Attacks/Breaches

1/22/2019
10:30 AM
 Alexon Bell
Alexon Bell
Commentary
Connect Directly
LinkedIn
RSS
E-Mail vvv
100%
0%

How Cybercriminals Clean Their Dirty Money

By using a combination of new cryptocurrencies and peer-to-peer marketplaces, cybercriminals are laundering up to an estimated $200 billion in ill-gotten gains a year. And that's just the beginning.

Cybercriminals, the same shadowy figures who use ransomware, email scams, denial-of-service attacks and other methods to earn a living, have turned to money laundering to hide and eventually "cash out" the profits of their criminal deeds. And it's no wonder why when you consider that cybercrime is a lucrative business, with some bad guys making an estimated $20,000 per month or more.

By definition, money laundering is the process of disguising the proceeds of crime by integrating it into the legitimate financial system. The bad guys do so because spending illicit money can attract unwanted attention, and it is difficult to explain where the funds came from.

By using a combination of new cryptocurrencies and peer-to-peer (P2P) marketplaces, cybercriminals are laundering up to an estimated $200 billion in ill-gotten gains a year, according to a nine-month academic study by Dr. Mike McGuire, senior lecturer in criminology at Surrey University. That number represents an estimated 8%-10% of total illegal profits laundered globally.

It did not take long for the bad guys to jump on the cryptocurrency bandwagon — and for all the wrong reasons. First it was bitcoin and its use on sites such as Silk Road and AlphaBay. Now they are moving to newer and lesser-known virtual currencies that are not in as many headlines and easier to manipulate. These transactions do not require people to use their real names, so they can buy and sell currency from unidentifiable addresses. Cryptocurrencies are also attractive because they are highly portable; you can carry millions of pounds of coins on a USB drive and easily move across borders via email or on a plane.

Modern e-commerce is another target for cybercriminals. They create money-laundering schemes that use legitimate websites as payment processors. First, they make illegal purchases online and have them appear as lawful transactions on their bank statements. Next, the dirty money moves straight to online merchants, who funnel it through other legitimate payment ecosystems.

In other instances, the bad guys create fake e-commerce sites that look and feel like the real thing but actually don't sell anything. They are simply online money-laundering boutiques, just like that empty bricks-and-mortar store that is actually a front for illegal activity.

Exploiting Brand-Name Payment Systems
Some of the Internet's biggest marketplaces are now being exploited by cybercriminal money launderers thanks to their online payment systems, ease of use, and huge global adoption. This allows the bad guys to stay under the radar among thousands of other users. P2P marketplaces such as Uber and Airbnb have also been exploited by criminals looking to launder dirty money, hiding their activity among thousands of legitimate transactions.

According to news accounts, criminals were booking fake Airbnb stays to launder dirty money. They used credit cards and money transfers from mule accounts to book and pay for rooms through this peer-to-peer platform. All of this is conducted online and is a very effective way to turn illicit proceeds into legitimate earnings. Plus, it has the added advantage of moving many of these payments across borders.

Criminals have also discovered how to launder their money through fake Uber transactions. To do so, middlemen use stolen credit cards to book "ghost rides" — rides that never happened — with complicit drivers. The middlemen and drivers take a cut, leaving the rest of the now-laundered money with the client. The ease with which this can be done is testament to the difficulty of policing thousands of P2P transactions across multiple territories. The current systems, put in place to monitor transactions and flag suspicious activity, simply aren't stringent enough to spot these types of cons.

The bottom line is that money laundering continues to be a complex issue, and technology is increasing the complexity of this challenge. Why? Because money laundering often starts with small dollar amounts that travel undetected before being moved around the world in large volumes. It involves a complicated web of companies, individuals, trades, settlements and payments organized by seemingly ordinary individuals who are hard to identify as money launderers.

This past year has been especially noteworthy as several large, high-profile European financial institutions have gone under fire for money-laundering scandals. Yet money laundering today isn't just something rich white-collar criminals do to hide illicit money. Nor is it, despite the many headlines, just a European problem. Even worse, going forward, experts such as Cisco predict that there will be more than 50 billion connected devices across the world by 2020, so criminals will have an even better chance to hide their activities via P2P lending and the ability to initiate payments via mobile providers, Facebook, and a multitude of payment apps.

Related Content:

 

Alexon is a hands-on anti-money laundering (AML) practitioner with over 16 years' experience helping financial institutions with AML strategies, architectures and implementations. He has a wealth of experience in helping customers deploy and crucially optimize AML, KYC ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
MarkSindone
50%
50%
MarkSindone,
User Rank: Apprentice
2/18/2019 | 11:36:10 PM
Increase and improve
They need to be really good at their line of work to clean up the mess that they have created. Should they leave just a single trace of evidence, it would be easy to nail them. As we evolve alongside tech advances, we are able to witness just how upgraded hacking techniques have emerged too. Hence, the level of security that we need to put in place needs to be tightened as well.
CameronRobertson
50%
50%
CameronRobertson,
User Rank: Moderator
2/11/2019 | 1:12:16 AM
How are we going to catch them
I reckon that with the whole entire cryptocurrency business, it's gotten a lot harder to detect people who are doing all of these illicit activities. But where there's a will, there's a way, and that's why so many of them are still getting away with millions tucked away in storage somewhere...
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
1/24/2019 | 5:19:55 PM
Re: Solutions in sight?
Thank you for this information. I look forward to diving into it.
Alexon Bell
50%
50%
Alexon Bell,
User Rank: Author
1/24/2019 | 3:16:38 PM
Re: Solutions in sight?
There's actually a lot that can be done but it requires a coordinated effort between financial institutions, government and law enforcement. AI is helping to present an unprecedented level of context around data points so we're not having to use old methods that rely on triggers criminals are wise to and are already actively avoiding. By combining disparate data sets, we able to uncover the actual networks of money laundering rather than just spotting the odd transaction here and there. More on how we're doing exactly that at Quantexa: https://www.quantexa.com/solutions/anti-money-laundering/
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
1/23/2019 | 1:39:47 PM
Re: Lots of dicey brick and mortar operations could be laundering money too
@Alexon, this is very interesting and nicely complements the previous point made by SchemaCzar. This is definitely a very complex problem that has multiple challenges to contemplate.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
1/23/2019 | 1:37:21 PM
Re: Lots of dicey brick and mortar operations could be laundering money too
I'm always curious on how some smaller shops remain open for as long as they do. I think its probably more common that they are hemorrhaging debt rather than perfoming nefarious acts. Not saying thats never the case, but its surprising how long a company can compound their debt until they are forced out.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
1/23/2019 | 1:29:41 PM
Solutions in sight?
With new technologies and services being offered every day I can only see that Cisco's prediction will become more and more common as the years progress. Is there anything that can be done to stop the bleeding of money laundering?
Alexon Bell
50%
50%
Alexon Bell,
User Rank: Author
1/23/2019 | 1:12:01 PM
Re: Lots of dicey brick and mortar operations could be laundering money too
Absolutely, real estate is a popular vector for money laundering. If you're interested in an overview of the issue, you can check out my article on it here: https://moneyinc.com/my-neighbor-is-a-shell-company/
SchemaCzar
50%
50%
SchemaCzar,
User Rank: Strategist
1/23/2019 | 12:12:54 PM
Lots of dicey brick and mortar operations could be laundering money too
When you drive past a strip mall and see a business with few customers and wonder how it's paying the rent, I think I have an idea.
High Stress Levels Impacting CISOs Physically, Mentally
Jai Vijayan, Freelance writer,  2/14/2019
Valentine's Emails Laced with Gandcrab Ransomware
Kelly Sheridan, Staff Editor, Dark Reading,  2/14/2019
Making the Case for a Cybersecurity Moon Shot
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  2/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-20122
PUBLISHED: 2019-02-21
The web interface on FASTGate Fastweb devices with firmware through 0.00.47_FW_200_Askey 2017-05-17 (software through 1.0.1b) exposed a CGI binary that is vulnerable to a command injection vulnerability that can be exploited to achieve remote code execution with root privileges. No authentication is...
CVE-2018-6687
PUBLISHED: 2019-02-21
Loop with Unreachable Exit Condition ('Infinite Loop') in McAfee GetSusp (GetSusp) 3.0.0.461 and earlier allows attackers to DoS a manual GetSusp scan via while scanning a specifically crafted file . GetSusp is a free standalone McAfee tool that runs on several versions of Microsoft Windows.
CVE-2019-8982
PUBLISHED: 2019-02-21
com/wavemaker/studio/StudioService.java in WaveMaker Studio 6.6 mishandles the studioService.download?method=getContent&inUrl= value, leading to disclosure of local files and SSRF.
CVE-2019-8980
PUBLISHED: 2019-02-21
A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory consumption) by triggering vfs_read failures.
CVE-2019-8979
PUBLISHED: 2019-02-21
Koseven through 3.3.9, and Kohana through 3.3.6, has SQL Injection when the order_by() parameter can be controlled.