Security News

Here's everything you need to know about what services need an AML revamp and how they should go about it. Gather enough data as fast as possible, and you can instantly spot bad actors and block them out, and move to more extensive KYC procedures to ensure their names do not appear on any AML lists and gauge the true intentions of suspicious users, saving money on unnecessary KYC and AML screenings.

The U.S. Department of Justice arrested and charged Russian national Anatoly Legkodymov, the founder of the Hong Kong-registered cryptocurrency exchange Bitzlato, with helping cybercriminals allegedly launder illegally obtained money. Because of "Deficient know-your-customer procedures, Bitzlato allegedly became a haven for criminal proceeds and funds intended for use in criminal activity," the DOJ said.

The Dutch police arrested a 39-year-old man on suspicions of laundering tens of millions of euros worth of cryptocurrency stolen in phishing attacks. The arrest occurred in the early morning of September 6, 2022, with the police seizing devices and "Data carriers" to aid the ongoing investigations.

The U.S. Treasury Department on Monday placed sanctions against crypto mixing service Tornado Cash, citing its use by the North Korea-backed Lazarus Group in the high-profile hacks of Ethereum bridges to launder and cash out the ill-gotten money. "Despite public assurances otherwise, Tornado Cash has repeatedly failed to impose effective controls designed to stop it from laundering funds for malicious cyber actors on a regular basis and without basic measures to address its risks," Brian E. Nelson, under secretary of the Treasury for terrorism and financial intelligence, said.

The U.S. Department of Treasury today sanctioned cryptocurrency mixer Blender.io used last month by the North Korean-backed Lazarus hacking group to launder funds stolen from Axie Infinity's Ronin bridge. In the wake of the attack, Sky Mavis revealed that hackers breached the Ronin bridge on March 23 to steal 173,600 Ethereum and 25.5M USDC tokens in two transactions worth $617 million at the time, the largest cryptocurrency hack in history.

The Russian cybercrime community, one of the most active and prolific in the world, is turning to alternative money-laundering methods due to sanctions on Russia and law enforcement actions against dark web markets. First came the bank sanctions and the blocking of SWIFT payments, a result of the Russian invasion of Ukraine.

An Israeli national was sentenced to 97 months in prison in connection with operating the DeepDotWeb clearnet website, nearly a year after the individual pleaded guilty to the charges. He pleaded guilty to money laundering charges in March 2021 and agreed to forfeit the illegally amassed profits.

Europol has announced the arrest of 1,803 money mules out of 18,351 identified following an international money-laundering crackdown operation codenamed "EMMA 7.". O. Money mules are people who receive and transfer money on behalf of scammers and fraudsters, helping them launder the stolen amounts in exchange for a small cut.

BEC scams use various tactics to compromise or impersonate business email accounts with the end goal of redirecting pending or future payments to bank accounts under a threat actor's control. One of the case examples in the indictment document seen by Bleeping Computer, mentions a single transaction of $356,954, sent by a victim in Boston to what they thought was the bank account of their business partner.

Gift card fraud still fills a distressing niche in the cybercrime ecosystem, where a gang of crooks redeem gift cards that you paid for, either because you were convinced that those cards were earmarked for something else, or because the crooks got temporary access to one of your online accounts that allowed them to buy gift cards on your dime. The US Department of Justice announced this week the indictment of four suspected gift card scammers, and alleges that that these four had ended up with more than 5000 fradulently obtained cards to spend on themselves.