of Federal Law No. 115 “On Counteracting Legalization (Laundering) of Revenues criminal proceeds and the financing of terrorism” the Bank of Russia draws the attention of credit institutions to the need to follow the results of their assessment of the extent (level) of the risk of a client’s operations for AML/FT when implementing these powers in accordance with its own rules of internal control in order to counter the legalization (laundering) of proceeds from crime and the financing of terrorism.

Will high-risk transactions (deals) with digital assets be added to the list? Definitely! Companies need to start preparing letter templates - explanations about the sources of funds received to the account, etc.

The Bank of Russia still had to pay attention to the not quite adequate measures of credit institutions regarding blocking accounts under federal law 115, inquiries about the source of clients funds, whose operations in principle do not bear and cannot bear the risks of ML/FT and the risk of involvement credit organization in the scheme of ML/FT.

Let's hope for positive changes, because for a long time, the “struggle” of a number of banks on AML/CFT issues has discredited the AML/CFT system as a whole, and only the one who has not come to the bank does not care about 115-FL.

At the same time, the information letter of Rosfinmonitoring dated March 1, 2019 No. 59 “On Methodological Recommendations for Assessing ML/TF Risks by Organizations that Operate with Monetary Funds or Other Property and individual entrepreneur” was discussed.

From which it was seen that there are three types of risks:

- risks associated with countries and individual geographic territories (country risks);

- customer related risks (customer risks);

- risks associated with products, services, operations (transactions) or supply chains made by the customer (operational risks), a high level for operations with digital assets.

There is a gap in the regulation of crypto-assets that Congress needs to fix. The gap is contributing to fraud and weak investor protection in the distribution and trading of crypto-assets. In “It’s time to strengthen the regulation of crypto-assets,” Timothy G. Massad discusses how better regulation will benefit crypto investors, further the development of new technologies, curtail the use of crypto-assets used for illicit payments, and reduce the risk of cyber attacks, which can result in collateral damage elsewhere in our financial system.

Crypto-assets cut across current jurisdictional boundaries and thus fall into gaps between regulatory authorities. While each of the Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission (CFTC) has some authority over crypto-assets, neither has sufficient jurisdiction, nor do they together.

The hype surrounding Bitcoin and other crypto-assets has contributed to regulatory distraction. Bitcoin’s creators promised it would solve the “trust problem” and reduce our reliance on centralized financial intermediaries. However, it has not reduced our reliance on financial intermediaries or eroded the power of our largest institutions. Indeed, crypto-assets have created new financial intermediaries that are less accountable than the big banks.

New crypto exchanges and trading platforms are not subject to the traditional standards required of securities and derivatives market intermediaries. As a result, investor protection is weak and allegations of fraud and conflicts of interest are frequent.

There are no specific rules to ensure protection of customer assets. One supposed virtue of distributed ledger technology (DLT) is to provide an immutable record of ownership. Yet some platforms do not actually record customer interests on the blockchain and may operate without sufficient assets to cover customer claims. It is like fractional reserve banking without the regulatory framework or insurance that protects depositors. There are no rules regarding how trades are executed.

Crypto exchanges are not required to have systems to prevent fraud and manipulation, nor are there rules to prevent or minimize conflicts of interest. Crypto exchanges can engage in proprietary trading against their customers, something the New York Stock Exchange cannot do. Regulations to minimize operational risk and ensure system safeguards are needed, just as with securities and derivatives intermediaries.

Inadequate regulatory oversight creates broader societal risks with respect to cyber security and illicit payments. Unlike banks and exchanges, crypto intermediaries do not face any specific cyber security requirements, and cyber hacks are common: “Hacking [against crypto institutions] is on the rise because it works.”

Source: The Brookings Institution.