There is an old saying that goes something along the lines of “if you want to get rich during a gold rush, don’t mine for gold, sell the shovels”. There is a lot of truth to this and the wisdom of the statement is easily apparent through multiple verticals, not just mining. In the age of big data, don’t make the data, store it! So says Amazon as they rake in billions through Amazon Web Services fees.
Keeping with the plan of suppling the infrastructure rather than engage in the actual activity, we find another financial services provider who found money laundering just too profitable to turn away from. The cryptocurrency exchange Binance seemed to reason there was no need to engage in the overt criminal activity that generates the money when it’s just as profitable to turn a blind eye as the funds traveled through their networks. And in some cases they had to work to create “plausible deniability”.
In this special investigative report, Reuters claims that Binance, among other things, “acted against its own compliance department’s assessment by continuing to recruit customers in seven countries, including Russia and Ukraine, judged to be of “extreme” money-laundering risk”, and “watered down compliance rules” concerning Know Your Customer regulations.
The report highlights an even more pressing questions concerning cryptocurrency finance: Ethics and compliance according to whose standards? Who are the regulators? What countries rules do these multi-national “virtual” businesses adhere to? Who is the enforcer?
What a great time to be in the business of financial crime investigation and enforcement!
https://www.reuters.com/investigates/special-report/finance-crypto-currency-binance/
It’s Academic
Two academic researchers studied why employees violate cyber security polices - even when they know better, The researchers questioned 330 remote employees, and conducted in-depth interviews with 36, concerning their security-hygiene while working from home during the Covid-19 pandemic. The findings may surprise you, but probably not: “Our recent research, however, suggests that much of the time, failures to comply may actually be the result of intentional yet non-malicious violations, largely driven by employee stress.” https://hbr.org/2022/01/research-why-employees-violate-cybersecurity-policies
King of what
“King Perry” is about to the “King of the Pen” as infamous Ponzi scheme operator Perry “King Perry” Santillo has been sentenced to 17 years in federal prison. His royal highness pled guilty a scheme that scammed over 1000 investors out of more than 115 million dollars. Investigators say that 71 million dollars is still missing. A safe bet is that’s in the coffers of Las Vegas casino’s or his closet, as reports claim he had a wardrobe worth “hundreds of thousands of dollars” and flaunted his wealth on trips to Vegas. https://www.marketwatch.com/story/ponzi-scammer-king-perry-sentenced-to-17-5-years-for-stealing-115m-from-investors-including-250k-from-a-man-with-dementia-11642530801
It’s on the Chain
Those responsible for the Crypto.com compromise and theft of over 33 million in cryptocurrency seem to have forgot the BTC and ETH they stole could be traced. Or they just don’t care because they are in a safe-haven country. And that seems more likely since analysts from ErgoBTC traced the coins to a tumbler commonly used by groups located in North Korea. According to ErgoBTC, “the bitcoin tumbler used by the alleged hacker to launder the 271 BTC is commonly used by Lazarus Group — the notorious North Korean state-backed cybercrime syndicate that has been linked to several crypto exchange hacks.”. https://www.theblockcrypto.com/post/130793/on-chain-analyst-claims-crypto-com-hack-was-closer-to-33-million
Let’s pay more attention to this
Two New Jersey men were sentenced in the Northern District of Alabama for money laundering and associated crimes. They were working for a Nigerian crime group running business email compromise and romance scams. The true intel nuggets in the press release is that they were paid 20% of the funds they laundered and they were using some of the money to purchase vehicles and ship them overseas. We need to pay more attention to this. There is a lot of fraud proceeds being converted into vehicles. SAR’s anyone? https://www.justice.gov/usao-ndal/pr/nigerian-nationals-sentenced-role-money-laundering-conspiracy-0
The Rest…
FS-ISAC releases a new program to assist the financial sector secure their supply chain. https://www.fsisac.com/newsroom/fsisac-launches-program-to-bolster-the-financial-sector-supply-chain-security
A grandma that was wise enough to not get scammed and helped the police arrest the scammer. Of course, the courts released him back into the community to offend others. But Kudos to grandma. https://www.yahoo.com/news/73-old-york-grandmother-outsmarted-201133711.html
Cofense uncovers an attack delivered through fake password expiration notices. https://cofense.com/blog/cyber-gang-targets-users-with-password-expiration-scan/
CISA released a check sheet for organizations that do business with Ukraine based or associated businesses. https://www.cisa.gov/sites/default/files/publications/CISA_Insights-Implement_Cybersecurity_Measures_Now_to_Protect_Against_Critical_Threats_508C.pdf
Cool Tool
Visualize the organizational structure of a business. I searched out a few businesses and it was fairly accurate. Including my local Fortune 500 biz.
https://theorg.com/organizations
(AKA - How bad guys do intel for BEC fraud)
Cool Job
Lead Fraud and Risk Prevention Analyst - FANDUEL
“IT IS FAR BETTER TO BE ALONE THAN IN BAD COMPANY.” - someone who is spends more time alone than me.
Irrelevant
Have a coffee problem? Yeah, me too. Find exceptional coffee wherever you are!
https://coffeeopia.com/places/united-states
Funny but not funny. Many email systems, particularly O365, have been sending Substack Newsletters to spam by default. The newsletter picked up several new subscribers last week so I sent them all a personal email from from the address twbnewsletter@protonmail.com asking them to watch their spam folder for the newsletter. Guess what, O365 is sending protonmail emails to the trash too. So much for that.
Thank you for opening this weeks email and we’ll see you next Tuesday!
Matt