Risk
5/28/2013
01:29 PM
Connect Directly
RSS
E-Mail
50%
50%

Liberty Reserve Laundered $6 Billion, Say Feds

Executives at money-transfer business Liberty Reserve charged with running "bank of choice for the criminal underworld."

The Department of Justice Tuesday accused executives of digital currency company Liberty Reserve of orchestrating a $6 billion money laundering scheme and running an unlicensed money-transfer business.

The Liberty Reserve investigation -- which involved law enforcement agencies in 17 countries -- is believed to be the biggest international money laundering prosecution in history, according to the Department of Justice.

A 27-page indictment, unsealed Tuesday in federal court, charged seven employees of the company, which is based in Costa Rica, with running a system "designed so that criminals could effect financial transactions under multiple layers of anonymity and thereby avoid apprehension by law enforcement."

"Not surprisingly, Liberty Reserve was in fact used extensively for illegal purposes, functioning in effect as the bank of choice for the criminal underworld," the indictment continued, which also reported that numerous stolen credit card data and personal identity information traffickers, Ponzi scheme peddlers, gambling providers, illegal drug-dealing retailers as well as hackers for hire were regular users of the service.

[ Legislation is not the answer when it comes to cyber attacks on financial institutions. Read Laws Can't Save Banks From DDoS Attacks. ]

"Liberty Reserve users routinely established accounts under false names -- including such blatantly criminal monikers as 'Russia Hackers' and 'Hacker Account,'" it read. "Liberty Reserve users then engaged in criminal transactions with an impunity that would have been impossible in the legitimate financial system."

Liberty Reserve had been regularly cited by security researchers -- together with PayPal, Western Union and WebMoney -- as being a payment scheme regularly used to sell cybercrime services.

Five of the seven people named in the indictment were arrested Friday. The arrests took place in Costa Rica, New York and Spain. Liberty Reserve's website was also shut down last week, reported security journalist Brian Krebs. According to Costa Rican news reports, the company's founder, Arthur Budovsky Belanchuk, 39, was arrested Friday in Spain.

The Liberty Reserve website shutdown caused immediate concern in the cybercrime underground, with hacker "off-sho.re," who operates a bulletproof hosting provider, telling Krebs he stood to lose $25,000 in what "could be the most massive ownage in the history of e-currency."

According to the indictment, Liberty Reserve officials attempted to evade anti-money-laundering regulations in Costa Rica by creating a portal that "appeared to give Costa Rican regulators the ability to access Liberty Reserve transactional information and monitor it for suspicious activity." But authorities said that internal communications between company employees acknowledged that the displayed information was largely "fake."

Facing increased pressure from the U.S. Department of the Treasury's Financial Crimes Enforcement Network in 2011, Liberty Reserve officials told Costa Rican regulators that the company had been purchased by a foreign company and would cease operations, according to the indictment. But they allegedly continued to operate underground, using "stripped-down staff working out of office space held in the name of shell companies."

Executives began transferring funds from Costa Rica to an account in Cyprus, and from there to accounts in Russia, according to the indictment. After Costa Rican officials seized $19.5 million, the executives allegedly began moving money to two dozen shell-company accounts held in Australia, China, Cyprus, Hong Kong, Morocco and Spain.

There is nothing in the enterprise that warrants protection more than data, but security pros all too often focus more on perimeter security. In the Tools And Strategies For File-Level Data Protection report from Dark Reading, we recommend several ways that security pros can effectively ensure that data is kept from prying eyes. (Free registration required.)

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-3345
Published: 2014-08-28
The web framework in Cisco Transport Gateway for Smart Call Home (aka TG-SCH or Transport Gateway Installation Software) 4.0 does not properly check authorization for administrative web pages, which allows remote attackers to modify the product via a crafted URL, aka Bug ID CSCuq31503.

CVE-2014-3347
Published: 2014-08-28
Cisco IOS 15.1(4)M2 on Cisco 1800 ISR devices, when the ISDN Basic Rate Interface is enabled, allows remote attackers to cause a denial of service (device hang) by leveraging knowledge of the ISDN phone number to trigger an interrupt timer collision during entropy collection, leading to an invalid s...

CVE-2014-4199
Published: 2014-08-28
vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other products, allows local users to write to arbitrary files via a symlink attack on a file in /tmp.

CVE-2014-4200
Published: 2014-08-28
vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other products, uses 0644 permissions for the vm-support archive, which allows local users to obtain sensitive information by extracting files from this archive.

CVE-2014-0761
Published: 2014-08-27
The DNP3 driver in CG Automation ePAQ-9410 Substation Gateway allows remote attackers to cause a denial of service (infinite loop or process crash) via a crafted TCP packet.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.