laundering - Pwim.Net

California Man Pleads Guilty to Running Illegal Bitcoin ATMs and Money Laundering

The US Department of Justice has accepted a guilty plea from a Californian man for operating a money laundering and illegal Bitcoin business.

According to a plea agreement filed Wednesday, July 22 in federal court, 36-year old Kais Mohammad, also commonly recognized as “Superman 29”, has agreed to plead guilty to one count each of operating money laundering, unlicensed money transmitting business, and failing to maintain an effective AML (anti-money laundering) program.

Law Enforcements Spot and Study Patterns to Catch Criminals

Federal investigators revealed that Mohammed owned and operated HeroCoin, which was an illegal digital currency money services business, exchanging Bitcoin cryptocurrency for cash and charging commission rates of up to 25% that were “significantly above” the market rate.

The company also operated Bitcoin ATM kiosks in multiple retail centers, including convenience stores, gas stations, and malls throughout San Bernardino, Riverside, Los Angeles, and Orange counties. Such kiosks allowed customers to either sell Bitcoin in exchange for cash or buy Bitcoin with cash that would be dispensed on site.

Prosecutors claimed that Mohammad knew at least some of his clients’ funds were obtained through illegal activities.

As part of his plea agreement, Mohammad admitted to having exchanged more than $25 million through the firm.

Prosecutors alleged that Mohammad intentionally failed to register the firm with the U.S Department of Treasury’s Financial Crime Enforcement Network (FinCEN) or develop an effective anti-money laundering program.

Prosecutors also claimed that being a former banker, Mohammad was aware, but ignored regulations related to reporting requirements for digital currency exchanges. Regulations required Mohammad to report exchanges of currency bigger than $10,000 or any transactions over $2,000 involving customers suspected to be involved in criminal activities. But Mohammed ignored complying with these regulations.

According to court records, law enforcement officials conducted several transactions with Mohammad as a way of carrying out their investigations. One undercover agent bought $14,500 value of Bitcoin cryptocurrency during three successive transactions at a Bitcoin ATM kiosk located in Lakewood.

As per the U.S attorney’s office, Mohammad once again met in person with undercover agents who represented themselves that they worked at a ‘karaoke bar, which employed beautiful women from Korea who entertained men in several ways, including engaging in sexual activity. Mohammed agreed to accept $16,000 in cash from one of the undercover agents in exchange for Bitcoin, prosecutors reported.

Prosecutors alleged that Mohammed did not file the required currency transaction reports nor a suspicious activity report, in relation to the exchanges involving the undercover agents.

So far, no hearing date has been scheduled for Mohammad to enter a plea of guilty. He faces a maximum sentence of 30 years in federal prison. He has agreed to forfeit cryptocurrency, cash, and 17 Bitcoin ATMs that he used for his business operations.

Laundered Cryptocurrency Washed with Exchange Services

Chainalysis report reveals that a majority of criminally-connected cryptocurrencies are laundered on basic online exchange services. In 2018, doge cryptocurrencies amounted to more than $1 billion were washed by simply depositing them onto digital asset exchanges and trading them. Money launders utilized other p2p (peer-to-peer) exchange services to clean a further 12% of their illegal proceeds. This implies that over 75% of illegal cryptocurrencies were moved through an online exchange service in 2018.

The majority of illicit money flowed through either peer-to-peer exchanges or crypto exchanges, with others flowing through conversion services like gambling sites, mixing services, and Bitcoin ATMs.

Most of the digital currencies were acquired by hacking crypto exchanges directly. In 2018, about $36 million value of Ethereum was stolen through exit scams, Ponzi schemes, or phishing.

PlexCoin Founder Indicted by US Grand Jury for 2017 ICO Securities Fraud

A United States grand jury indictment has been delivered to Plexcoin founder, Dominic Lacroix, as well as Yan Ouellet and Sabrina Paradis-Royer for securities and wire fraud, according to the DOJ.

The United States Department of Justice (DOJ) announced recently that a Cleveland grand jury has delivered a five-count indictment in the PlexCoin initial coin offering (ICO) scam charging Founder Dominic Lacroix and two other employees with conspiracy to commit securities fraud and wire fraud, as well as conspiracy to commit money laundering activities.

According to the announcement from US Attorney Justin Herdman, the indictment was delivered to Dominic Lacroix, Yan Ouellet, and Sabrina Paradis-Royer who are all based in Quebec, Canada. The indictment alleges that the trio conspired to sell PlexCoin tokens to investors from May 2017 to December 2017—offered through PlexCorps.

The DOJ asserts that the three defendants planned to make themselves rich by duping unwitting investors into purchasing the cryptocurrency through PlexCoin’s ICO—which raised around $8million dollars in PlexCoin tokens.

According to the indictment, around June 2017, PlexCorps began promoting PlexCoin to the public as a new digital cryptocurrency that would be available through an upcoming ICO. Around August 2017, PlexCorps published a whitepaper for PlexCoin which was available for review on the internet by potential investors. The Whitepaper contained numerous false claims, including that some investments in PlexCoin could result in a 1,354% return.

“While technologies and the means to make investments may change, one thing remains constant – securities fraud ruins lives and deprives victims of their hard-earned money and savings,” said US Attorney Justin Herdman, “Digital currencies are a new type of investment, and just like with traditional securities, you should take the time to research and know exactly what you’re getting into before making any type of investment.”

Lacroix had been Warned

Plexcoin founder Lacroix had been ordered by the Autorité des marchés financiers (AMF) in Quebec not to go ahead with the launch of the ICO in July of 2017. He defiantly proceeded the following month and was sentenced to two months jail for contempt of court ruling. He was also served with a $110, 000 fine.

In December 2017, PlexCoin subsequently came under fire from the United States Securities and Exchange Commission. The US regulator moved to seize Lacroix’s assets in another attempt to halt the fast-moving ICO fraud which had raised $15 million dollars from investors by falsely promising incredible returns of up to 13 times the investment in a very a short period of one month.

Binance Sued for Cashing Out Illicit Hacked Funds Worth More Than $9 Million

Binance has been taken to court by Fisco, a Japanese crypto exchange, for allegedly facilitating the liquidation of at least $9 million after the latter was hacked in 2018. The lawsuit was filed in the Northern California District Court, stating that Binance was the “go-to” location for the hackers in laundering the stolen cryptocurrency because of lenient KYC policies.

Plaintiff seeks payment from losses incurred

In September 2018, Fisco, formerly known as Zaif, found itself in the hands of hackers who made away with crypto in the form of Monacoin, Bitcoin Cash, and Bitcoin valued at $63 million. Zaif was on the receiving end because the cybercriminals drained $22 million from its own assets and $41 million from customer deposits.

Two years down the line, Fisco is suing Malta-based crypto exchange Binance for aiding the cashing out of the stolen funds. As a result, it is seeking compensation for the losses incurred.

As per the complaint:

“After a Japanese cryptocurrency exchange was hacked in 2018, thieves laundered more than $9 million of the stolen cryptocurrency through Binance. Plaintiff Fisco Cryptocurrency Exchange, Inc. now seeks payment from Binance for those losses.”

Lax identification verification

Binance is being accused of not implementing stringent identification verifications as this was a loophole used by the cybercriminals to liquidate the hacked funds. For instance, some basic identifying information like address, date of birth, name, or other identifiers were not needed. Fisco, therefore, wants 1,457 Bitcoin, which was cashed out through Binance returned.

According to the lawsuit:

“During the times relevant to this action, and continuing to date, Binance has facilitated money laundering by allowing deposits and withdrawals of up to 2 bitcoins per day without any form of identification verification.”

Following the acquisition of CoinMarketCap by Binance in April, top executives have been leaving the firm in droves as Carylyne Chan, the interim CEO, was the latest to quit.

Russian Cybercriminals Sanctioned by DoJ for Crypto Laundering Scam Generating More than $16.8M

The US Department of Justice (DoJ) has sanctioned two Russian nationals for their cybercrimes, where millions in cryptocurrency were accumulated through scamming and phishing schemes.

Russian Nationals Charged for Crypto Theft

Danil Potekhin and Dimitrii Karasavidi have been flagged by the DoJ and have been sanctioned for their involvement in a sophisticated phishing campaign that generated cryptocurrency profits for them. On September 16, US lawmakers – US Department of Justice, US Department of Homeland Security, and the US Department of Treasury’s Office of Foreign Assets Control (OFAC) – said that Potekhin along with Karasavidi stole at least $16.8 million in cryptocurrency. The virtual funds originated from three separate digital currency exchanges, and the crypto laundering was said to have begun in 2017. Two of the three crypto exchanges that were hit were reported to be from the United States.

Addressing the multimillion cryptocurrency crime, Secretary of the US Department of Treasury, Steven Mnuchin, spoke up and said:

”The individuals who administered this scheme defrauded American citizens, business, and others by deceiving them and stealing virtual currency from their accounts.”

Using a technique called spoofing, which is basically the creation of web domains resembling that of legitimate crypto exchanges, Potekhin impersonated the digital asset entities. Through the cyber tactic, Potekhin managed to steal the private information of online users, acquiring their login credentials, and accessing crypto exchange customers’ real accounts. He then used the private data to transfer crypto assets in and out of various accounts. Following Potekhin’s identity theft job, Karasavidi then followed up and laundered the proceeds into a crypto account under his name.

The two Russian nationals also employed pump and dump schemes in order to acquire altcoin profits in exchanges where the virtual currencies recorded low market capitalization.

US Treasury On Cybercrime

In order to put this case to rest, the US Department of Treasury coordinated with the OFAC, the United States Secret Service, and the DoJ in order to prevent the cybercriminals from continuing their fraudulent scam. On behalf of his department, US Secretary of the Treasury Mnuchin said:

“The Treasury Department will continue to use their authorities to target cybercriminals and remains committed to the safe and secure use of emerging technologies in the financial sector.”

Cybercrime On The Rise

The two Russian nationals were detected and flagged by US law enforcers, as they were reported to have “left a trail of evidence” despite using complicated and sophisticated schemes to go around digital exchanges’ internal admin controls. The official report released by the US government read:

“Today’s action demonstrates the important role that a robust anti-money laundering and countering the financing of terrorism (AML/CFT) regime plays in deterring cybercrimes.”

Recently, the DoJ made a move on a Californian man for his involvement in an illicit cryptocurrency mining scheme that generated at least $722 million. The man was said to have played an active role in perpetuating BitClub Network, a crypto Ponzi scheme.

OKEx Founder Troubles Not Linked to Yuan Money Laundering in China, Says Blockchain Journalist

Colin Wu, a Chinese blockchain journalist, has recently posted a tweet reporting that the legal troubles facing Mingxing “Star” Xu, the founder of OKEx cryptocurrency exchange, most likely have nothing to do with allegations associated with the CNY money laundering activities.

Colin Wu is a Chinese journalist who frequently covers issues associated with cryptocurrency exchanges, blockchain and digital currencies, and their regulations in China.

After the OKEx founder was arrested, the Twitter community and even the media assumed that the ongoing investigations of Xu are associated with the involvement of money laundering activities in China. Media sources reported that OKEx crypto exchange might have violated anti-money laundering regulations with over 800 accounts and huge amounts of funds involved in the case.

However, Wu’s tweet on Oct. 21, indicated that he believes the sudden suspension of services last week on the OKEx exchange and the investigation into founder Star Xu have nothing to do with the Yuan money laundering on going in China. Wu suggested that the real issues are likely to be personal matters between the Chinese authorities and Mingxing Xu, the OKEx founder.

Wu wrote in the twitter post:

“OKEx announced the opening of CNY deposits and withdrawals, and the direct withdrawal of crypto is still not open. This may indicate that the OKEx platform has nothing to do with CNY money laundering. It is more of a personal problem with the founder of OK, Star Xu.”

On October 21, OKEx announced that it would resume P2P trading with Vietnamese dong, Indian rupee, and Chinese yuan fiat pairs. The crypto company said that for the time being, the buy option would only be available while the suspension of cryptocurrency withdrawals and sales still remains until further notice. The company’s blog said: “Please note that cryptocurrency withdrawals are still temporarily suspended and the “Sell Crypto” option is not available.”

In June this year, China’s Central Bank announced widespread investigations of money laundering activities from non-bank financial institutions and those identified to have violated expected regulations would be held accountable.

OKEx Suspended Withdrawals

OKEx suspended cryptocurrency withdrawals on October 16 after the exchange announced to its customers that the company was unable to contact the private key holders in China. Information later emerged that such as an individual was the crypto exchange’s founder, Mingxing Xu, who by then had been arrested and was cooperating with the police for ongoing investigations. Caixin Chinese media company disclosed that Xu was interrogated for at least a week ago and had been absent at work some time. But the surprising thing is that he is the only person who holds the keys of the entire offer crypto exchange.

However, Jay Hao, the CEO and co-founder of the crypto exchange, stated that the issues facing Xu were to do with his own personal matters, which would not adversely affect the company’s business.

After OKEx announced the news regarding the suspension of cryptocurrency withdrawals, Bitcoin price fell by nearly 3% and OKEx’s native token (OKB) declined by 15% within half an hour. However, Jay Hao assured customers that all their funds are safe.

Russians Under Sanctions Using Crypto to Launder Money: Elliptic Report

Russians with strong social connections, who are under international sanctions for the invasion of Ukraine, have been using cryptocurrencies to launder their wealth, according to a report.

Crypto watchdog firm Elliptic said that it found millions of crypto addresses connected to criminal activity and 400 digital asset providers who help users buy cryptocurrencies using rubles.

Elliptic was also able to identify more than a hundred thousand crypto addresses linked to Russia-based sanctioned actors.

Simone Maini, chief executive of Elliptic, said, “we have directly linked more than 15 million crypto addresses to criminal activity with a nexus in Russia.”

The firm further added that they are actively probing crypto wallets that are believed to be connected with Russian officials and oligarchs subject to sanctions using various means in collaboration with government agencies and other organisations.

Maini said that “sanctions screening requires more than simply matching customers’ wallet addresses with those published on sanctions lists in order to be effective. Funds should and can be traced through the blockchain ledger to screen them for links to all known and inferred crypto-asset addresses controlled by sanctioned actors.”

She also said that “soaring trading volumes indicate that ordinary Russians bypass oppressive capital controls and flee the devaluing ruble for the haven of crypto assets.”

The report highlights the growing pressure on Russians from sanctions put upon by the European Union, the United States and the United Kingdom. It is also evidence of the methods used by sanctioned Russians to launder money.

Last week, US President Joe Biden had announced new sanctions on the crypto assets of Russians under sanctions as an additional form of punishment for the invasion of Ukraine.

While the head of the London Stock Exchange Group said that cryptocurrency exchanges engaging with Russia could see negative consequences as Western governments look for ways to tackle Moscow’s invasion of Ukraine, Blockchain.News reported.

David Schwimmer, LSEG’s chief executive officer, said that crypto exchanges are stuck in between either abiding by the philosophy of independence from regulation or supporting the centralised system of global finance – which calls for the requirement of regulation and transparent frameworks.

FTX's $477 Million Heist: A Trail of Blockchain Clues Unearthed

In the shrouded realm of blockchain, the FTX hack that transpired on November 11, 2022, stands as a glaring testament to the cryptic trails a nefarious act can leave behind. The Bahamas-based cryptocurrency exchange, FTX, fell prey to an unidentified hacker who made off with a staggering $477 million, plunging the exchange into bankruptcy. The maleficent actor was quick to take to the shadows, embarking on a quest to launder the stolen assets through a maze of decentralized exchanges (DEXs), cross-chain bridges, and mixers.

The pilfered assets witnessed a loss of $94 million in the ensuing days, as the thief hastily funneled them through various blockchain services. RenBridge, a service held by FTX’s sister company Alameda Research, saw $74 million of the stolen cache. Yet, the bulk of these pilfered assets lay dormant, only to stir again as the Bankman-Fried trial neared, suggesting a deliberate orchestration.

The FTX’s hacker initial modus operandi was to swap the stolen tokens for native assets, like Ether, to escape the clutches of centralized authorities. Employing DEXs like Uniswap and PancakeSwap, the thief could swap tokens without fear of seizure. This initial laundering act was the precursor to a more sophisticated ploy: cross-chain laundering. The hacker funneled assets through decentralized cross-chain bridges like Multichain and Wormhole, a tactic to obscure the assets’ trail and facilitate further laundering.

One notable accomplice in this cryptic narrative was RenBridge. The thief, having accumulated 245,000 ETH now worth around $306 million, utilized RenBridge to transfer 65,000 ETH to the Bitcoin blockchain, further muddying the trail. The sinister irony lies in the fact that RenBridge was operated by Alameda Research, a sister company to the beleaguered FTX.

Once the assets were safely harbored in the Bitcoin realm, the thief employed mixers like ChipMixer to cloak their transactions, a tactic often used to thwart tracing efforts. However, as time rolled on, law enforcement clamped down on ChipMixer, pushing the thief towards newer shores like Sinbad, a suspected rebranded version of the sanctioned Blender mixer.

Fast forward to September 30, 2023, the dormant assets awoke once more. The thief, adapting to the closing net, turned to THORSwap for laundering, converting a hefty sum of Ether to Bitcoin. THORSwap, however, soon suspended its interface to stem the illicit flow of funds, albeit to little avail as the thief continued to exploit the underlying THORChain bridge.

Despite the meticulous blockchain trails unraveled by Elliptic Research, the identity of the FTX’s hacker remains shrouded in mystery. Speculations range from an inside job, possibly implicating Sam Bankman-Fried, to external rogue actors linked to North Korea’s Lazarus Group or Russia-affiliated criminal networks. The saga of the FTX hack unveils a sinister dance on the blockchain, leaving in its wake a tale of obscure trails, elusive thieves, and the relentless march of illicit digital transactions.

The unfolding drama around the FTX hack serves as a stark reminder of the continuous evolution within the crypto laundering realm. As the law enforcement and compliance sectors refine their strategies, so do the criminal minds lurking within the blockchain’s cryptic maze. The “State of Cross-chain Crime” report by Elliptic unveils the latest typologies and trends in cross-chain criminality, shedding light on the ever-evolving tactics deployed by crypto launderers.