Cash Is Still King for Criminals

Every week, Information Security Media Group rounds up cybersecurity incidents in digital assets. This week, the U.S. Treasury reported on crypto in crime, Changpeng Zhao’s sentencing was rescheduled, PlayDapp was hacked, the UN probed North Korean hacking, suspicious crypto transactions rose in South Korea, the U.K. blocked fraud sites and Hong Kong warned about crypto phishing sites.

See Also: Live Webinar | Securing the Cloud: Mitigating Vulnerabilities for Government

Cash, rather than cryptocurrencies, remains the preferred method of money laundering for criminals and organizations, says a risk assessment report from the U.S. Department of the Treasury. The report says criminals continue to use cash due to its anonymity, stability and widespread acceptance. Bulk cash smuggling, involving the transport of U.S. dollar banknotes, remains a popular method for laundering illicit proceeds both domestically and internationally.

Cryptocurrencies are a popular choice among criminals involved in ransomware, scams, drug trafficking, human trafficking and other illicit activities. Crypto companies that fail anti-money laundering and counter-terrorist financing, as well as sanctions obligations, can facilitate nefarious use, the report says, highlighting the $4.3 billion Binance settlement that resolved federal allegations that Binance had facilitated money laundering.

The Treasury Department also said that decentralized finance platforms are an emerging avenue for transferring and laundering illicit proceeds and cryptocurrency mixing services are a means for criminals to move funds with relative anonymity.

Binance founder and former CEO Changpeng Zhao will face sentencing on money laundering charges on April 30 instead of the originally scheduled Feb. 23. Zhao pleaded guilty to violating the Bank Secrecy Act after a lengthy investigation by U.S. authorities. As part of a broader agreement, Binance settled with the U.S. government for $4.3 billion, and Zhao agreed to a personal fine of $50 million. Currently out on bail with a $175 million bond, Zhao is subject to a travel ban preventing him from visiting Dubai – where his family lives – due to concerns that he is a flight risk. His potential prison term ranges from 18 months to a maximum of 10 years.

Hackers stole $290 million from crypto gaming and non-fungible token platform PlayDapp. Blockchain analytics firm Elliptic said that an unauthorized wallet minted 200 million of PlayDapp’s native PLA tokens valued at $36.5 million on Feb. 9, likely through a private key compromise. PlayDapp attempted to negotiate with the hacker and urged them to return the funds by a specific deadline. But negotiations failed, and the hacker minted an additional 1.59 billion PLA tokens worth $253.9 million and laundered the funds through other crypto exchanges. The company has temporarily paused all smart contracts and is working with law enforcement agencies and blockchain forensic firms to address the situation.

The United Nations is reportedly investigating North Korean hacking groups accused of orchestrating cyberattacks on cryptocurrency firms over a span of six years, resulting in profits of approximately $3 billion, Reuters reported. According to unpublished UN documents, an independent sanctions committee is overseeing the investigation. The groups allegedly targeted 58 crypto-related firms to support Pyongyang’s program of developing weapons of mass destruction. The UN is likely to publish a report on its findings in the next two months (see: North Korea’s Supercharged State-Backed Cryptocurrency Theft).

The South Korea Financial Intelligence Unit said that local digital asset exchanges reported a 49% increase in suspicious transactions in 2023 compared to the previous year. In 2023, local crypto exchanges filed 16,076 reports, up from 10,797 the previous year, the agency said, and notifications related to suspected crypto crimes increased by 90%. While the FIU did not disclose specific details, it tracked 100 cases of unregistered crypto loan businesses, which were handed over to national police and the South Korean tax agency. The FIU said it plans to expand its crypto team, provide education and launch a virtual asset analysis system this year.

The U.K. National Fraud Intelligence Bureau blocked 43 web domains associated with fraudulent activities. The agency has already removed nearly 300,000 malicious websites based on user reports on its official channels and hotline as of December 2023.

The Hong Kong Securities and Futures Commission and the local police issued an alert that warns about a fraudulent entity posing as the cryptocurrency exchange MEXC. The imposter deceives potential investors by tricking them into depositing funds, it says. When investors attempt to withdraw funds, they encounter difficulties. The SFC identified eight suspicious websites associated with this fraudulent entity, all containing variations of the name MEXC in their domain names.