Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

1/22/2019
10:30 AM
 Alexon Bell
Alexon Bell
Commentary
Connect Directly
LinkedIn
RSS
E-Mail vvv

How Cybercriminals Clean Their Dirty Money

By using a combination of new cryptocurrencies and peer-to-peer marketplaces, cybercriminals are laundering up to an estimated $200 billion in ill-gotten gains a year. And that's just the beginning.



Cybercriminals, the same shadowy figures who use ransomware, email scams, denial-of-service attacks and other methods to earn a living, have turned to money laundering to hide and eventually "cash out" the profits of their criminal deeds. And it's no wonder why when you consider that cybercrime is a lucrative business, with some bad guys making an estimated $20,000 per month or more.

By definition, money laundering is the process of disguising the proceeds of crime by integrating it into the legitimate financial system. The bad guys do so because spending illicit money can attract unwanted attention, and it is difficult to explain where the funds came from.

By using a combination of new cryptocurrencies and peer-to-peer (P2P) marketplaces, cybercriminals are laundering up to an estimated $200 billion in ill-gotten gains a year, according to a nine-month academic study by Dr. Mike McGuire, senior lecturer in criminology at Surrey University. That number represents an estimated 8%-10% of total illegal profits laundered globally.

It did not take long for the bad guys to jump on the cryptocurrency bandwagon — and for all the wrong reasons. First it was bitcoin and its use on sites such as Silk Road and AlphaBay. Now they are moving to newer and lesser-known virtual currencies that are not in as many headlines and easier to manipulate. These transactions do not require people to use their real names, so they can buy and sell currency from unidentifiable addresses. Cryptocurrencies are also attractive because they are highly portable; you can carry millions of pounds of coins on a USB drive and easily move across borders via email or on a plane.

Modern e-commerce is another target for cybercriminals. They create money-laundering schemes that use legitimate websites as payment processors. First, they make illegal purchases online and have them appear as lawful transactions on their bank statements. Next, the dirty money moves straight to online merchants, who funnel it through other legitimate payment ecosystems.

In other instances, the bad guys create fake e-commerce sites that look and feel like the real thing but actually don't sell anything. They are simply online money-laundering boutiques, just like that empty bricks-and-mortar store that is actually a front for illegal activity.

Exploiting Brand-Name Payment Systems
Some of the Internet's biggest marketplaces are now being exploited by cybercriminal money launderers thanks to their online payment systems, ease of use, and huge global adoption. This allows the bad guys to stay under the radar among thousands of other users. P2P marketplaces such as Uber and Airbnb have also been exploited by criminals looking to launder dirty money, hiding their activity among thousands of legitimate transactions.

According to news accounts, criminals were booking fake Airbnb stays to launder dirty money. They used credit cards and money transfers from mule accounts to book and pay for rooms through this peer-to-peer platform. All of this is conducted online and is a very effective way to turn illicit proceeds into legitimate earnings. Plus, it has the added advantage of moving many of these payments across borders.

Criminals have also discovered how to launder their money through fake Uber transactions. To do so, middlemen use stolen credit cards to book "ghost rides" — rides that never happened — with complicit drivers. The middlemen and drivers take a cut, leaving the rest of the now-laundered money with the client. The ease with which this can be done is testament to the difficulty of policing thousands of P2P transactions across multiple territories. The current systems, put in place to monitor transactions and flag suspicious activity, simply aren't stringent enough to spot these types of cons.

The bottom line is that money laundering continues to be a complex issue, and technology is increasing the complexity of this challenge. Why? Because money laundering often starts with small dollar amounts that travel undetected before being moved around the world in large volumes. It involves a complicated web of companies, individuals, trades, settlements and payments organized by seemingly ordinary individuals who are hard to identify as money launderers.

This past year has been especially noteworthy as several large, high-profile European financial institutions have gone under fire for money-laundering scandals. Yet money laundering today isn't just something rich white-collar criminals do to hide illicit money. Nor is it, despite the many headlines, just a European problem. Even worse, going forward, experts such as Cisco predict that there will be more than 50 billion connected devices across the world by 2020, so criminals will have an even better chance to hide their activities via P2P lending and the ability to initiate payments via mobile providers, Facebook, and a multitude of payment apps.

Related Content:

 

Alexon is a hands-on anti-money laundering (AML) practitioner with over 16 years' experience helping financial institutions with AML strategies, architectures and implementations. He has a wealth of experience in helping customers deploy and crucially optimize AML, KYC ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
MarkSindone
50%
50%
MarkSindone,
User Rank: Moderator
2/18/2019 | 11:36:10 PM
Increase and improve
They need to be really good at their line of work to clean up the mess that they have created. Should they leave just a single trace of evidence, it would be easy to nail them. As we evolve alongside tech advances, we are able to witness just how upgraded hacking techniques have emerged too. Hence, the level of security that we need to put in place needs to be tightened as well.
CameronRobertson
50%
50%
CameronRobertson,
User Rank: Moderator
2/11/2019 | 1:12:16 AM
How are we going to catch them
I reckon that with the whole entire cryptocurrency business, it's gotten a lot harder to detect people who are doing all of these illicit activities. But where there's a will, there's a way, and that's why so many of them are still getting away with millions tucked away in storage somewhere...
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
1/24/2019 | 5:19:55 PM
Re: Solutions in sight?
Thank you for this information. I look forward to diving into it.
Alexon Bell
50%
50%
Alexon Bell,
User Rank: Author
1/24/2019 | 3:16:38 PM
Re: Solutions in sight?
There's actually a lot that can be done but it requires a coordinated effort between financial institutions, government and law enforcement. AI is helping to present an unprecedented level of context around data points so we're not having to use old methods that rely on triggers criminals are wise to and are already actively avoiding. By combining disparate data sets, we able to uncover the actual networks of money laundering rather than just spotting the odd transaction here and there. More on how we're doing exactly that at Quantexa: https://www.quantexa.com/solutions/anti-money-laundering/
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
1/23/2019 | 1:39:47 PM
Re: Lots of dicey brick and mortar operations could be laundering money too
@Alexon, this is very interesting and nicely complements the previous point made by SchemaCzar. This is definitely a very complex problem that has multiple challenges to contemplate.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
1/23/2019 | 1:37:21 PM
Re: Lots of dicey brick and mortar operations could be laundering money too
I'm always curious on how some smaller shops remain open for as long as they do. I think its probably more common that they are hemorrhaging debt rather than perfoming nefarious acts. Not saying thats never the case, but its surprising how long a company can compound their debt until they are forced out.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
1/23/2019 | 1:29:41 PM
Solutions in sight?
With new technologies and services being offered every day I can only see that Cisco's prediction will become more and more common as the years progress. Is there anything that can be done to stop the bleeding of money laundering?
Alexon Bell
50%
50%
Alexon Bell,
User Rank: Author
1/23/2019 | 1:12:01 PM
Re: Lots of dicey brick and mortar operations could be laundering money too
Absolutely, real estate is a popular vector for money laundering. If you're interested in an overview of the issue, you can check out my article on it here: https://moneyinc.com/my-neighbor-is-a-shell-company/
SchemaCzar
50%
50%
SchemaCzar,
User Rank: Strategist
1/23/2019 | 12:12:54 PM
Lots of dicey brick and mortar operations could be laundering money too
When you drive past a strip mall and see a business with few customers and wonder how it's paying the rent, I think I have an idea.
COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/23/2020
7 Tips for Choosing Security Metrics That Matter
Ericka Chickowski, Contributing Writer,  10/19/2020
Russian Military Officers Unmasked, Indicted for High-Profile Cyberattack Campaigns
Kelly Jackson Higgins, Executive Editor at Dark Reading,  10/19/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-24847
PUBLISHED: 2020-10-23
A Cross-Site Request Forgery (CSRF) vulnerability is identified in FruityWifi through 2.4. Due to a lack of CSRF protection in page_config_adv.php, an unauthenticated attacker can lure the victim to visit his website by social engineering or another attack vector. Due to this issue, an unauthenticat...
CVE-2020-24848
PUBLISHED: 2020-10-23
FruityWifi through 2.4 has an unsafe Sudo configuration [(ALL : ALL) NOPASSWD: ALL]. This allows an attacker to perform a system-level (root) local privilege escalation, allowing an attacker to gain complete persistent access to the local system.
CVE-2020-5990
PUBLISHED: 2020-10-23
NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in the ShadowPlay component which may lead to local privilege escalation, code execution, denial of service or information disclosure.
CVE-2020-25483
PUBLISHED: 2020-10-23
An arbitrary command execution vulnerability exists in the fopen() function of file writes of UCMS v1.4.8, where an attacker can gain access to the server.
CVE-2020-5977
PUBLISHED: 2020-10-23
NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in NVIDIA Web Helper NodeJS Web Server in which an uncontrolled search path is used to load a node module, which may lead to code execution, denial of service, escalation of privileges, and information disclosure.