The International Association of Financial Crime Investigators runs a series of forums through the Mobilize platform. Unfortunately, most IAFCI members don’t seem to know it. If you’re a paying member of the organization, you should probably check them out.

Last week, there was a call in the BSA/AML forum for presentation ideas. I suggested the topic of DeFi, or Decentralized Finance. It’s a technology I’ve been working hard to learn recently, and I’m discovering that it’s really a complicated technology based on blockchain technology. In fact, the only thing I know for sure is that the more I learn, the more I realize I don’t know.

DeFi, or decentralized finance, utilizes software and the internet to automate financial services, eliminating the need for traditional banking systems. In contrast, traditional finance relies on banks and other institutions to facilitate every transaction. When you deposit money, take out a loan, or purchase stocks, these institutions control the processes and take their cut. DeFi eliminates these intermediaries by utilizing smart contracts, which are essentially digital agreements that automatically execute when specific conditions are met.

DeFi provides multiple benefits compared to traditional finance. It is accessible to anyone with internet access with no need for credit checks, minimum balances, or location restrictions. It functions continuously, 24/7, without regard to business hours or holidays. And users retain control over their funds instead of relying on a bank to hold them.

Lido is the largest DeFi platform by market value and offers a feature called "liquid staking." This allows users to earn rewards on their cryptocurrency holdings while still being able to use those funds for other investments, similar to earning interest on a checking account while retaining the ability to write checks.

Uniswap and Aave are two other popular DeFi platforms. Uniswap enables users to trade different cryptocurrencies directly with one another, much like a digital farmers market where buyers and sellers interact without a store owner taking a percentage of the sales. Aave allows users to lend their cryptocurrency to others and earn interest, similar to how banks pay interest on savings accounts, but often with better rates.

So, how do the two largest cryptocurrencies play into the equation?

It's important to understand the difference between Bitcoin and Ethereum. Think of Bitcoin as a specialized railway designed primarily for moving one type of cargo—Bitcoin itself. It's excellent at what it does, but has limited flexibility for other purposes. Ethereum, on the other hand, is like a sophisticated railroad system that can handle many different types of cargo cars. While it has its native currency (ETH), its real power lies in being the infrastructure that allows DeFi applications to run. Most DeFi platforms are built on Ethereum's railway system, using its tracks to move different types of digital assets and execute complex financial agreements.

The Bitcoin blockchain only runs BTC. Ethereum runs not only ETH, but dozens of other cryptocurrencies built on top of it.

I see DeFi as transformational for the money laundering business. Next week we’ll consider this future.

Speaking of the criminal use of cryptocurrency…

The newsletter has four (4) subscribers in New Zealand, so I’m going to believe my recent writings have influenced this decision: New Zealand is banning cryptocurrency ATMs.

“We will also make it more difficult for criminals to convert cash to high-risk assets such as crypto currencies by banning crypto ATMs.” - Associate Justice Minister Nicole McKee

https://www.beehive.govt.nz/release/targeting-criminals-not-kiwi-businesses

The News…

A Pittsburgh man has been charged with over 200 counts of felony identity theft and related offenses for assuming the identities of hundreds of people to make online credit purchases from area Lowe's and Giant Eagle stores, totaling over $100,000. The man sold the merchandise on his Facebook page at a discount. Kudos to the Office of Attorney General's Organized Retail Crime Unit, which conducted the investigation. AG Sunday, how about a cybercrime unit? Call me. https://www.attorneygeneral.gov/taking-action/organized-retail-crime-unit-charges-pittsburgh-man-with-stealing-hundreds-of-identities-to-buy-100k-in-lowes-giant-eagle-merchandise/

Ransomware “negotiators” accepting bribes from the ransomware gangs—who would have thought? These incident responders are supposed to act in the victims’ best interests but instead exploit the confusion and vulnerability after an attack to gain illicit profits. https://www.suspectfile.com/cybercrime-and-corrupt-negotiators-the-dark-side-of-ransomware-negotiations/

I’m calling total BS on this statement by Senator Tim Scott at the Senate Banking Committee hearing on digital assets: “Less than 1% of crypto transactions are linked to illicit activity—on par with or better than traditional finance.” I don’t know the exact number, but it’s definitely higher than 1%. Think about that claim and what you know as a fraud investigator or cybersecurity professional. https://www.chainalysis.com/blog/senate-banking-committee-hearing-takeaways-july-2025/

The EFF opposes reverse-keyword warrants, which allow police to access search engine records without a specific suspect or location in mind. They believe the practice is unconstitutional because it infringes on individuals' right to privacy and free speech. The organization has filed an amicus brief for the Virginia court case Commonwealth v. Clements, urging the court to protect Internet users' rights by confirming that keyword warrants cannot be upheld under the Constitution. They might be right on this one. But dammit, the evidence… https://www.eff.org/deeplinks/2025/07/eff-tells-virginia-court-constitutional-privacy-protections-forbid-cops-finding

You probably want to check this if you’re using Gravity Forms in your WordPress site. https://patchstack.com/articles/critical-malware-found-in-gravityforms-official-plugin-site/

Share Threats Without Borders

DFIR

The digital forensics market is predicted to reach $ 47.9 Billion by 2034.

https://www.precedenceresearch.com/digital-forensics-market

Cool Tool

username search - https://instantusername.com/

Cool Job

Fraud Prevention Lead, Bass Pro Shops. https://careers.basspro.com/us/en/job/BPSHUSR230401EXTERNALENUS/Fraud-Prevention-Lead

This is where to be!

Substack received more traffic than CBS News and the Wall Street Journal in June. Threats Without Borders hasn’t been here from the beginning, but we did launch in 2020, so we’re a veteran publication for sure.

https://sherwood.news/culture/substack-com-more-traffic-than-wall-street-journal-and-cbs-news/

Irrelevant

Have you been “Orange Pilled”? https://www.nasdaq.com/articles/what-does-it-mean-to-orange-pill-someone

Comcast's actions made these brothers so mad that they decided to start their own fiber service, allowing their neighbors to bypass the ISP. https://arstechnica.com/tech-policy/2025/07/two-guys-hated-using-comcast-so-they-built-their-own-fiber-isp/

Sign Off

There is nothing more cringeworthy than someone making a public, all-encompassing statement, demanding that their peers “do better.” It doesn’t matter what the task is; when you stand up on your soapbox and say “we must do better,” you are implying that your audience is failing at their task or not fulfilling their responsibilities. Sometimes, a leader needs to challenge their group, but for a peer to address an entire peer group in such a manner is insulting and distasteful, as it suggests failure due to a lack of effort.

And that’s not just true in the fraud business. There are dozens of reasons why the bad guys win, but it isn’t because those on the front lines aren’t trying their best every day. People in the fraud industry are some of the most dedicated, hardworking, and empathetic professionals I know. And it’s terribly insulting to tell the whole group of them, “do better.”

See you next Tuesday!

Matt

Published every Tuesday, Threats Without Borders offers original commentary and educational pieces related to cybercrime investigations and information security topics. We also summarize and comment on news articles concerning active threat intelligence for the financial industry. The newsletter interests everyone tasked with cybersecurity or involved in preventing or investigating technology-enabled fraud, theft, or money laundering.

Legal: I am not compensated by any entity for writing this newsletter. Obviously, anything written in this space is my own nonsensical opinions and doesn’t represent the official viewpoint of my employer or any associated organization. Blame me, not them.

cybersecurity cybercrime financial fraud investigations osint cyficrime aml