The cryptocurrency sector of finance has long been a hotbed for fraud, scams, hacks, and crimes. The relative anonymity (or perceived anonymity) along with the ability to seamlessly transfer value in seconds has been catnip for crooks. Industry participants have struggled in the ongoing cat and mouse game as the bad guys adapt and find new methods of stealing other people’s money. The regulators, recognizing the opportunity for bad guys, have moved to more tightly regulate the sector – most recently with the FATF travel rule. The emergence of digital assets as a secure sector of Fintech is taking some time.
Today, CipherTrace, a data and cyber-security firm entrenched in the crypto-asset sector, has published a report quantifying the activities of crypto-criminals. In a document that covers the first 5 months of 2020, CipherTrace claims that nefarious activities have netted $1.36 billion and thus puts 2020 on track to be a banner year for the bad guys (perhaps topping 2019s $4.5 billion stolen).
The report states that of the $1.36 billion stolen, fraud and misappropriation account for 98% of the total value, or nearly $1.3 billion. The researchers state that COVID-19-related phishing sites were found to be the most popular ploys.
Regarding crypto-exchanges and “darknet marketplaces” direct criminal funds received by exchanges dropped 47% in 2019 – a three year low, with only 0.17% of funds received by exchanges in 2019 coming directly from criminal sources.
Based on an examination of one popular darknet marketplace, while 9.8% of the dark market’s one-hop interactions went directly to exchanges, 31% of its two-hop interactions went to exchanges—more than tripling the risk exposure to exchanges.
Interestingly, Finnish exchanges ranked #1 for the highest percentage of criminal BTC received for the third year in a row, with 12.01% of all BTC funds received coming directly from criminal sources.
LocalBitcoins, one of the largest peer-to-peer crypto marketplaces based in Finland, received over 99% of these criminal funds.
Russian exchanges came in 2nd and UK exchanges came in 3rd.
The report states that 5.23% of all funds received by Russian exchanges are coming directly from criminal sources.
CipherTrace explains that US Bitcoin ATMs sent more funds to high-risk exchanges than low-risk exchanges in 2019 and the percentage of funds sent to high-risk exchanges from US BATMs has doubled every year since 2017.
So far, the scam of the year prize goes to a billion-dollar Ponzi fraud by Wotoken in China. The scam promised investors ridiculous returns using non-existent algorithmic trading software, the company states. Ultimately, one Wotoken operator stole an estimated $1 billion in crypto from over 715,000 victims.
As AML/KYC applications make it more difficult for the criminals, these scammers are becoming more sophisticated. Savvy crooks attempt to layer funds through multiple private wallets before cashing out via regulated fiat off-ramps such as exchanges. This means exchanges, including compliant ones, must remain diligent to not only their direct (one-hop) exposure risk but to multi-hop risk as well.
“… criminals seem to be getting better at obfuscating the origins of their stolen funds prior to cashing out on exchanges. CipherTrace’s examination of one prominent darknet marketplace revealed that risk exposure to exchanges tripled for secondary transactions (two-hops out) compared to primary transactions (one-hop out).”
As the incorporation of the travel rule nears (it is already in place in the US), CipherTrace found that “74% of the Bitcoin moved in exchange-to-exchange transactions was sent cross-border, underlining the importance of global AML/CTF standards, such as those set forth by the FATF.”
Traditional banks are part of the scam stack too. CipherTrace states that banking and virtual currency is “increasingly intertwined as 8 out of 10 US retail banks harbor illicit crypto MSBs, and a top 10 US retail bank will typically process upwards of $2 billion in crypto-related transactions annually that are not being detected.”
CipherTrace says that 57% of the top 500 VASPs, or virtual asset service providers, have bad or “porous” KYC.
One of the biggest “take-downs” was the tumbling service provided by Larry Dean Harmon of Akron, Ohio. The report states that Harmon’s Helix laundering operation moved approximately $300 million in Bitcoin until he was arrested.
There is plenty more in this comprehensive report that chronicles illicit activity in the digital asset sector. Sometimes reality is stranger than fiction. You can read it all here.