July 24, 2020

CipherTrace

Predicting Crypto Crimes | Following the Twitter Hack Bitcoin | Supercar and Crypto Scam Busted | Cali Uni Pays Ransom | FBI Allegations

CipherTrace Looks Into the Future to Mitigate Crypto AML Risks
On the Blog: Twitter Hacked— Scammed Funds Traced to Exchanges and Mixing Services
Chinese Authorities Bust Arbitrage Scam and Seize $15M in Assets
California University Pays $1 Million in Crypto to Hackers Following Ransomware Attack
FBI says Alleged Scammers Hid $14 Million of Stolen Funds in Bitcoin

CipherTrace Introduces Cryptocurrency Real-Time Predictive Risk Scoring

On July 21, CipherTrace announced the roll-out of cryptocurrency real-time transaction risk scoring with the addition of predictive capabilities to help exchanges, ATMs, OTC desks, hedge funds, custody solutions, payment processors, and financial investigators to ensure compliance with Anti-Money Laundering (AML), Counter-Terrorist Financing (CTF), and sanctions requirements.

Real-time analytics and predictive risk scoring for cryptocurrencies enables exchanges and other Virtual Asset Service Providers (VASPs) to be able to score transactions from low to high risk based on whether the funds have been tainted by traveling through illicit paths or associated with known bad actors or sanctioned geographies.

Read the press release: https://ciphertrace.com/ciphertrace-introduces-cryptocurrency-real-time-predictive-risk-scoring/

Social Media Giant Twitter Compromised by Insiders

On July 15, Twitter accounts for multiple high-profile cryptocurrency exchanges, public figures, and various entities were taken over by hackers promoting a Bitcoin Doubler scam.

As of this writing, the scammers have already begun moving funds into cryptocurrency exchanges and mixing services. Links to our full analysis are included below.

CipherTrace will continue to monitor the hacker’s addresses for movement. This is a developing story. We will update the community as more information comes to light and our investigation continues.

Twitter Hack Analysis Part 1: https://ciphertrace.com/twitter-hacked-insiders-compromise-social-media-giant/

Twitter Hack Analysis Part 2: https://ciphertrace.com/twitter-hack-update-scammed-funds-traced-to-exchanges-and-mixing-services/

$15M in Crypto and Supercars Seized as Chinese Police Bust Arbitrage Scam

On July 9, China’s Ministry of Public Security announced they had seized over $15 million in crypto and supercars worth an additional $2 million from the alleged operators of a novel scam that sold counterfeit tokens. This operation resulted in the arrests of ten individuals suspected of operating the fraudulent scheme.

According to the ministry, this is the first reported criminal case in China where victims were allegedly scammed using blockchain smart contracts to generate fake cryptocurrencies. The case was first reported to the police in April by a victim, identified as Li, who had joined a Telegram group called “Huobi Global Arbitrage HT Chinese Community.”

According to Li, the group advertised a blockchain smart contract that supposedly generated Huobi Tokens (HT) that could yield an arbitrage opportunity with a return of 8%. Li explained how the smart contract worked: “Simply put, you send one unit of ETH to a designated address, you will receive 60 HT. And then you can sell it to gain the difference.” However, after Li sent 10 ETH to the ethereum address provided by the Telegram group’s administrator, the 600 HT he received in return were fake tokens which could not be deposited for selling.

Why It Matters: Of the $1.36 billion netted by criminals from crypto crimes during the first five months of 2020, fraud and misappropriation were responsible for the lion’s share. It can be difficult to uncover schemes like this fake, HT token-generating smart contract given it was operated from a private Telegram group. The backdoor nature of many such scams highlights the importance of continued education of the public and greater crypto community about how to identify scams and protect against losses.

UCSF Pays $1 Million Ransom Following Attack by NetWalker

At the start of June, the University of California San Francisco School of Medicine paid more than $1 million to quell a ransomware attack launched by the NetWalker group.

According to IT staff at the school of medicine, the ransomware attack had a massive impact but only on a limited number of server. Despite this, and the fact that many important access areas were isolated from the greater public network, the hackers were able to successfully deploy the ransomware software.

UCSF said: “The data that was encrypted is important to some of the academic work we pursue as a university serving the public good. […] We, therefore, made the difficult decision to pay some portion of the ransom, approximately $1.14 million, to the individuals behind the malware attack in exchange for a tool to unlock the encrypted data and the return of the data they obtained.”

Why It Matters: As ransomware attacks become more frequent and advanced, it will be that much more important to trace these stolen funds. As more VASPs enact best KYC and AML practices, it will be that much more difficult for bad actors to launder their stolen funds through crypto exchanges.

Read more in CryptoDaily here: https://cryptodaily.co.uk/2020/07/uni-cali-pays-ransomware

Instagram Influencer “Hushpuppi” Hides $14 Million of Stolen Funds in Bitcoin

The Federal Bureau of Investigation believes two Nigerian nationals may have hidden a significant amount of the $17 million they acquired through a phishing scheme in Bitcoin. The scammers were reportedly identified as Raymond Abbas, known to his 2.4 million Instagram followers as “Hushpuppi,” and Olalekan Jakob Ponle, known as “Mr. Woodbery.”

The pair allegedly posed as the accountants of two Chicago-based companies as part of a large-scale phishing scheme. One firm reportedly lost $15.2 million in this manner while another company’s employees transferred over $2.3 million to the suspects.

A criminal complaint filed by the US Attorney for the Northern District of Illinois and a special agent-in-charge of the Chicago office of the FBI stated, “The emails were nearly identical to prior legitimate emails sent over the company’s email account, but the fraudulent emails instructed victims to wire funds to a bank account that was set up by money mules at the direction of Ponle.”

Brigadier Jamal Salem Al Jallaf, the director of Dubai’s Criminal Investigation Department, said the local police also confiscated “incriminating documents of a planned fraud on a global scale worth AED 1.6 billion ($435 million).”

Why It Matters: As crypto scams increase in scope and complexity, they are beginning to involve larger corporations and more capital. This development will necessitate continued strategic coordination from law enforcement agencies around the world to identify and prosecute bad actors using crypto to conduct fraudulent dealings.