Category Archives: Financial

Operator of bitcoin ‘mixers’ that served dark web markets faces $60 million FinCEN penalty

Posted on by

The operator of two “mixer” or “tumbler” services that exchanged cryptocurrency for users on “the darkest spaces of the internet” is facing $60 million in civil penalties from the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN). The decision against Larry Dean Harmon, who operated the services known as Helix from 2014-17 and Coin Ninja from 2017-20, is the first of its kind from FinCEN against a bitcoin mixer. The agency said he failed to register both as money services businesses and violated federal obligations “to develop, implement, and maintain an anti-money laundering compliance program; and to meet all applicable reporting and recordkeeping requirements.” More specifically, Harmon failed to file suspicious activity reports for transactions within dark web markets, as required by the Bank Secrecy Act. “Mr. Harmon operated Helix as a bitcoin mixer, or tumbler, and advertised its services in the darkest spaces of the internet as a way for […]

The post Operator of bitcoin ‘mixers’ that served dark web markets faces $60 million FinCEN penalty appeared first on CyberScoop.

Continue reading Operator of bitcoin ‘mixers’ that served dark web markets faces $60 million FinCEN penalty

Alexander Vinnik heads to trial in France on ransomware, money laundering charges

Posted on by

Accused Russian cybercriminal Alexander Vinnik’s legal odyssey continues Monday in Paris, where he faces trial on charges of extortion, money laundering and involvement in organized crime. It’s the latest milestone in a case that spans multiple countries: Vinnik was arrested in 2017 in Greece, which extradited him to France this year with the understanding that he was also wanted in the U.S. and Russia. French and U.S. prosecutors allege Vinnik helped create the infamous Locky ransomware and then launder the resulting bitcoin ransom payments through the BTC-e cryptocurrency exchange. French prosecutors are focusing on $157 million that the alleged scheme captured from French organizations. The U.S. Department of Justice says he laundered about $4 billion while running BTC-e, which also allegedly provided services to other scams. In Russia, he faces smaller-scale charges of fraud. Vinnik’s arrival in France in January followed a nearly two-year battle over where Greek authorities would send the 41-year-old, who […]

The post Alexander Vinnik heads to trial in France on ransomware, money laundering charges appeared first on CyberScoop.

Continue reading Alexander Vinnik heads to trial in France on ransomware, money laundering charges

US, European authorities carry out sweeping crackdown on prolific QQAAZZ cybercriminal group

Posted on by

U.S. and European law enforcement have embarked on a coordinated crackdown on an Eastern European cybercriminal group accused of trying to launder tens of millions of dollars stolen from victims. Fourteen people have been charged for allegedly laundering money for QQAAZZ, as the group is known, the U.S. Justice Department announced Thursday. Meanwhile, houses were raided across Europe, a number of arrests were made in Latvia and a cryptocurrency mining operation was seized in Bulgaria. It’s the most significant law enforcement offensive to date against QQAAZZ, whose members are allegedly from Bulgaria, Latvia, Georgia, Romania and elsewhere. The network has allegedly operated hundreds of bank accounts throughout the world to launder money stolen by criminal hackers, sometimes converting it to cryptocurrency. They stand accused of hawking their “bank drops service” on Russia-speaking cybercriminals forums. “The criminal gangs behind some of the world’s most harmful malware families are among those cybercriminal groups […]

The post US, European authorities carry out sweeping crackdown on prolific QQAAZZ cybercriminal group appeared first on CyberScoop.

Continue reading US, European authorities carry out sweeping crackdown on prolific QQAAZZ cybercriminal group

New York regulator faults Twitter for lax security measures prior to big account breach

Posted on by

The scammers who hijacked celebrity Twitter accounts to promote cryptocurrency in July did so by posing as a customer support team in a breach that caught Twitter’s security team flat-footed, a New York regulator said in a report Wednesday. The investigation from New York’s Department of Financial Services faulted Twitter for not heightening security measures for telework during the coronavirus pandemic, and called for regulation of social media companies to force better cybersecurity practices. “Social-media platforms have quickly become the leading source of news and information, yet no regulator has adequate oversight of their cybersecurity,” Linda Lacewell, Superintendent of FinancialServices, said in a statement. “The fact that Twitter was vulnerable to an unsophisticated attack shows that self-regulation is not the answer.” According to the report, attackers posed as Twitter’s IT department and phoned Twitter employees to discuss an apparent problem with their virtual provide networking (VPN) connection, a  security technology that […]

The post New York regulator faults Twitter for lax security measures prior to big account breach appeared first on CyberScoop.

Continue reading New York regulator faults Twitter for lax security measures prior to big account breach

Meet FIN11, a cybercrime outfit going after pharma companies while leaning on extortion

Posted on by

Researchers have pieced together details about a newly-identified, financially-motivated hacking group they say is behind bold, large and long-running malware campaigns. And it’s only getting worse: The hackers have expanded their range of targets the past two years while using increasingly aggressive ransomware attacks, according to research published Tuesday by FireEye’s threat intelligence unit, Mandiant. The company dubbed the group FIN11, a designation it gives financial crime groups. That makes it the first group to get the FIN label since FIN10 three years ago. The hackers are notable for “removing the last vestiges of restraint” in their ransomware and extortion targeting, said John Hultquist, senior director of analysis for Mandiant Threat Intelligence, a unit of FireEye. They’ve gone after pharmaceutical companies and other health care targets during the COVID-19 pandemic. More broadly, the health care industry has encountered a barrage of attacks from hackers during the pandemic, including ransomware attacks that authorities say have hit hospitals and health […]

The post Meet FIN11, a cybercrime outfit going after pharma companies while leaning on extortion appeared first on CyberScoop.

Continue reading Meet FIN11, a cybercrime outfit going after pharma companies while leaning on extortion

US advisory meant to clarify ransomware payments only spotlights widespread uncertainty

Posted on by

If a Treasury Department advisory threatening financial penalties against anyone paying ransomware hackers was intended to send a clear message, it may have done the exact opposite. The Oct. 1 advisory from the Office of Foreign Assets Control warned that paying or helping to pay ransoms to anyone on its cyber sanctions list could incur civil penalties. Across some of the industries mentioned in the advisory — like cybersecurity incident response firms and insurance providers — reactions have ranged from confusion to silence, from yawns to raised eyebrows, from praise to fear of a blizzard of potentially unintended consequences. The worst case scenarios involve ransomware victims in the health sector having to make a life-or-death decision on whether to pay to unlock their systems while at risk of incurring Treasury’s wrath, or situations where victims try even harder to keep attacks quiet to avoid OFAC fines, which sometimes total millions […]

The post US advisory meant to clarify ransomware payments only spotlights widespread uncertainty appeared first on CyberScoop.

Continue reading US advisory meant to clarify ransomware payments only spotlights widespread uncertainty

Negligent data center shutdowns bring $60 million fine for Morgan Stanley

Posted on by

Investment bank Morgan Stanley is paying a $60 million fine to the U.S. government for mishandling the decommissioning of two data centers in 2016, and potentially exposing customer information. The bank reported the problem to wealth management customers this summer, saying that pieces of hardware from the facilities still had some customer data on them after they reached a recycler. In 2019, a similar situation arose during the decommissioning of network devices that stored customer data, according to Office of the Comptroller of the Currency, the Treasury Department agency that announced the fine Thursday. The case is a reminder that potential data breaches come in many forms beyond the usual concepts of cybercriminals hacking into networks to or using business email compromise to trick employees. In both cases at Morgan Stanley, the bank “failed to adequately assess the risk of subcontracting the decommissioning work, including exercising adequate due diligence in […]

The post Negligent data center shutdowns bring $60 million fine for Morgan Stanley appeared first on CyberScoop.

Continue reading Negligent data center shutdowns bring $60 million fine for Morgan Stanley

SEC settles with trader accused of illegal trades using hacked data

Posted on by

The U.S. Securities and Exchange Commission agreed to settle charges with one of the traders who relied on hacked data from an SEC company filing system to collectively make millions of dollars, the agency said in a federal court filing on Wednesday. The SEC settlement includes both Sungjin Cho, the trader, and Kyungja Cho, his mother. Sungjin Cho made 66 illegal trades under his own name relying on the hacked information, and placed or directed four more under accounts in his mother’s name, according to the original complaint. Last year, the SEC and Justice Department filed charges against alleged hackers and the group of traders whom they said benefited from the scheme dating back to 2016 to steal secrets from EDGAR. EDGAR is a filing system for public companies that sometimes contains information that has not yet been made public. The scheme netted at least $4.1 million for the traders, according to the SEC. Among the […]

The post SEC settles with trader accused of illegal trades using hacked data appeared first on CyberScoop.

Continue reading SEC settles with trader accused of illegal trades using hacked data

Hackers exploit Trump’s COVID-19 diagnosis to spread a different kind of virus

Posted on by

Opportunistic hackers have seized on President Donald Trump’s illness from COVID-19 to fool email recipients into clicking on malware, researchers found, in what was a quick turnaround from the news that dominated the weekend and beyond. Proofpoint said it had detected an active, “medium volume” email campaign on Wednesday sent to several hundred U.S. and Canadian organizations. The messages are designed to bamboozle victims into downloading the BazaLoader backdoor, a kind of trojan commonly linked to the developers of the TrickBot hacking tool. Scammers frequently seize on major news events to try duping victims into providing access to their sensitive data. The apparent TrickBot gang email campaign comes less than a week after Proofpoint highlighted another that swiped Democratic National Committee website language in a bid to infect potential party volunteers. In this case, emails contain subject lines like “Recent materials pertaining to the president’s illness.” The body of the messages contain a hyperlink to an attached […]

The post Hackers exploit Trump’s COVID-19 diagnosis to spread a different kind of virus appeared first on CyberScoop.

Continue reading Hackers exploit Trump’s COVID-19 diagnosis to spread a different kind of virus

John McAfee arrested in Spain, charged with tax evasion

Posted on by

The Justice Department unsealed an indictment Monday against cybersecurity pioneer John McAfee following his arrest in Spain. McAfee stands accused of evading taxes, in part by using cryptocurrency. McAfee founded the antivirus firm that bears his name, but has spent at least a decade in frequent brushes with the law, and not just in the United States. The indictment, dated from June, does not allege that McAfee received any money from, or otherwise had any connection to his former company during the period he allegedly failed to pay taxes, from 2014 to 2018. McAfee left the security firm more than 20 years ago. The indictment states that his millions of dollars in income during the four-year stretch came from promotion of cryptocurrencies, consulting work, speaking engagements and the rights to his story for a documentary. McAfee, the indictment alleges, routed his income into cryptocurrency exchange accounts and bank accounts of others, and sought to conceal assets, including […]

The post John McAfee arrested in Spain, charged with tax evasion appeared first on CyberScoop.

Continue reading John McAfee arrested in Spain, charged with tax evasion