RT @jerallaire: Announcing that @endaomentdotorg CEO Robert Heeger is joining us in Sept at Converge22 in San Francisco. Come hear how End… | Posted: 8 months ago
International #lawenforcement have arrested two individuals, believed to be core members of the odious #DoppelPaymer crime gang. For those who can’t keep all of these gangs straight, this is the group that shut down the University Hospital in Düsseldorf, employing the equally odious #emotet #malware.
The DoppelPaymer group victimized dozens of companies over several years. The US-based victims alone were extorted out of nearly €40M.
Kudos to the diligent #digitalforensic and #lawenforcement collaboration required to perform the attribution and tracing efforts that led to these arrests. Among those involved were the German Regional Police, the Ukrainian National Police, Europol, the Dutch Police, and the United States Federal Bureau of Investigation (FBI).
With any luck, the materials seized during these raids will lead to even more arrests!
In yet another illustration of the fraud-is-fraud axiom, John DeMarr was sentenced to 5 years in prison and over $3.5M USD in forfeiture. DeMarr was convicted of conspiracy to commit securities fraud for his role in promoting scams masquerading as legitimate crypto companies.
Kudos to the Federal Bureau of Investigation, the IRS Criminal Investigation division, and the United States Attorneys’ Offices for investigating this case and securing a conviction.
This one is a bit more of a “landscape” commentary, as it involves the precedent of a U.K. court’s application of court rules directing six different exchanges to cooperate (i.e., cough up customer and transactional details) in a crypto-/cyber-fraud investigation. I say this is a landscape commentary, as it is yet another indicator that jurisdictions are adapting to address the scourge of crypto-related scams in an effort to provide relief to fraud victims.
Kudos to the U.K. court system for expanding its operating procedures to address this pronounced need.
These efforts are the culmination of a years-long investigation of a Brazilian national named Francisley Valdevino da Silva. Da Silva (a.k.a., the “cryptocurrency sheik”) is accused of running a #cryptocurrency #pyramidscheme that raised approximately $767 million. Da Silva’s alleged victims hail from over a dozen different countries.
While this was a fairly mundane scheme (at least in the context of 2017 ICOs, that is), it involved misrepresentations including claims that a prominent rapper was involved in the venture (ostensibly an entertainment streaming platform). The central scam alleged that user adoption would “surpass Netflix” over time.
As it turns out, the defendant merely converted the #ICO proceeds into his personal accounts, purchased a $1.5M USD house, a Ferrari for nearly $200k, and other lavish expenditures. As if this behavior wasn’t toxic enough, the defendant then went on to raise an additional $200k USD via a second ICO scam (ostensibly a cryptocurrency trading exchange), where he also pocketed the proceeds related to that venture.
The U.S. Department of Justice recently extradited the alleged operator of illegal cryptocurrency exchange #BTCe. This extradition is the culmination of over 5 years of litigation, and the 2017 indictment states that the BTC-e exchange ostensibly laundered over $4 billion (USD) in criminal proceeds.
Like other exchanges that have been sanctioned and/or shut down in recent years, BTC-e enabled users to anonymously trade bitcoin, allowing them to cash out proceeds from various #ransomware, #identitytheft, #drugtrafficking, and #taxrefund schemes. Defendant Alexander Vinnik, a Russian national, made his first appearance in federal court last week in San Francisco.
In addition to facing criminal charges, Vinnik also faces Dept of the Treasury/Financial Crimes Enforcement Network civil money penalties for: failing to have an #AML process or program; failing to register as a money services business with the U.S. Department of the Treasury, and failing to have a system for appropriate #KYC verification. The 2017 #FinCEN civil money penalty assessment was for $88.6M USD for BTC-e and $12M USD for Vinnik personally.
If you believe that you are a victim of the Baller Ape Club, EmpiresX, TBIS, and Circle Society schemes, please visit the DOJ website for details on how to submit your “Victim Impact Statement” (and thereby register as a victim).
The U.S. Department of Justice seized assets worth $500k USD from North Korean hackers targeting U.S.-based #healthcare organizations. The seized North Korean assets were either monies directly extorted from companies or monies used in laundering #ransomware payments.
In addition to the general #karma of this action, there was an object lesson about public-private sector collaborations as well. The prompt reporting by one healthcare victim allowed the Federal Bureau of Investigation (FBI) to identify a new strand of North Korean ransomware.
Of course, $500k is a pittance compared against the hundreds of millions of dollars stolen by North Korean cyber actors in recent years. Just the same, it’s important to trumpet the “wins” wherever we can find them.
Earlier this week, the United States Attorneys’ Offices won a conviction against the fraudster behind the crypto scheme My Big Coin – the regrettably named defendant for a cryptocurrency shill: Randall Crater. As a refresher, this was a $6M USD scheme defrauding investors by marketing and selling non-existent virtual currency.
As with several prominent mentions in the press this week, including actions from both U.S. Securities and Exchange Commission and U.S. Department of Justice, the “fraud is fraud” theme was the central theory of this case. For those of us in the digital assets industry for some time now, this is just the latest example of things equalizing in this space (i.e., the grown-ups are now on scene).
The U.S. Department of Justice announced yesterday that it has shut down (i.e., seized and taken control of the domains governing) several websites serving as both #DDoS attacks and as indexed search engines for breached personal information.
In the Federal Bureau of Investigation (FBI) announcement, the WeLeakInfo[.]to website was specifically referenced. For those who are unaware, this site contained roughly 7 billion indexed records of personal information illegally obtained from over 10,000 #databreaches. This is a 𝐁𝐈𝐆 𝐃𝐄𝐀𝐋.
Forensic Update 