Security News

The Dutch police arrested a 39-year-old man on suspicions of laundering tens of millions of euros worth of cryptocurrency stolen in phishing attacks. The arrest occurred in the early morning of September 6, 2022, with the police seizing devices and "Data carriers" to aid the ongoing investigations.

The U.S. Treasury Department on Monday placed sanctions against crypto mixing service Tornado Cash, citing its use by the North Korea-backed Lazarus Group in the high-profile hacks of Ethereum bridges to launder and cash out the ill-gotten money. "Despite public assurances otherwise, Tornado Cash has repeatedly failed to impose effective controls designed to stop it from laundering funds for malicious cyber actors on a regular basis and without basic measures to address its risks," Brian E. Nelson, under secretary of the Treasury for terrorism and financial intelligence, said.

The U.S. Department of Treasury today sanctioned cryptocurrency mixer Blender.io used last month by the North Korean-backed Lazarus hacking group to launder funds stolen from Axie Infinity's Ronin bridge. In the wake of the attack, Sky Mavis revealed that hackers breached the Ronin bridge on March 23 to steal 173,600 Ethereum and 25.5M USDC tokens in two transactions worth $617 million at the time, the largest cryptocurrency hack in history.

The Russian cybercrime community, one of the most active and prolific in the world, is turning to alternative money-laundering methods due to sanctions on Russia and law enforcement actions against dark web markets. First came the bank sanctions and the blocking of SWIFT payments, a result of the Russian invasion of Ukraine.

An Israeli national was sentenced to 97 months in prison in connection with operating the DeepDotWeb clearnet website, nearly a year after the individual pleaded guilty to the charges. He pleaded guilty to money laundering charges in March 2021 and agreed to forfeit the illegally amassed profits.

Europol has announced the arrest of 1,803 money mules out of 18,351 identified following an international money-laundering crackdown operation codenamed "EMMA 7.". O. Money mules are people who receive and transfer money on behalf of scammers and fraudsters, helping them launder the stolen amounts in exchange for a small cut.

BEC scams use various tactics to compromise or impersonate business email accounts with the end goal of redirecting pending or future payments to bank accounts under a threat actor's control. One of the case examples in the indictment document seen by Bleeping Computer, mentions a single transaction of $356,954, sent by a victim in Boston to what they thought was the bank account of their business partner.

Gift card fraud still fills a distressing niche in the cybercrime ecosystem, where a gang of crooks redeem gift cards that you paid for, either because you were convinced that those cards were earmarked for something else, or because the crooks got temporary access to one of your online accounts that allowed them to buy gift cards on your dime. The US Department of Justice announced this week the indictment of four suspected gift card scammers, and alleges that that these four had ended up with more than 5000 fradulently obtained cards to spend on themselves.

As part of its continued hardline against ransomware attacks, the U.S. Department of Treasury has prohibited anyone in the United States from conducting business with SUEX OTC, a Russian-linked currency exchange. The feds analyzed SUEX's transactions and found that the exchange facilitated transactions of illicit proceeds from at least eight ransomware variants, according to the release.

Larry Dean Harmon, the owner of a dark web cryptocurrency laundering service known as Helix, pleaded guilty today of laundering over $300 million worth of bitcoins between 2014 and 2017. "In total, Helix moved over 350,000 bitcoin - valued at over $300 million at the time of the transactions - on behalf of customers, with the largest volume coming from Darknet markets."