RT @jerallaire: Announcing that @endaomentdotorg CEO Robert Heeger is joining us in Sept at Converge22 in San Francisco. Come hear how End… | Posted: 2 weeks ago
If you believe that you are a victim of the Baller Ape Club, EmpiresX, TBIS, and Circle Society schemes, please visit the DOJ website for details on how to submit your “Victim Impact Statement” (and thereby register as a victim).
The U.S. Department of Justice seized assets worth $500k USD from North Korean hackers targeting U.S.-based #healthcare organizations. The seized North Korean assets were either monies directly extorted from companies or monies used in laundering #ransomware payments.
In addition to the general #karma of this action, there was an object lesson about public-private sector collaborations as well. The prompt reporting by one healthcare victim allowed the Federal Bureau of Investigation (FBI) to identify a new strand of North Korean ransomware.
Of course, $500k is a pittance compared against the hundreds of millions of dollars stolen by North Korean cyber actors in recent years. Just the same, it’s important to trumpet the “wins” wherever we can find them.
Earlier this week, the United States Attorneys’ Offices won a conviction against the fraudster behind the crypto scheme My Big Coin – the regrettably named defendant for a cryptocurrency shill: Randall Crater. As a refresher, this was a $6M USD scheme defrauding investors by marketing and selling non-existent virtual currency.
As with several prominent mentions in the press this week, including actions from both U.S. Securities and Exchange Commission and U.S. Department of Justice, the “fraud is fraud” theme was the central theory of this case. For those of us in the digital assets industry for some time now, this is just the latest example of things equalizing in this space (i.e., the grown-ups are now on scene).
The U.S. Department of Justice announced yesterday that it has shut down (i.e., seized and taken control of the domains governing) several websites serving as both #DDoS attacks and as indexed search engines for breached personal information.
In the Federal Bureau of Investigation (FBI) announcement, the WeLeakInfo[.]to website was specifically referenced. For those who are unaware, this site contained roughly 7 billion indexed records of personal information illegally obtained from over 10,000 #databreaches. This is a 𝐁𝐈𝐆 𝐃𝐄𝐀𝐋.
I know that there are many events unfolding in recent weeks with far more gravitas than the link below might indicate. That said, I share today’s update because it’s a testament to the depths that the second-handers of the world will sink to meddle in something designed to be life-affirming — and the importance of resisting such meddling.
For those who don’t know, #EuroVision is an international songwriting competition organized annually by the European Broadcasting Union, featuring participants primarily from European countries. Italian police foiled a series of cyberattacks by a pro-Russian hacking group called “Killnet”. The Killnet attacks were designed to skew the results of this year’s competition, but both the #DDoS and voting-manipulation attacks were unsuccessful.
In case you haven’t heard, the #EuroVision2022 winner was Ukraine.
While the use of the verb “forfeit” in the headline of this story may seem confusing, it’s a GREAT turn of events. Simply put, U.S. Department of Justice, Criminal Division prosecutors in the Southern District of Florida have secured one of the largest #cryptocurrency #forfeiture actions ever filed in this country.
This story really resonates with me, as it represents a rather elegant intersection of #cyber and #crypto. The forfeiture action netted about $34M in cryptocurrency, all tied to the illegal #darkweb activity of a South Florida resident — specifically, the sale of online account credentials.
Of additional interest is the method by which this case was brought. In yet another example of inter-agency collaboration among federal, state, and local #lawenforcement, the investigators “followed the money” through a tortuous path, owing to the target’s use of cryptocurrency “tumblers”, “chain hopping”, and other (failed) #moneylaundering techniques.
A mere 8 months after his (alleged) involvement in the Kaseya #ransomware attacks, a Ukrainian national has been extradited to the United States and been formally indicted in a Dallas courtroom. This is the way…
I was thrilled to join my colleague, Lisa Frist, on a recent podcast discussing #cyberforensics and #lessonslearned from #cyberinvestigations. It’s (mercifully) brief, so please give it a listen.
Today’s #GoodGuysPrevail Update: The U.S. Department of Justice announced yesterday that last week it seized $3.6B USD in #bitcoin stolen from the Bitfinex platform in 2016. As with many of these prominent fraud cases, there is much to un-pack here — ranging from remarkably diligent investigative work to complex #digitalforensics to the effective deployment of the prosecutor’s “gatekeeper liability” playbook.
This story is only now coming to light, but what seems clear to me is that this investigation will inform future prosecutions for years to come. The accused employed numerous sophisticated techniques to attempt to launder these funds, but the investigative team nonetheless was able to use Bitcoin’s public #distributedledger to trace these assets and to achieve this recovery.
Another interesting point related to this prosecution is the valuation component. While this marks the largest financial seizure in DoJ history, it’s fascinating to note that the #assetvalue at the time of the theft (2016) was around $70M USD.
Forensic Update 