Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

5/30/2013
01:34 AM
50%
50%

Halting Cybercrime Requires Cutting Off Easy Money

The crackdown on Liberty Reserve underscores the danger posed by anonymous money transfers using virtual or digital currencies -- a facet of cybercrime increasingly under scrutiny by law enforcement

The successful compromise of an employee's or consumer's computer is only the start of an online crime. Without the ability to move money from the victim's account to the attacker's accounts through intermediaries, most cybercriminals would be stymied.

The shutdown of the Liberty Reserve money transfer service and the arrest last week of its two founders and three other employees on charges of money laundering highlight the role that digital currencies have in the cybercrime food chain. Incorporated in Costa Rica, Liberty Reserve had more than 1 million customers worldwide and processed more than $6 billion in transfers, much of which came from the proceeds of credit-card fraud, computer hacking, identity theft, and other cybercrimes, according to a statement published this week by the U.S. Attorney's Office for the Southern District of New York.

While that seems enormous, it's hardly surprising: Almost every criminal transaction in the black market uses virtual currencies, Dmitry Bestuzhev, head of the global research and analysis team for Kaspersky Lab's Latin American operations, stated in an e-mail interview. Focusing on that aspect of cybercrime should be a priority for law enforcement agencies, he says.

"Maybe in the future we are going to see other interesting scenarios where, instead of only fighting malware, law enforcement will just cut out online payment systems and cybercriminals will be left without their main motivation -- money," Bestuzhev says.

The focus on money is as old as law enforcement's investigation of financial crimes. However, with new technologies and the increasing movement of money through virtual worlds and online exchange systems, law enforcement has only scratched the surface with its crackdown on Liberty Reserve.

Already, online users of exchange services have begun moving their money to other services. Exchange system PerfectMoney.com, for example, stated on May 27 that it was adding new servers to help manage the load caused by an influx of customers. In addition, bitcoins have become popular, and while less convenient than many other currencies, they allow anonymity -- a key attribute sought by criminals. Virtual currencies also pose a money laundering threat. In 2007, anti-fraud experts began recommending that law enforcement authorities take a hard look at virtual currencies -- those used in virtual worlds, such as Linden Labs' Second Life and Blizzard's World of Warcraft.

Just as Liberty Reserve became popular following the 2007 shutdown of a similar service, E-Gold, another service will likely crop up to replace Liberty Reserve.

[An international cybercrime ring hacked an unnamed credit card processor, stole prepaid debit cards, and quickly cashed them out in a highly orchestrated operation that spanned the globe. See 8 New Yorkers Indicted As Part of $45 Million Cyberheist Of Prepaid Debit Cards.]

"There has been an awakening to the threat of these digital currencies -- at least in the United States, and I think in other countries," says Alan Brill, senior managing director for cybercrime at global security firm Kroll. "It is really going to be a matter of how well the government is able to work with operators that are trying to do the right thing, and how those operators fare in the marketplace relative to the people who are not taking those steps."

The Financial Crimes Enforcement Network (FinCEN), part of the U.S. Department of the Treasury, issued guidance in March that classified money exchangers -- defined as persons or groups trading virtual currency for real currency -- as a money service business, or MSB, and thus open to regulation by FinCEN under the Bank Secrecy Act. Earlier this month, the U.S. Department of Homeland Security used the rule to seize U.S.-based funds of Mt.Gox, the largest bitcoin exchange, as part of its investigation into the site for unregulated money transfers.

In addition, virtual worlds -- from Second Life to the World of Warcraft -- have become potential digital pipelines for money laundering. In early May, in response to the FinCEN ruling, Linden Labs -- the creator of Second Life -- changed its terms of service to cut off third-party exchangers.

Yet the digital currency is not to blame for the problems, says Clare Chambers-Jones, an associate professor of banking and finance law at the University of the West of England (UWE) Bristol Law School.

"Because the currencies are there, you are going to have the criminals trying to use them as means to get money out of the country," she says. "It is not the digital currency that is creating a cybercrime -- it is the people. It is really that simple in my mind."

While digital currencies have not had much success in the U.S., they are starting to take off in other countries to work around their less developed or reliable banking systems. While U.S. citizens are likely to have at least one credit card to pay for online goods, for example, citizens of other countries are more likely to use some form of stored value on their mobile phones, Chambers-Jones says.

That means that digital and virtual currencies are here to stay. And while law enforcement and some federal agencies have used novel tactics to interdict the flow of criminal gains, legislators are still behind, so new regulations will be delayed, she says.

"The digital currencies are decentralized, unregulated, and these are the aspects that confuse legislators," she says. "It takes so long for any form of law to come into being, that they can't really keep up with the pace of technologies."

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message. Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
7 Tips for Infosec Pros Considering A Lateral Career Move
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2020
For Mismanaged SOCs, The Price Is Not Right
Kelly Sheridan, Staff Editor, Dark Reading,  1/22/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
IT 2020: A Look Ahead
Are you ready for the critical changes that will occur in 2020? We've compiled editor insights from the best of our network (Dark Reading, Data Center Knowledge, InformationWeek, ITPro Today and Network Computing) to deliver to you a look at the trends, technologies, and threats that are emerging in the coming year. Download it today!
Flash Poll
How Enterprises are Attacking the Cybersecurity Problem
How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-3154
PUBLISHED: 2020-01-27
CRLF injection vulnerability in Zend\Mail (Zend_Mail) in Zend Framework before 1.12.12, 2.x before 2.3.8, and 2.4.x before 2.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the header of an email.
CVE-2019-17190
PUBLISHED: 2020-01-27
A Local Privilege Escalation issue was discovered in Avast Secure Browser 76.0.1659.101. The vulnerability is due to an insecure ACL set by the AvastBrowserUpdate.exe (which is running as NT AUTHORITY\SYSTEM) when AvastSecureBrowser.exe checks for new updates. When the update check is triggered, the...
CVE-2014-8161
PUBLISHED: 2020-01-27
PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to obtain sensitive column values by triggering constraint violation and then reading the error message.
CVE-2014-9481
PUBLISHED: 2020-01-27
The Scribunto extension for MediaWiki allows remote attackers to obtain the rollback token and possibly other sensitive information via a crafted module, related to unstripping special page HTML.
CVE-2015-0241
PUBLISHED: 2020-01-27
The to_char function in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a (1) large number of digits when processing a numeric ...