[ad_1]
In the world of online crime, anonymous cryptocurrencies are the chosen payment method. But at some point, virtual transports have to become cash. Enter the “Treasure Men”.
Finding a treasure man is easy if you know where to look. They are rented to Hydra, the largest market for the dark revenue network, a part of the Internet that is not visible to search engines and requires specific software to access it.
“They’ll literally leave bundles of money somewhere so you can pick them up,” said Dr. Tom Robinson, chief scientist and co-founder of Elliptic, a group that tracks and analyzes cryptographic transactions. “They bury him underground or hide him behind a bush and they will tell you the coordinates. There is a whole profession. ”
Russian-language Hydra offers many other ways for criminals to withdraw money from cryptocurrencies, such as exchanging bitcoins for gift vouchers, prepaid debit cards, or iTunes vouchers, for example.
The ability to keep cryptocurrencies without disclosing your identity has made them increasingly attractive to criminals and, most importantly, to hackers demanding ransoms after breaking into companies.
In 2020, at least $ 350 million was paid in cryptocurrency bailouts to hacker gangs, such as DarkSide, the group that closed the Colonial Pipeline earlier this month, according to Chainalysis, a research group.
But at the same time, every transaction in a cryptocurrency is recorded in an immutable blockchain, leaving a visible trail for anyone with technical knowledge.
Several crypto-forensic companies have emerged to help law enforcement track criminal groups by analyzing where coins flow.
These include New York’s Chainalysis, which raised $ 100 million in addition to a valuation of more than $ 2 billion earlier this year, London-based Elliptic, which has Wells Fargo among its investors and CipherTrace, supported by the United States government.
Dark exchanges
In total, in 2020 they received about $ 5 billion in funds from illicit entities and these illicit entities sent $ 5 billion to other entities, representing less than 1% of global cash flows. cryptocurrencies, according to Chainalysis.
In the early days of cryptocurrencies, criminals simply charged for their exchanges with major cryptocurrencies. Elliptical estimates that between 2011 and 2019, major exchanges helped collect between 60 and 80 percent of known bad player bitcoin transactions.
Last year, as exchanges began to become more concerned with regulation, many of them strengthened their anti-money laundering (AML) and customer knowledge (KYC) processes and the share was reduced to 45%.
Stricter rules have pushed some criminals into unlicensed exchanges, which typically do not require KYC information. Many operate outside jurisdictions with less stringent regulatory requirements or are outside of extradition treaties.
But Michael Phillips, head of claims for cybersecurity group Resilience, said these exchanges tend to have lower liquidity, making it more difficult for criminals to transfer cryptocurrency to fiat currencies. “The goal is to impose more costs on the business model,” he said.
There are a number of other niche ramps outside of fiat currency. Chainalysis’s analysis suggests that over-the-counter brokers help, in particular, to facilitate some of the largest illicit transactions, with some clearly established operations solely for this purpose.
Meanwhile, smaller transactions flow through the more than 11,600 cryptographic ATMs that have appeared worldwide with little or no regulation, or through online gaming sites that accept cryptography.
Forensic companies
In this context, forensic cryptographic companies use technology that analyzes blockchain transactions, along with human intelligence, to find out which cryptographic portfolios belong to which criminal groups and to trace an image of the broader and intertwined crypto criminal ecosystem.
With an overview of how criminals move their money, their research has shed light especially on how hackers rent their ransomware software to affiliate networks, while reducing revenue.
Kimberly Grauer, head of research at Chainalysis, added that hackers are increasingly paying for the assistance of other criminals, such as cloud hosting or the payment of their login credentials. its victims, with cryptography, giving researchers a more complete picture of the ecosystem.
“Actually, there is less need to charge to maintain your business models,” Grauer said. This means that “we can see the ransom paid and we can see how all the different players in the system are divided and approached.”
Lose the trail
But cybercriminals are increasingly using their own high-tech tools and techniques to try to muddy the cryptographic trace they leave behind.
Some criminals undertake what is known as “chain jumping”: jumping between different cryptocurrencies, often in quick succession, to lose trackers, or using particular “privacy coins” that have built-in additional anonymity, such as Monero.
Among the most common tools for launching odor investigators are mixers: third-party services that combine illicit funds with clean cryptography before redistributing them. In April, the Department of Justice arrested and charged a Russian-Swedish double national who operated a prolific mixing service called Bitcoin Fog, which moved about $ 335 million in bitcoins over the past decade.
“It’s possible to unclog coins,” said Katherine Kirkpatrick, a partner at the King & Spalding law firm with experience in the fight against money laundering. “But it’s highly technical and requires a lot of processing power and data.”
The “preferred obfuscation tool” in 2020, which helped facilitate 12% of all bitcoin laundering that year, were highly sophisticated “privacy portfolios” that have anonymization techniques, including built-in blending capabilities. , according to Elliptic.
“They’re basically a reliable version of a mixer and everything is done within the software,” Robinson said, noting that an open source project called Wasabi Wallet was the dominant player in space.
What comes next?
Tom Kellermann, head of VMware’s cyber security strategy and member of the U.S. Secret Service’s cyber investigation advisory board, said Tom Kellermann, head of VMware’s cyber security strategy and a member of the ‘cyber research.
Today, individual exchanges can subscribe to services of forensic companies that will notify them of suspicious activity based on their intelligence.
But in the past, experts spread the idea of having shared blacklists of portfolios known to be used by bad actors: a kind of Interpol alert, with exchanges, analysis groups and the government openly sharing. information about their research to make it possible.
“Perhaps now is the best time to reconsider some of these policy initiatives,” said Kemba Walden, deputy general counsel for Microsoft’s Digital Crimes Unit.
[ad_2]
Source link