Cryptocurrency and Cybercrime
BSA/AML Training for Q4, 2022
Prepared by Katrina Yen and Bill Wise
Cryptocurrency has seen a dramatic increase in users over the past few years. People all over the world have been investing and trading in Bitcoin, Ethereum, and other digital currencies that are available on the market. However, this has also created opportunities for cybercriminals to engage in illegal activities.
This training is prepared based on the material contained in the Chainalysis Crypto Crime Report published in February 2022.
In 2021, $14B worth of crypto was received by illicit addresses – almost double the amount of illegal transactions that occurred 2020, which was a total of $7.8B.
Money Laundering and Scams. There are two types of cybercrime that have been most prevalent in the last three years: stolen funds and scams.
A majority of stolen funds are held by criminal entities, and the numbers have drastically increased from $3B in 2020 to $11B in 2021.
In 2021, $7.8B of cryptocurrency was stolen via scams. $2.8B of the 2021 total came from a new type of scam called a “rug pull" where developers create seemingly legitimate cryptocurrency projects only to quickly vanish, taking all the invested money with them. Retail investors are only left with the valueless tokens, their initial investment stolen.
Scams of the “rug pull” variety can happen in both centralized and decentralized platforms. Since 2021, it appears that DeFi’s rise in transactions attracts both innocent investors and criminals alike. From 2020 to 2021, the use of these protocols for money laundering spiked 1964%, with 58% of activity taking place within the top 5 DeFi services.
In order to stop these illicit activities, it is necessary to identify where the illegal funds are coming from. Darknet markets, scams, and stolen tokens are the top three sources of illegal revenue. Unlike fiat crimes, crypto crimes have a digital trail that authorities can follow to locate and potentially seize stolen digital assets, bringing justice to victims. Cryptocurrency platforms such as Luno automatically send warnings and in-app messages to their users to protect them from high-risk wallets and addresses belonging to potential scammers. Chainalysis has also contributed greatly to making cryptocurrency transactions as safe as possible by aiding government agencies and financial institutions in identifying and investigating crimes committed on the blockchain.
NFTS. Non-fungible tokens (NFTs) are cryptographic assets on a blockchain with unique identification codes and metadata that distinguishes them from other tokens. They have also been used to represent physical assets like artwork and real estate.
NFTs are unique in that they cannot be equivalently traded or exchanged. Each individual NFT is unique, unlike fungible tokens such as Bitcoins, which are identical to each other and, therefore, can serve as a medium for commercial transactions.
NFTs became popular in 2021, and like other cryptocurrencies, have been used by cybercriminals to commit crimes such as wash trading and money laundering.
Wash trading is when a seller of an NFT creates other self-financed wallets to make fake buy offers and sales to inflate the value of their NFT. While wash trading is usually unprofitable, those few who have successfully increased their NFT values have potentially made millions worth of profit.
Criminals also use their illegally acquired funds to purchase collectible art NFTs for money laundering purposes. However, these transactions can still be tracked when illicit addresses are sending funds to the NFT marketplaces.
Ransomware. Another form of cybercrime is ransomware. In 2021, $602M worth of crypto was received by ransomware addresses. Conti and DarkSide were the top two ransomware strains recorded. Most ransomware strains operate by transferring the “ransoms” through high-risk centralized systems which have more relaxed compliance procedures. Other strains have publicly “ceased” operations only to reopen or “rebrand” under a new name.
In 2020, the US government sanctioned the Russian connected Evil Corp, one of the biggest ransomware strains, and released a statement that ransomware victims could face penalties for paying the ransoms.
The FBI was able to track and seize $2.3M out of $4.4M (75 Bitcoin) worth of ransoms from DarkSide, who acquired the funds after they had sabotaged the Colonial Pipeline.
Law enforcement is still on the lookout for ransomware crimes as they are constantly changing and rebranding.
Malware. Malware is malicious software that infiltrates a user’s device and can be used to steal information, money, and yes – crypto, which is its top value category at 73%.
Like ransomware, malware operators transfer their stolen funds to centralized exchanges.
In order to stop these attacks, cybersecurity teams need to keep up with the technology that malware criminals use to take over the computers of victims.
Terrorism Financing. Terrorist groups like Al Qaeda, ISIS, and Hamas have also tried to use crypto and blockchain technology in their operations. One of the main priorities of the US Treasury’s Office of Foreign Assets Control (OFAC) is to prevent these terrorist organizations from utilizing blockchain to fund their operations. OFAC aims to stop terrorists and criminals from being able to operate within the US financial system.
Darknet Markets. These are commercial websites on the dark web where illegal transactions such as the selling of stolen goods, drug deals, and weapons sales are performed. The number of darknet markets has declined in the past year, however, their income hit an all-time high of $2.1B in 2021.
FBI and Interpol have seized four Joker’s Stash domains which are connected to fraud shops. The US Department of Justice have also arrested 150 drug traffickers as a result of Dark HunTor. These are only some examples of how law enforcement agencies are working on taking down criminal operations attempting to hide on the Darknet.
Conclusion. The percentage of executed cryptocurrency transactions spiked by 567% in 2021 compared to 2020, and illegal transactions only increased by 79%. Out of the total transactions in 2021, only 0.15% came from illicit addresses.
This means that the improved controls and increased enforcement that have been implemented to prevent these types of crimes have been effective in lessening, if not fully eradicating the illegal use and laundering of digital currencies. Some examples are the CFTC filing of charges against several investment scams; the FBI’s takedown of the REvil ransomware strain; the OFAC sanctioning of Russia-based companies Suex and Chatex; and the US DOJ seizing $2.3M worth of crypto from DarkSide ransomware operators along with $3.6B of Bitcoin from the 2016 hack of Bitfinex.
Governing bodies are still working hard to bring down the number of illicit activities to ensure that cyber criminals have no opportunity to use blockchain technology for their activities. Thus, we can expect more regulations governing the use of cryptocurrencies in the near future.