Chainalysis Crypto Crime Update: China based CSAM and Cybercrime Networks On The Rise, Pig Butchering Scams Still Lucrative

Chainalysis has release the report entitled, 2024 Crypto Crime Mid-year Update Part 2: China-based CSAM and Cybercrime Networks On The Rise, Pig Butchering Scams Remain Lucrative.

Key findings of the Chainalysis update:

CSAM networks

Reportings of China-based CSAM sites have increased since late 2023.

A majority of wallet holders are purchasing “a month’s access or more, up to and including nearly permanent access of ~20,000 days (equivalent to more than 54 years).”

Consistent with Chainalysis past findings, CSAM vendors continue “to leverage instant exchangers when cashing out.”

Scams

Scammers are adapting their on- and off-chain tactics, “conducting shorter but more dynamic and lucrative scam campaigns.” Pig butchering is the largest revenue-generating scam type YTD. One Myanmar-based scam compound first “observed on-chain in 2022 has netted at least $101.22 million so far this year.

Scammers for the most part continue to pivot away from broad-based ponzi schemes to more targeted campaigns like pig butchering, work from home scams, drainers, or address poisoning.”

Huione Guarantee

Chainalysis is observing a rise in the “use of Chinese language marketplaces and laundering networks.”

One such marketplace is Huione Guarantee, tied “to the Cambodian conglomerate Huione Group, which connects buyers and sellers who often do little to mask the illicit nature of their transactions.”

Huione Guarantee has processed “more than $49 billion in cryptocurrency transactions since 2021, significantly more than previously reported.”

Huione’s on-chain connections “include pig butchering and other scams, addresses reported as stolen funds, the OFAC-sanctioned Russian exchange Garantex, fraud shops, CSAM, Chinese language gambling sites and casinos, and more.”

In part 1 of Chainalysis mid-year crime update, they “discussed trends related to ransomware and stolen funds.”

While aggregate illicit on-chain activity declined by nearly 20% year-to-date (YTD), inflows from stolen funds “nearly doubled, and annual ransomware payments are on track to be the largest ever in a single year.”

In the second half of the update, they’ll examine “on-chain activity related to the distribution and consumption of child sexual abuse material (CSAM), including on-chain analysis of payments that two CSAM vendors received, and what those amounts indicate.”

They also examined the latest trends in crypto scams. On- and off-chain activity “shows that scammers are adapting their tactics and conducting shorter, but more lucrative and regenerative campaigns.”

The update looked at a notable scam syndicate — “the highest grossing of 2024 so far — that highlights the move away from elaborate ponzi schemes toward more targeted campaigns like pig butchering in recent years.”

“Pig butchering scams” are referred to as such “for the way bad actors say they “fatten up” their victims to extract the most possible value.”

This usually involves building a romantic relationship “over time with the victim via text message or dating apps until they push them to send money to a fake investment opportunity.”

In a dark twist, the scammers on the other end of those conversations “are often individuals that have been kidnapped, trafficked to Southeast Asia, and forced to work in labor camps housed within large compounds to carry out pig butchering scams.”

The update also looked at Huione Guarantee, a $49 billion marketplace recently “exposed for facilitating cybercrimes, including CSAM and pig butchering.”

As stated in a blog post, Reportings of China-based CSAM vendors “have increased since late last year.”

The data available shows the proportion of “all CSAM activity associated with vendors denominating their activity in yuan compared to activity in other currencies.”

These sites provide a yuan conversion rate for crypto payments. Since roughly the end of 2023, China-based vendors have captured “a larger share of global CSAM inflows, peaking so far at 38.8% of the total inflow amount in Q1 this year.”

With several billion in inflows, scams with a crypto nexus “are mounting in 2024 and are one of the largest areas of illicit activity YTD.”

According to Chainalysis‘ update, the most distinctive feature of this year’s scam landscape involves “the rapid evolution of scammers’ on-chain footprint — the crypto wallets and addresses used to take scam victim payments — and the off-chain tools they use to manipulate their victims, like domains and social media accounts.”

This activity reveals how scammers are adapting “on- and off-chain to conduct more devastating scams of shorter duration.”

Chainalysis added that to “hedge against discovery and disruption, many of these operations regenerate or maintain many smaller, simultaneous campaigns that keep larger organized scam syndicates going.”

Chainalysis pointed out that one remarkable feature of the 2024 scam landscape is “how much of the total YTD scam inflows have gone to wallets that became active this year, suggesting a surge in new scams.”

The data examines the share of total scam revenue sent “to wallets first seen in the year their respective scams received crypto.”

Notably, 43% of YTD scam inflows have “gone to wallets that became active this year.”

Chainalysis also mentioned that this trend “is significant as the next highest year, 2022, saw just 29.9% of total YTD flows go to wallets that became active that year.”



Sponsored Links by DQ Promote

 

 

Send this to a friend