Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

1/22/2019
10:30 AM
 Alexon Bell
Alexon Bell
Commentary
Connect Directly
LinkedIn
RSS
E-Mail vvv
100%
0%

How Cybercriminals Clean Their Dirty Money

By using a combination of new cryptocurrencies and peer-to-peer marketplaces, cybercriminals are laundering up to an estimated $200 billion in ill-gotten gains a year. And that's just the beginning.

Cybercriminals, the same shadowy figures who use ransomware, email scams, denial-of-service attacks and other methods to earn a living, have turned to money laundering to hide and eventually "cash out" the profits of their criminal deeds. And it's no wonder why when you consider that cybercrime is a lucrative business, with some bad guys making an estimated $20,000 per month or more.

By definition, money laundering is the process of disguising the proceeds of crime by integrating it into the legitimate financial system. The bad guys do so because spending illicit money can attract unwanted attention, and it is difficult to explain where the funds came from.

By using a combination of new cryptocurrencies and peer-to-peer (P2P) marketplaces, cybercriminals are laundering up to an estimated $200 billion in ill-gotten gains a year, according to a nine-month academic study by Dr. Mike McGuire, senior lecturer in criminology at Surrey University. That number represents an estimated 8%-10% of total illegal profits laundered globally.

It did not take long for the bad guys to jump on the cryptocurrency bandwagon — and for all the wrong reasons. First it was bitcoin and its use on sites such as Silk Road and AlphaBay. Now they are moving to newer and lesser-known virtual currencies that are not in as many headlines and easier to manipulate. These transactions do not require people to use their real names, so they can buy and sell currency from unidentifiable addresses. Cryptocurrencies are also attractive because they are highly portable; you can carry millions of pounds of coins on a USB drive and easily move across borders via email or on a plane.

Modern e-commerce is another target for cybercriminals. They create money-laundering schemes that use legitimate websites as payment processors. First, they make illegal purchases online and have them appear as lawful transactions on their bank statements. Next, the dirty money moves straight to online merchants, who funnel it through other legitimate payment ecosystems.

In other instances, the bad guys create fake e-commerce sites that look and feel like the real thing but actually don't sell anything. They are simply online money-laundering boutiques, just like that empty bricks-and-mortar store that is actually a front for illegal activity.

Exploiting Brand-Name Payment Systems
Some of the Internet's biggest marketplaces are now being exploited by cybercriminal money launderers thanks to their online payment systems, ease of use, and huge global adoption. This allows the bad guys to stay under the radar among thousands of other users. P2P marketplaces such as Uber and Airbnb have also been exploited by criminals looking to launder dirty money, hiding their activity among thousands of legitimate transactions.

According to news accounts, criminals were booking fake Airbnb stays to launder dirty money. They used credit cards and money transfers from mule accounts to book and pay for rooms through this peer-to-peer platform. All of this is conducted online and is a very effective way to turn illicit proceeds into legitimate earnings. Plus, it has the added advantage of moving many of these payments across borders.

Criminals have also discovered how to launder their money through fake Uber transactions. To do so, middlemen use stolen credit cards to book "ghost rides" — rides that never happened — with complicit drivers. The middlemen and drivers take a cut, leaving the rest of the now-laundered money with the client. The ease with which this can be done is testament to the difficulty of policing thousands of P2P transactions across multiple territories. The current systems, put in place to monitor transactions and flag suspicious activity, simply aren't stringent enough to spot these types of cons.

The bottom line is that money laundering continues to be a complex issue, and technology is increasing the complexity of this challenge. Why? Because money laundering often starts with small dollar amounts that travel undetected before being moved around the world in large volumes. It involves a complicated web of companies, individuals, trades, settlements and payments organized by seemingly ordinary individuals who are hard to identify as money launderers.

This past year has been especially noteworthy as several large, high-profile European financial institutions have gone under fire for money-laundering scandals. Yet money laundering today isn't just something rich white-collar criminals do to hide illicit money. Nor is it, despite the many headlines, just a European problem. Even worse, going forward, experts such as Cisco predict that there will be more than 50 billion connected devices across the world by 2020, so criminals will have an even better chance to hide their activities via P2P lending and the ability to initiate payments via mobile providers, Facebook, and a multitude of payment apps.

Related Content:

 

Alexon is a hands-on anti-money laundering (AML) practitioner with over 16 years' experience helping financial institutions with AML strategies, architectures and implementations. He has a wealth of experience in helping customers deploy and crucially optimize AML, KYC ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
MarkSindone
50%
50%
MarkSindone,
User Rank: Moderator
2/18/2019 | 11:36:10 PM
Increase and improve
They need to be really good at their line of work to clean up the mess that they have created. Should they leave just a single trace of evidence, it would be easy to nail them. As we evolve alongside tech advances, we are able to witness just how upgraded hacking techniques have emerged too. Hence, the level of security that we need to put in place needs to be tightened as well.
CameronRobertson
50%
50%
CameronRobertson,
User Rank: Moderator
2/11/2019 | 1:12:16 AM
How are we going to catch them
I reckon that with the whole entire cryptocurrency business, it's gotten a lot harder to detect people who are doing all of these illicit activities. But where there's a will, there's a way, and that's why so many of them are still getting away with millions tucked away in storage somewhere...
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
1/24/2019 | 5:19:55 PM
Re: Solutions in sight?
Thank you for this information. I look forward to diving into it.
Alexon Bell
50%
50%
Alexon Bell,
User Rank: Author
1/24/2019 | 3:16:38 PM
Re: Solutions in sight?
There's actually a lot that can be done but it requires a coordinated effort between financial institutions, government and law enforcement. AI is helping to present an unprecedented level of context around data points so we're not having to use old methods that rely on triggers criminals are wise to and are already actively avoiding. By combining disparate data sets, we able to uncover the actual networks of money laundering rather than just spotting the odd transaction here and there. More on how we're doing exactly that at Quantexa: https://www.quantexa.com/solutions/anti-money-laundering/
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
1/23/2019 | 1:39:47 PM
Re: Lots of dicey brick and mortar operations could be laundering money too
@Alexon, this is very interesting and nicely complements the previous point made by SchemaCzar. This is definitely a very complex problem that has multiple challenges to contemplate.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
1/23/2019 | 1:37:21 PM
Re: Lots of dicey brick and mortar operations could be laundering money too
I'm always curious on how some smaller shops remain open for as long as they do. I think its probably more common that they are hemorrhaging debt rather than perfoming nefarious acts. Not saying thats never the case, but its surprising how long a company can compound their debt until they are forced out.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
1/23/2019 | 1:29:41 PM
Solutions in sight?
With new technologies and services being offered every day I can only see that Cisco's prediction will become more and more common as the years progress. Is there anything that can be done to stop the bleeding of money laundering?
Alexon Bell
50%
50%
Alexon Bell,
User Rank: Author
1/23/2019 | 1:12:01 PM
Re: Lots of dicey brick and mortar operations could be laundering money too
Absolutely, real estate is a popular vector for money laundering. If you're interested in an overview of the issue, you can check out my article on it here: https://moneyinc.com/my-neighbor-is-a-shell-company/
SchemaCzar
50%
50%
SchemaCzar,
User Rank: Strategist
1/23/2019 | 12:12:54 PM
Lots of dicey brick and mortar operations could be laundering money too
When you drive past a strip mall and see a business with few customers and wonder how it's paying the rent, I think I have an idea.
Tor Weaponized to Steal Bitcoin
Dark Reading Staff 10/18/2019
Data Privacy Protections for the Most Vulnerable -- Children
Dimitri Sirota, Founder & CEO of BigID,  10/17/2019
State of SMB Insecurity by the Numbers
Ericka Chickowski, Contributing Writer,  10/17/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
2019 Online Malware and Threats
2019 Online Malware and Threats
As cyberattacks become more frequent and more sophisticated, enterprise security teams are under unprecedented pressure to respond. Is your organization ready?
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-9501
PUBLISHED: 2019-10-22
The Artificial Intelligence theme before 1.2.4 for WordPress has XSS because Genericons HTML files are unnecessarily placed under the web root.
CVE-2019-16971
PUBLISHED: 2019-10-22
In FusionPBX up to 4.5.7, the file app\messages\messages_thread.php uses an unsanitized "contact_uuid" variable coming from the URL, which is reflected on 3 occasions in HTML, leading to XSS.
CVE-2019-16972
PUBLISHED: 2019-10-22
In FusionPBX up to 4.5.7, the file app\contacts\contact_addresses.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.
CVE-2019-16973
PUBLISHED: 2019-10-22
In FusionPBX up to 4.5.7, the file app\contacts\contact_edit.php uses an unsanitized "query_string" variable coming from the URL, which is reflected in HTML, leading to XSS.
CVE-2015-9496
PUBLISHED: 2019-10-22
The freshmail-newsletter plugin before 1.6 for WordPress has shortcode.php SQL Injection via the 'FM_form id=' substring.