Story image

Cybercriminals laundering $200b in ill-gotten gains – here’s how

17 Mar 2018

A new report has landed with a number of startling findings, including the confirmation of a bustling cybercrime laundry market.

The comprehensive report from Bromium based on a nine month study found that up to US$200 billion in illegal cybercrime profits is laundered every year, making up an estimated 8-10 percent of total illegal profits laundered around the world.

“We invested in this research to instigate a meaningful conversation about how to disrupt the economic systems and poor security practices that enable cybercrime around the world; frankly because it’s far too easy for them,” says Bromium CEO Gregory Webb.

“Today it is easy for hackers to infect machines, steal data, and hold businesses and individuals for ransom or sell stolen IP because enterprise defences are not fit for purpose. It is equally easy for them to wash that money and convert it into cash – and the rise in use of unregulated, virtual currencies is making this even easier.”

Bromium’s report will certainly start many interesting conversations, with insightful findings around how cybercriminals are laundering their proceeds, including:

  • Virtual currencies have become the primary tool used by cybercriminals for money laundering
  • Cybercriminals are moving away from Bitcoin to less recognised virtual currencies, like Monero, that provide greater anonymity
  • In-game purchases and currencies are spurring a rise in gaming-related laundering; as China and South Korea become hotspots for gaming-currency laundering
  • Covert data collection found that PayPal and other digital payment systems are employed by cybercriminals to launder money
  • Digital payment systems laundering often involves the use of micro-laundering techniques where multiple, small payments are made so laundering limits aren’t triggered

Virtual currencies – Bitcoin falling out of favour with criminals?

According to Bromium, many cybercriminals are using virtual currency to make property purchases, effectively converting illegal proceeds into legitimate cash and assets.

There are websites (like Bitcoin Real Estate) with everything on offer from penthouse suites to 160 acre private islands that offer purchases using bitcoins. This option is popular as cryptocurrencies aren’t subjected to the close regulation and scrutiny that traditional cash purchases receive.

In fact, the report found that nearly 25 percent of total property sales are forecast to be made with cryptocurrency in just the next few years – a concerning statistic for financial analysts as swifter, more covert transactions (many with criminal origins) could disrupt global property markets.

However, law enforcement agencies are now paying particular attention to Bitcoin which has caused many cybercriminals to look for alternatives. According to Bromium, information on Bitcoin transactions can leak during web transactions (most often through web trackers or cookies), allowing the connection of individuals to transactions in up to 60 percent of Bitcoin payments.

Surrey University senior lecturer in criminology and researcher and report author Dr. Mike McGuire says this has led to cybercriminals utilising other more anonymous options, like Monero.

“It’s no surprise to see cybercriminals using virtual currency for money laundering. The attraction is obvious. It’s digital, so is an easily convertible way of acquiring and transferring cybercrime revenue,” says Dr. McGuire.

“Anonymity is also key, with platforms like Monero designed to be truly anonymous, and tumbler services like CoinJoin that can obscure transaction origins. Targeted organisations must do more to protect their customers.”

Considerable time spent on laundering through in-game currency and goods

Cybercriminals are increasingly converting stolen income into video game currency or in-game items like gold, which are converted into Bitcoin or other electronic formats. Bromium says games like Minecraft, FIFA, World of Warcraft, Final Fantasy, Star Wars Online and GTA 5 are the most popular options given they provide covert interactions with other players that allow trade of currency and goods.

“This trend appears to be particularly prevalent in countries like South Korea and China – with South Korean police arresting a gang transferring $38 million laundered in Korean games, back to China,” says Dr. McGuire.

“The advice on how to do this is readily available online and explains how cybercriminals can launder proceeds through both in-game currencies and goods.”

‘Secure’ digital payment systems facilitating laundering

The report estimates 10 percent of cybercriminals are using PayPal to launder money, with a further 35 percent utilising other digital payment systems like Skrill, Dwoll, Zoom, and mobile payment systems like M-Pesa.

One method that is becoming increasingly common and more difficult to detect is called ‘micro laundering’ where thousands of small electronic payments are made through platforms like PayPal. Another common technique is to use online transactions via sites like eBay to encourage the laundering.

“The growing use of digital payment systems by cybercriminals is creating significant problems for the global financial system. Revenues that previously would have flowed within proven and well-established banking systems and could be traced are now outside of its jurisdiction,” says Dr. McGuire.

“Digital payment systems are most effective when combined with other digital resources, like virtual currencies and online banking. This hides the money trail and confuses law enforcement and financial regulators.”

Dr. McGuire says now is the time for change, where law enforcement, the cybersecurity industry and both the public and private sectors need to be vigilant about disrupting cybercrime.

“We need a whole new approach to cybersecurity or these figures will continue to increase over time,” Dr. McGuire concludes.

Further findings will be released during the RSA Conference in San Francisco on April 20 where Dr. McGuire will present the full report.

Kiwis know security is important, but they're not doing much about it
Only 49% of respondents use antivirus software and even fewer – just 19% -  change their passwords regularly.
Avi Networks: Using visibility to build trust
Visibility, also referred to as observability, is a core tenet of modern application architectures for basic operation, not just for security.
Privacy: The real cost of “free” mobile apps
Sales of location targeted advertising, based on location data provided by apps, is set to reach $30 billion by 2020.
Myth-busting assumptions about identity governance - SailPoint
The identity governance space has evolved and matured over the past 10 years, changing with the world around it.
Forrester names Crowdstrike leader in incident response
The report provides an in-depth evaluation of the top 15 IR service providers across 11 criteria.
Slack doubles down on enterprise key management
EKM adds an extra layer of protection so customers can share conversations, files, and data while still meeting their own risk mitigation requirements.
Security professionals want to return fire – Venafi
Seventy-two percent of professionals surveyed believe nation-states have the right to ‘hack back’ cybercriminals.
Alcatraz AI to replace corporate badges with AI security
The Palo Alto-based startup supposedly leverages facial recognition, 3D sensing, and machine learning to enable secure access control.