August 21, 2020

CipherTrace

U.S. Authorities Seize Millions in Cryptocurrency Donated to Terrorists
Man Charged with Laundering Millions Through Unlicensed ATM Network
Yam Finance Locks-in Over $500M, then Contract Bug Reveal Drops Coin Value
Federal Reserve Announces Research Cooperative with MIT on Digital Currency
$30M in Crypto Seized From the Operators of Streaming Site movie.2k.to
Pharmacist and Drug Vendor Charged With Dark-Web Drug Trafficking
Hackers Had Control of 24% of Tor Exit Nodes at May Peak

If you didn’t catch the August 4th episode of Laura Shin’s Unchained podcast “Why The Travel Rule Is One Of The Most Significant Regulations In Crypto” featuring CipherTrace CEO Dave Jevans and Siân Jones, Senior Partner at XReg Consulting, you can listen here:
https://unchainedpodcast.com/why-the-travel-rule-is-one-of-the-most-significant-regulations-in-crypto/
Version 8 of the Travel Rule Information Sharing Architecture whitepaper addresses the sunrise problem and compatibility. TRISA introduces critical infrastructure enabling Mutual VASP Authentication and distributed trust between counter-parties.
https://trisa.io/trisa-whitepaper/
https://trisa.io/trisa-introduces-vasp-directorycertificate-authority/

DOJ Seizures of Cryptocurrency Donations Puts a $2M Hole in Terrorist Finances

The U.S. Department of Justice announced the seizure of $2 million in cryptocurrency from prominent terrorist groups, including al-Qaeda, ISIS, and Hamas. The funds came from cryptocurrency donations the groups solicited online via social media and their own websites.

Terrorist groups like these can abuse cryptocurrency to buy weapons, train operatives, and cover international transportation costs. “It should not surprise anyone that our enemies use modern technology, social media platforms and cryptocurrency to facilitate their evil and violent agendas,” according to Attorney General William Barr.

Authorities conducted their investigation in concert with covert operators. In addition to donations, terrorists garnered funds through fake charity fronts and scams involving the sale of protective supplies related to the coronavirus pandemic, according to IRS’s Don Fort.

Why it matters: The takedown of these three terrorism financing campaigns demonstrate the essential role blockchain analytics play in identifying bad actors and keeping cryptocurrency safe, secure and trusted by authorities.

Read the DOJ Press Release: https://www.justice.gov/opa/pr/global-disruption-three-terror-finance-cyber-enabled-campaigns

US Attorney’s Office Charges Man with Operating Unlicensed ATM Network

The US Attorney’s office released a statement detailing the guilty plea of a Yorba Linda man, Kais Mohammad, for his involvement in Herocoin—an illegal cryptocurrency business that exchanged up to $25 million through in-person transactions and a network of Bitcoin ATM kiosks.

According to his plea agreement, Mohammad offered in-person bitcoin-for-cash exchange services, in amounts up to $25,000. In a typical arrangement, Mohammad generally did not ask about the source of clients’ funds and, on many occasions, he knew the funds had originated from criminal activity.

Mohammad also owned a network of Bitcoin ATM-type kiosks located in a network of malls, gas stations, and convenience stores across the greater LA area. These kiosks allowed customers to buy bitcoin with cash, or sell bitcoin in exchange for cash.

According to his plea agreement, Mohammad knowingly decided not to register Herocoin with the US Treasury Department’s Financial Crimes Enforcement Network (FinCEN). He also reportedly refused to develop an effective anti-money laundering program and failed to file currency transaction reports for suspicious exchanges.

Why It Matters: While bitcoin ATMs have been known to service criminals and scammers in the past, the global regulatory landscape is tightening for crypto ATM operators. New legislation has been created in countries around the world specifically to regulate businesses that swap crypto for cash, requiring them to obtain KYC information on all transactions over a certain threshold. This KYC information gathering and record keeping is also a critical step in complying with Travel Rule regulations that crypto ATM operators also must abide by. These regulations are critical for governments to prosecute and stop those using bitcoin to launder illegal funds.

Grab a copy of our whitepaper exploring a similar case: https://ciphertrace.com/risk-mitigation-for-banks-unlicensed-bitcoin-atm-case-study/

Learn how 88% of funds sent by US Bitcoin ATMs to exchanges in 2019 were sent offshore: https://ciphertrace.com/spring-2020-cryptocurrency-anti-money-laundering-report/

Federal Reserve Board Governor Announces Co-Op with MIT to Research Digital Currency

On August 13th, the Federal Reserve Board Governor Lael Brainard said the US central bank has been testing digital ledger technology to understand the impacts of a digital currency on the existing payments ecosystem, monetary policy, financial stability, and the banking sector. Brainard said, “With these important issues in mind, the Federal Reserve is active in conducting research and experimentation related to distributed ledger technologies and the potential use cases for digital currencies.”

Brainard explained that the COVID-19 pandemic has advanced the need for “immediate and trusted access to funds.” She observed that the recipients of COVID-19 stimulus funds spent them quickly, indicating the level of urgency needed.

“To enhance the Federal Reserve’s understanding of digital currencies, the Federal Reserve Bank of Boston is collaborating with researchers at the Massachusetts Institute of Technology in a multiyear effort to build and test a hypothetical digital currency oriented to central bank uses,” Brainard said.

Why It Matters: In her speech, Brainard mentioned that the rise of other CBDCs and private cryptocurrencies underscores the need for the US to seriously pursue a digital currency solution. According to Brainard, the US government needs to “remain on the frontier of research and policy development,” given the dollar’s role in the global economy.

Defi Project Yam Finance Locks in Over $500M, then Devs Reveal Contract Bug

On August 12, bitcoin.com reported that a new yield farming project, known as the Yam Finance project, saw over $460 million locked into the platform in only 17 hours. The Yam protocol combines features from a variety of DeFi applications, such as elastic supply from Ampleforth, fair distribution from Yearn Finance, and on-chain governance from Compound Finance.

Yam is an “experimental protocol mashing up some of the most exciting innovations in programmable money and governance,” explained the project’s blog post on Tuesday.

Bitmex founder Arthur Hayes seemed excited when he tweeted: “I’m a farmer now. Long live the DeFi bull market.” However, other prominent members of the crypto community have not been impressed by the Yam Finance project, highlighting that the codebase has not been audited.

In an affirmation to the concerns about the lack of a security audit on Yam codebase, the Yam team announced on Twitter that a bug in the smart contract affected the rebasing contract. “All funds in the staking contract are safe, as this is an unrelated part of the protocol,” the team tweeted. Shortly after this announcement, the project’s token dropped sharply in value.

Why It Matters: Despite the many advantages that DeFi can bring, the relatively new status of the movement means it comes with many inherent risks. One such risk that has plagued other large DeFi projects in the past is smart contract vulnerability. Even if the developers had positive intentions for their project, if a contract is released into the ecosystem with a flaw in its code, it can lead to loss of funds for those involved.

FBI and German Police Charge Operators of movie2k.to and Seize $30M in Crypto

As a result of a joint investigation between the FBI and German authorities, over 25 million euros worth of cryptocurrency—$29.6 million worth of Bitcoin (BTC) and Bitcoin Cash (BCH)—has been seized from those implicated in the illegal movie streaming site movie2k.to.

According to the German newspaper Der Spiegel, movie2k.to was one of the largest platforms for the sharing of pirated movies. The site was officially shut down in spring 2013 due to copyright infringement concerns; prior to the shutdown, the site’s operators were allegedly able to distribute 880,000 pirated copies of films. One of movie2k.to’s operators, who worked as the site’s programmer, has been in police custody since November 2019. The programmer has now comprehensively confessed to the charges and is reportedly assisting authorities in their continuing investigations into the second main operator, who remains on the run.

Pharmacist and Drug Vendor Duo Trafficked $270m in Drugs Through the Dark-Web

A large-scale drug vendor and his supplier have been formally charged in the US for using the dark web to allegedly sell over $200 million in illegal narcotics.

The vendor in question, David Pate, and pharmacist Jose Hou were both charged by a federal grand jury in the District of Columbia on Tuesday for the illegal sale of opioids over the dark web. The seven counts against the operators include “conspiring to distribute controlled substances, distribution of controlled substances, conspiring to import controlled substances, conspiring to launder money, and laundering of monetary instruments.”

According to court documents, the pair used the handle “buyers club” to advertise the sale of an “old formula” of OxyContin that could be crushed and then inhaled or injected. New versions of the drug have safeguards to prevent such abuse.

Hackers Use Control of 24% of Tor Exit Nodes to Steal Bitcoin from Mixers

On August 11, Decrypt reported that over the past year, malicious actors have gained significant influence over the privacy browser Tor. This information was revealed in a report by “nusenu,” a pseudonymous cyber security researcher.

The anonymous Tor browser functions by routing web traffic through several different relays, making it difficult to identify web users. When a request on Tor bounces off the final relay, known as the exit relay, it serves the user that information.

According to nusenu, hackers are using their control of exit relay nodes on Tor to hijack cryptocurrency transactions: “It appears that they are primarily after cryptocurrency-related websites—namely multiple bitcoin mixer services. They replaced bitcoin addresses in HTTP traffic to redirect transactions to their wallets instead of the user-provided bitcoin address.”

Why It Matters: In their report, nusenu details how, at the peak, hackers were in control of “24% of the exit relays on the network, or 380, by May of this year.” That is the greatest amount of influence that hackers have had over Tor exit relays in the last five years. While blockchain protocols have to worry about 51% attacks, this case demonstrates that a 24% attack (or even a 5% attack) can pose a significant risk on other platforms.