7 posts tagged

Crime

Top Cybersecurity menace

What represents the most terrying things for cybersecurity staff?

No doubt, the greatest threats to cybersecurity is ransomware. Now worth over a billion dollars year (and rising), with attacks like WannaCry and Petya/NotPetya wreaking havoc, every expert worth their salt was planning ways to stay ahead of the hackers.

Anyway, things move pretty quickly in the cybercrime space. Hackers are inventive, ingenious and destructive, always coming up with new ways of pushing boundaries. Ransomware was so last year. While no one will deny it’s still a (massive) problem, other types of cybercrime are beginning to spread like the bubonic plague.
Check out the top five threats keeping cybersecurity professionals up at night right now.

Ransomware

Yes, ransomware is still high up on the list, as this vicious form of cybercrime overtakes systems and locks down computer files with strong encryption. And most businesses end up paying the ransom to get their data back (especially when it isn’t backed up).

According to Peter Tran, Head of Global Cyber Defense & Security Strategy at Worldpay, data manipulation or destruction in the form of ransomware is often the most disruptive and can take out critical infrastructures including healthcare, financial services, and supply chains.

“This is a critical threat as we move toward pervasive hyper-converged mobile, cloud and IoT-based data infrastructures. There’s much more at stake now with modern IT,” he warns.

The Cryptojacking

Spiking by a massive 1,189% in Q1 of 2018, cryptojacking propelled its way past ransomware as the number one nuisance on the block. According to CSO Magazine, what makes this form of cybercrime, so “interesting” is that it blurs the ethical line between everyday internet users and criminals.

In fact, some sites like The Pirate Bay are even using it to replace advertising and earn income. How? As long as you have their site open in your browser, they temporarily hijack your device and borrow your computational power to mine cryptocurrency. As soon as you close your browser, the crypto miner goes away. In other, more serious cases, it infiltrates your system and downloads just like malware.
Since crypto jacking overtakes devices and forces them to mine cryptocurrency, it burns through a lot of CPU cycles. But, unlike DDoS attacks, you won’t see disastrous downtime or funds siphoned off into a criminal’s account. You just get servers pushed to the max mining Monero.

Cryptojacking is more of an irritation than a serious disease. It’s like trying to swat a persistent fly in the outback. In fact, according to Matt Downing, Principal Analyst at Alert Logic, the most worrying thing about crypto jacking isn’t really the crypto jacking itself – it’s the fact that you got crypto jacked.

This highlights a “vulnerability in your system,” meaning that something worse could just as easily have hacked its way in.

Data Breaches

The very word “Equifax” sends a shiver down the spines of cybersecurity professionals, especially if the companies they work for hold sensitive data. In fact, according to research by Norton, 54 percent of US consumers report having had some personal information involved in a breach.

What’s particularly worrying about this is that the data may be sold in stolen data marketplaces on the dark web. Not only do hackers stand to make high profits from this, but they can also gather extra social information they need to hack into more accounts.

Micro Breaches

Oftentimes, cybercrime is aggressive and makes a lot of noise, but this is not the case with what Tran calls “low and slow attacks.” In a type of “micro breach” situation, access is gained slowly and quietly over a period of time by subverting traditional detection methods.

He says, “Lack of visibility or ‘flying blind’ puts security professionals in a constant position of disadvantage… you can’t defend against what you can’t see or detect… that leads to a lot of sleepless nights!”

Internet of Things (IoT) Hacking

By 2020 it is estimated there will be over 20 billion connected IoT devices worldwide. This means the amount of attack vectors significantly increases. “This increases their chances of a successful breach into much larger systems that utilize IoT as their main infrastructure,” Tran advises.

Anyway a bunch of medical devices on the blink and cars crashing into each other?
“Think about it like a hub and spokes on a bicycle wheel,” he explains, “where the hub represents a single IoT device and the spokes all lead to other access points… then multiply that by 20 billion… It’s a lot to monitor for security professionals and certainly will have security pros sleep with one eye open.”

Takeaway

You may have noticed that phishing, cyberstalking, weaponization of AI, and other serious cybercrimes didn’t make a list. There are plenty of other forms of criminality on the web taking place which are keeping our dear friends in the IT department from getting a restful night’s sleep. However, right now, these are the top five on most security professionals’ lists.

Crypto cybercrime level rises

We do know that the cryptocurrencies are being used for different crimes and fraud activities. There is no wonder, and it’s almost the common knowledge. Fact is, the very small percentage of users do realize the reason underlying that.

However, understanding the magnitude of the problem and how it affects us as we use the internet is an important starting point.

Earlier this week, the FBI’s Internet Crime Complaint Center (IC3) released their 2017 Internet Crime Report. More than 300,000 consumers reported that they were victims of malware and cyber-fraud attacks last year (with registered losses of over $1.4 billion combined).

The most common types of crimes were non-payment and non-delivery, phishing scams, and data breaches. The crimes that cost the most regarding financial loss were compromised email accounts, investment scams, and non-payment/non-delivery. In all, the IC3 received over four million complaints between 2000 and 2017.

Profitable business

Fact is, that advanced malware protection specialists from Bromium, together with Dr. Mike McGuire, Senior Lecturer in Criminology at the University of Surrey, released a report entitled “Web of Profit” last month. The report digs into the dynamics of cybercrime and looks at how new ‘criminality’ platforms are bringing about a booming cybercrime economy, generating at least $1.5 trillion in illicit profits. In fact, according to their findings, if cybercrime were a country, it would have the 13th highest GDP in the world, comprising illegal online markets, data trading, identity theft, and ransomware.

The CEO of Bromium, Gregory Webb, says, “The platform criminality model is productizing malware and making cybercrime as easy as shopping online… We can’t solve this problem using old thinking or outmoded technology. New approaches to cybersecurity will be required.”

AI blockchained

There are many blockchains and AI startups springing up to fight cybercrime using these new technologies. Blockchain, especially at the application layer, is certainly moving in the right direction by removing easily crackable passwords. Moreover, if AI can be used to help us predict and prevent cybercrime before it happens, that could be the perfect combination.

Scott Schober, author of Hacked Again and President/CEO of BVS, says, “You’re accomplishing things much quicker when you apply machine learning to cybersecurity. You can anticipate and build up your defenses because we don’t have enough manpower to do it. Using AI and machine learning can do everything much, much quicker.”

However, while we can contemplate the uses of new technologies like blockchain and AI to fight cybercrime when it boils down to it, almost all attacks have a common element: human error.

Schober continues, “I think blockchain applied in the right area is definitely going to help secure things, but you can spend billions of dollars in security, you can implement the latest and greatest blockchain to secure things, but blockchain is fundamentally a layer underneath allowing things to happen; it’s not a magic silver bullet to stop hackers in their tracks.”

The Human Element

There are many people making money by preying on unsuspecting internet users. Also, we all know by now the importance of being careful when we go online. We don’t open links from strangers, we don’t download suspicious attachments, and we don’t respond to messages on Skype asking for our bank details.
Most of us have been victims of cybercrime at some point in our lives. It’s not surprising that criminals pick the easiest targets (people over 60, according to the IC3 report). However, even the highly technically minded among us can be affected too. Just look at the continued Binance phishing scams that have duped more than one exchange user.

However, the Schober notes that , the biggest problem in cybersecurity today is people. “We continually fall back to choosing convenience over security… We were lazy with creating passwords, and guess what? It hasn’t changed much today. We don’t take the time to carefully vet what we’re putting out on the internet and then it’s used against us. People are too trusting; we give out information too easily.”
Until we fundamentally change our habits and improve what Schober calls our “cyber hygiene,” all the blockchains in the world won’t be enough to keep our account funds or our identities intact.

So, one should start from himself when thinking about safety in the digital and crypto environment.

2018   2018   Crime   Crypto industry   Digital investmens   ICO

Bitcoin-related crimes – only 10%

The Bitcoin and related cryptocurrencies are being used for different criminal activities all over the world  – little wonder, it’s common knowledge nowadays. Starting from the basic stuff like money laundering and going on to drug and weapon trafficking and so on.

However, the latest report by the US Drug Enforcement Administration (DEA) announced a significant decrease in the use of Bitcoin in criminal activities. As representatives of the agency noted, only 10% of all transactions are related to crime, while their aggregate volume has grown substantially, Bloomberg reports.

As stated by DEA special agent Lilita Infante, over the past five years the number of legal Bitcoin-transactions has exceeded the illegal ones.
“The volume of [transactions] has grown significantly, and their number has also increased. However, in percentage terms the number [illegal transactions] have decreased,” she said.

Such data, Infante said, had been obtained as a result of an analysis of the blockchain data, which DEA ​​started in 2013 after it drew attention to an increase in the use of the Bitcoin in the cases under investigation.
As of today, she says, only 10% of transactions are related to criminal activity; basically the Bitcoin is more used for speculation.

Lilita Infante is also a member of the US Department of Justice’s Cybercrime Investigation Unit. The group consists of 10 people and focuses on the darknet and investigation of cases involving crypto-currencies.
Statements that criminals choose cryptocurrency as an alternative to cash, using it for money laundering and terrorist financing, have long been heard by critics of Bitcoin. First of all, this applies to representatives of central banks, who also regularly repeat the mantra about the “anonymity” of Bitcoins.

The last statement, as is known, is far from the truth, moreover, as Lilita Infante says, even if less liquid coins like Monero and Zcash give more anonymity, its department can cope with this challenge.

“The blockchain gives us many tools for identifying people. Truth be told, I would like that they continued to use crypto-currencies, ‘she added.

Back in July, US President Donald Trump signed a decree on the creation of a working group, whose tasks will be, among other things, the investigation of crimes committed using the Bitcoin and other digital currencies. The crypto industry is mentioned in the context of fraud, the fight against which is one of the priority tasks facing the US authorities.

Time goes forwards, and governmental positions regarding digital currencies are still strict, but the reality check is always useful when making statements about cryptocurrency involvement in fraud and crime activities.

2018   Bitcoin   Blockchain   Crime   Crypto industry   Fraud

Crypto industry & currency brutal facts

The digital era offers more and more data every coming day, the ways of informational communication become more and more distinguished and sophisticated. Speaking about the security, the more advanced methods are used for protection, the more complex attack tools are used by fraudsters and cybercriminals of the new era to avoid or to break it.

This is not an easy task to stay safe&sound in the modern informational world, let alone the crypto industry itself.

Fact is, the all the data, which is supposed to remain confidential, the personal stuff, they assets and account info – that’s all at stake. The cybercrimes are the more and more often happening, and the forecast is not positive as the industry seems to be only more lucrative over time.

The latest research from RiskIQ does highlight the unpleasant things that are still present though.

Things can really get out of user control

No matter how much efforts one can take into the protection of the customers’ data, the things can always slip away of your control – just like with the MyEtherWallet phishing attack.

With the emergence of the social engineering, the fraudsters become more innovative and creative. Nowadays they can even copy your company – through the website, email, or social media page: all these efforts are to trick the customers and employees into giving away vital information and get the malware installed on their hardware.

It is stated that in just Q1 2018 RiskIQ identified more than 25,000 phishing domains posing as almost 300 brands – moreover, 40 % of them were established in the financial services industry. So, what is the best way to struggle against the phishing? Raise the level of knowledge of your customers, employees, and stay alert – to take the necessary actions to get down the impostor sites down as soon as possible.

The mass attack goes wide

Going on, the RiskIQ states that their company analyzes over two billion HTTP requests every day. Moreover, they deploy web crawling infrastructure that checks terabytes of passive DNS data, millions of SSL certificates, and monitor mobile apps to see how broad the scope of an attack surface really is – or, simply put, how much of an opportunity is there for hackers to break in?

The company analyzed over three million new domains and 77 million hosts that could all be potential targets for a hacker over a two-week period. Since many modern websites share the same frameworks, plugins, and third-party apps, the hacker’s job is even easier. Just as we can create websites faster and easier, so can hackers come up with malicious code to infiltrate them all.

Fact is, one of the most significant vectors is content management systems (CMS) are to attached to WordPress – RiskIQ found that over 13,000 WordPress plugins were among Alexa’s most-visited sites.

Moreover, some 3,390 of them showed critical vulnerabilities running at least one weak web component.

The scale of mobile attack surface is substantial

Most users think of the Google Play Store and Apple’s App Store to be the only mobile app stores available globally. However, there are plenty more of them: a host of affiliate stores serve the Android market, and they can present a wealth of opportunities for bad actors to replace legitimate apps with the fake ones.

Another data from RiskIQ shows an unprecedented 21,948 blacklisted mobile apps, equating roughly to 1.5 percent of all new apps. Almost all of these apps claimed READ_SMS permission, allowing them to intercept messages that could circumvent 2FA.

The best tip could be given – users should always download apps from the primary app stores and be extremely careful when researching the apps they download – if it doesn’t look legit and it’s asking for too much information, it’s probably best to avoid.

Cryptocurrency Miners are set loose

The mining programs and crypto jacking are making the buzz all the time around as more and more computers get infected with the software for mining and lose GPU power as an effect. For example, it is known that more than 50,000 websites have been running Coinhive over the last twelve months – knowingly or otherwise.

Also, there is now an average of 495 new hosts that run cryptocurrency miners every week. Too, even worse than that? Many of the crypto mining scripts found have been active for over 160 days already, meaning companies have failed to detect them.

Hackers may know much more than you expect

Going on, RiskIQ research found that at least 30 percent of companies have more internet assets than they thought. Here counts such stuff as shadow IT, M&As, or a simple lack of organization.

For example, Shadow IT occurs when an IT department outsources for a time and fails to include all internet assets in the company security program. If this happens over a period, it becomes an easy vector for a hacker, since these assets remain unpatched and don’t pass security frameworks.

What is the main reason? Mergers with other companies often lead to this, as the list of assets is frequently incomplete and sometimes chaotic. Internet assets include elements such as domain names, certificates, hosts, and apps.

Still, the modern security strategy for the most companies has shifted to the defense-in-depth approach starting at the perimeter and layering back to the assets that should be protected.

Happy end

In today’s world of digital engagement, users sit outside the perimeter along with an increasing number of exposed corporate digital assets—and the majority of the malicious actors. As such, companies need to adopt security strategies that encompass this change.

The chaotic world of the crypto industry sees many dangers – let alone ICO start-ups which have numerous vulnerabilities as for the investors, and to their creators as well. One should invest as much as possible to security as this present specific danger even nowadays. The existing defensive methods required need to be developed and continuously updated. The things can get out of hand, and harsh pretty fast in case organizations do not take proper attention to assets protection.

Alcohol industry blockchainization

Alcohol consumption is as old as the humanity itself. There is no way that the civilization will some time in the future give up this habit. and the history had shown us that the different prohibitions are definitely not a solution.

The humanity drank, drink and will continue to consume alcohol in the foreseeable future. Nowadays, the alcohol industry is growing at an undeniably high rate.

This industry includes bar merchants, suppliers, wholesalers, and producers. Due to QYKBAR’s data, the industry grew to an estimated $1.25 trillion in 2016. Considering its current pace, the production is expected to hit the $2 Trillion mark by the year 2025.

The blockchain technology popularity and worldwide adoption grows and has already been implemented in various fields – financial sector mostly, as well as healthcare, logistics, artificial intelligence, new technologies and developments and much more.

Various issues with providers throughout the supply chain exist as well, and it is currently difficult to establish accountability with so many stakeholders involved.

Nowadays, the blockchain tech approach represents a solution for this crisis in the form of smart-contracts that would serve to stabilize this volatile marketplace. Applying blockchain technology and the use of a public ledger that cannot be tampered with, each link in the supply chain would be held accountable. Improved efficiency and greater transparency can be achieved as the result.

Transactions that are currently subject to currency conversions and delays would take place in the specific cryptocurrency, further streamlining the process.

It seems the time has come to use the technology in the production field – particularly the alcohol industry.

Current attempts to bring the market and production together is aimed for solving numerous existing problems of the market and production:

1) The counterfeit problem. According to various studies, 30 to 60% of alcohol nowadays is fake.

2) The issue of product promotion by manufacturers and the decline in the effectiveness of traditional advertising formats.

Fact is, the 1989 year Directive, which is in full force in all countries of the European Union, restricts the way in which information on alcohol is provided. Some states have imposed a total ban on the promotion of alcoholic beverages in Europe, including France, Norway, Russia, and Ukraine.

3) The problem of vast alcohol range choice for consumers. Also, the consumer does not have the opportunity to quickly get acquainted with the variety and prices in different stores.

Considering these problems, specific steps need to be taken to develop the industry and move it on the next circle of production, efficiency, and security.

The unique encoded NFC-tags used for each bottle and specific blockchain tech may help, as the alcohol manufacturers will be able to protect their products from counterfeits and, as a result, increase their product sales and profits of their company.

The mobile application development will be required to be able to verify the authenticity of the products, obtain information from the moment of production until the goods hit the store, aswell as to track availability and prices in the nearest stores.

Blockchain tech can also help the alcohol manufacturers to directly advertise their products at the time of product selection by the end user, showing any information encoded in an NFC-tag (cocktail recipes, ingredients, production method). Moreover, they will be able to create loyalty programs for their customers, use big data to collect information and get targeted at 1,022 metrics, which will increase sales and increase customer loyalty to its brand.

Providing the platform for consumers of alcoholic products reviews, where they could post & read reviews of other users. The artificial intelligence platform will show recommended drinks based on the user’s preferences and experience. Moreover, the consumers can also participate in vendor loyalty programs and receive a reward either in tokens or fiat currencies for writing reviews of alcohol products, depending on the user’s rating and the number of likes of other users.

The industry market size & future

It is estimated, that the current average consumption rate of alcohol per inhabitant of the planet is 6.6 liters of pure alcohol per year, an average of about 60 bottles a year. World consumption number stands on about 450 billion bottles of alcohol per year. The cost of each NFC-tag is 0.06 dollars. The volume of the NFC-label market for alcoholic beverages could be $ 27 billion per year.

Moreover, the recent research indicates that 55% of the inhabitants of the world used alcohol at least once in their lives. The number of potential users of the system is 4.125 billion people. 5 billion people have mobile phones, 80% of them use smartphones that can read the NFC-tag.

There is a global trend both for the use of NFC-tags (the market grows annually) and for protection against counterfeiting, states are obliged to label their products at the legislative level (Bar-codes, QR codes, NFC tags, etc.). IBM company also announced the development of a chip to protect against counterfeit products in the field of drugs, cosmetics and so on.

The identifier itself (NFC-tag) cannot be faked, as it will be produced at the factory and the information will be encrypted in the blockchain. One label can be used in the blockchain only once.

Current existing and future market solutions

There are already blockchain platforms operating in this field. For example, the “Wabi” in China, which focuses on establishing protection from counterfeit products, but it is aimed at the Chinese market exclusively rather than the whole world. IBM is developing a chip and plans a system of protection against counterfeit products in the field of drugs and children’s products. OinSpase conducts a project to protect against the control of the production of QR codes. VeChain (Singapore) solves the problem of counterfeits of luxury goods and product safety for different companies.

The future steps in the vineyard

The world, however, doesn’t escape lightly as verifying authenticity had become as essential as never before – but on a massive scale.

For example, the sales of Pinot Grigio exceeded the amount grown in the 90’s. So what made up the shortfall? Moreover, there had been recent scandals involving Brunello company. Sadly enough, there are plenty of other incidents occured. Fraudsters substitute cheaper inferior wines, cut them with water or use food additives – including even adding such added dangerous chemicals as Diethylene Glycol and Methanol which actually did kill people.

Nowadyas, one of the latest examples regarding alleged fraud involves the large French wine bottler, Raphaël Michel: Carrefour has canceled their supply contracts. The allegation is that part of this scam included passing off as much as 300,000 hectolitres (over 3m cases) of wine classified as cheap Vin de France as far more expensive Côtes du Rhône and Châteauneuf du Pape.

To avoid this, growers could attach an independent DNA fingerprint, Isotopic data, smart sensor data or chemical analysis to the initial Blockchain transaction executed through the specific smart-contract. However, the verification of wine quality, safety and origins are possible from grape to glass.

Moreover, blockchain is being implemented into many projects related to this field – the bars based on the blockchain, the crypto solutions for alcohol logistics, distribution and so on. Well, the future of alchool industry looks bright and sparkle with the blockchain.

2018   Blockchain   Crime   Crypto industry   Fraud   Future

ICO Smart-contracts vulnerability

Initial Coin Offering Models of fundraising still have a lot of loops which makes the money fraud and steal quite often and large-scaled.

According to the latest security researchers made by Positive last year as stated by the Bleeping Computer an average number of vulnerabilities in ICOs stands at number of 5.

The results had shown the very negative trends and outcomes. According to researchers, only one draft of the original offer of coins did not contain bugs.

The study found that 71% of the projects contained vulnerabilities in smart contracts. Among the common problems, analysts pointed out the inconsistency with the ERC-20 standard, the incorrect generation of random numbers and other significant shortcomings.

Experts said that such vulnerabilities appear due to lack of proper qualification of programmers and insufficient testing of the source code.

Most of the security breaches analysts found in ICO-projects to develop mobile applications. Among the common vulnerabilities were named the following: unsafe data transmission, unreliable storage of user data in phone backups and disclosure of the session identifier.

Some vulnerabilities in web applications were aimed at attacking investor funds. For example, because of a lack of proper security, hackers could register a domain similar to ICO, create phishing sites, thereby deceiving investors.

According to the research, every third project contained vulnerabilities that allowed hackers to access data and savings of companies-organizers. Analysts also noted that many initiators of ICO did not use two-factor authentication for important accounts.

https://www.bleepingcomputer.com/news/security/researchers-last-year-s-icos-had-five-security-vulnerabilities-on-average/

Speaking about the background of the this research and former industry vulnerability issues, other things should also be remembered.

Currently, there are hundreds of thousands of smart contracts in the Ethereum blockchain that manage wallets, tokens, applications or are used to store funds. A group of some British researchers alone was able to identify 34,200 vulnerable smart contracts according to the Motherboard data.

An assistant professor from University College London Ilya Sergey and his colleagues conducted a large-scale study to detect all possible vulnerabilities of smart contracts on the Ethereum blockchain. To do this, they downloaded the Ethereum, in effect creating its fork for personal use, and began to launch a variety of scenarios, trying to achieve undesirable consequences. When these consequences came, they marked a smart contract “with a tracked vulnerability.”

Having analyzed about a million smart contracts in this way, the researchers found that 34,200 of them contained critical vulnerabilities. They tested their assumptions on 3,000 smart contracts, and in 89% of cases, they caused the most undesirable consequences. In theory, this could allow them to steal $ 6 million in Ethereum.

According to experts, early detection of vulnerabilities prevents
possible negative consequences. So, for example, in November 2017, a user under the pseudonym DevOps19 found a vulnerability in the code of the Ethereum-purity library Parity and accidentally blocked $ 150 million.

“We are working with applications that have two very unpleasant features: they are used to manage your money and can not be fixed,” Ilya explained.

Attempts to find the creators of vulnerable, smart contracts were in vain. However, since researchers do not say which vulnerabilities were found in smart contracts, they can be considered as safe.
“If someone wants to take advantage of our idea, he, at least, will have to do as much work as we did,” the researcher summed up.
Recall, in January, the Cisco unit detected many vulnerabilities in the Ethereum-client Parity. First of all, it was about the creation of operating code, the incorrect operation of which could lead to a large-scale DoS-attack on its supporting nodes. Moreover, some “loopholes” in the purse software allowed access to private information.

A few days later, representatives of Parity Technologies said that the vulnerabilities were corrected in new versions of the software Ethereum-client.

As we see, the ICO suffers from numerous vulnerabilities, and the further develops the market the points of hacker intrusion also appears.

Read the similar material about how to ensure safety from Ddos-attacks in our official blog

https://blog.merklion.com/all/how-to-ensure-security-from-ddos-attacks/

How to catch the Bitcoin whale – fraud schemes explained.

In the crypto world, Bitcoin-whales are considered to be the people who have thousands of precious coins on their wallets. As it turns out, there are not so much of them.

Quite recently, Chainalysis “scanned” the entire network of the first cryptocurrency and found that only 1600 accounts contain more than 1000 BTC. Probably, several of them belong to Satoshi Nakamoto, which everyone knows about, but nobody has a clue about his personality.

Nevertheless, many people who bought Bitcoin many years ago for tech experiments or just for fun had become very rich last year due to cryptomarkets rising – a lot of multimillionaires and even billionaires had appeared suddenly. Even some of them managed to get to the Forbes list, this kind of people mostly tend to stay in the shadows.

Not all of them are active participants of the community or businessmen. Of course, some of them just withdrew some money for classical entrepreneurship, luxury goods, travel and other things that can be bought for cash.

However, when you trade 30, 50 or even 100 BTC, you are not concerned with security and legality from the law are your problems, and when you need to exchange 1000-5000 BTC, it becomes the problem of governmental and regulatory authorities.

No wonder that real criminals – drug lords or terrorists have their own established channels of financing and money laundering, and lawyers have their own methods of destroying such channels.

Let’s imagine that you’re the good guy here and you need to deduce a tremendous amount of money of a 4000 BTC for example. Even considering the bearish lawlessness in the market, it is more than $ 25 million at the current exchange rate. Do you start thinking if it is possible to arrange everything in offshore zones? And of course – how and where to find such a buyer?

In 2015, sophisticated fraudsters took care that the answer to the main question had become the following. We call it a conditional harpoon cannon because of this time attackers aimed at single whales, not organizations like exchanges or e-wallets.
At first, scammers throw their networks into the necessary information flows, which are used by community members. The story they tell always has same contours and diverges only in non-essential details.

A particular person “with great experience in concluding international crypto-currency transactions” has a “large buyer” who is ready to buy 10 000 – 20 000 BTC at a price of -5 % shall we say of the Bitfinex price. And the task of an “experienced intermediary” is to find a seller or sellers. Then they will be invited to meet in such cities as Vienna or Zurich to make the necessary transfers of tete-a-tete. Besides, to scale this scheme, intermediaries attract other intermediaries, promising the recent commission, which gives the system a pyramidal character.

The most known and rich cities often are used for such crime schemes.

One might think that the most bitcoins-whales are intelligent people and will feel wrong, but scammers are incredibly persuasive, focusing on details and nuances, demonstrating imaginary professionalism. And what can happen to a man in a wonderful Switzerland, a country of bank secrecy, luxury, and security? It is the names of cities that create the so-called luxury effect so that the story of a large buyer seemed believable.

The overall scheme is quite simple: the sophisticated fraudsters could arrange a change of suitcases with cash or any other virtuoso trick to convince the seller that he received money without actually receiving anything – not even weapon threatening is required.

There are also thoughtful raids of European law enforcement agencies, which take the issue of money laundering and violation of tax legislation very seriously. Even in Switzerland, where bank secrecy is akin to the biblical commandment, the transfer of a suitcase or sports bags with a massive pile of cash will cause suspicion.

All members of the community should remember that the Bitcoin-industry has attracted the attention of not only hackers, talented crackers of digital systems, but also good old thieves from the area of classical crime. They can come up with dozens of methods for identifying and robbing whales, but the latter should always be a step ahead, and certainly not to be fooled by such infamous schemes.

2018   2018   Bitcoin   Blockchain   Crime   Crypto currency   Crypto industry   Fraud