Cryptocurrencies, Blockchain and Fraud

Cryptojacking – What You Should Know

   

Main Points to Consider

  1. Cryptojacking attacks are exploding in numbers.
  2. Cyrptojacking uses the computing power of hijacked computers to mine for cryptocurrencies.
  3. Cyrptojacking runs in the background slowing the system, increasing electricity usage.
  4. Illegally mined cryptocurrencies are laundered into the wallets of criminals.
  5. Preventive measures include training to avoid poor cyber hygiene habits.

Why Are They Attacking Me?

When presenting CyberFraud information to business groups and Senior Citizen groups, I am often asked “Why are they coming after me?  The answer is threefold.  First, the crooks want your money and Intellectual Property, and everybody gets that.  Second, they want the Personally Identifiable Information (PII) of you, your clients, your customers, your kids, and your grandkids.  Selling freshly stolen PII is very lucrative in underground criminal markets such as those found on the Dark Web.  Third, they want your computers.

Illegally gaining access to your computers and cyber systems to plant Malicious Software (Malware) feeds a diverse array of scams.  Malware can be designed to lock up your computers for ransom payments, known as Ransomware.  The Malware is often used to lurk in the background to conduct reconnaissance on your business and personal habits for Business Email Compromise scams, the Malware can locate and extract your trade secrets, the Malware can turn your computer into a robot to conduct other cyber-attacks, or the Malware can plant back-doors allowing access to persons intent on damaging or destroying your systems.

What is Cryptojacking?

Ransomware attacks are now decreasing in numbers.  This is not necessarily good news because the attacks still cause millions of dollars in losses and, the malicious software is changing and diversifying to avoid detection. So here comes Cryptojacking to overtake Ransomware as the top cyber threat.

Simply explained, Crytpojacking is the process of hijacking your computer to mine for cryptocurrencies.  In our discussions of Bitcoin and other cryptocurrencies, we talk about the different ways you can obtain Bitcoin.  Basically, you can get Bitcoin by exchanging fiat currency, such as U.S. dollars, to buy Bitcoin from exchanges or other persons; you can incorporate exchanging Bitcoin for goods and services through your business model; or you can mine for Bitcoins.  Mining is the process of solving complex mathematical algorithms to obtain Bitcoin.

When Bitcoin first appeared in 2009, the mining process could be done on home computers.  But each time an algorithm was solved, the next algorithm was more difficult.  More computing power was necessary as the level of complexity continually increased.  Soon, it became necessary to pool the resources of individual computers to solve the algorithms. The mining pools necessarily became larger and larger.  The Bitcoin miners discovered that increased mining power required not only more computer capabilities, but also required more electricity to run the computers and the cooling systems to protect the computers from overheating.

To overcome this challenge, hackers are now hijacking our computers to mine for cryptocurrencies.  The infected computers are banded together to harness the combined computing power for mining purposes.  Voila, no expensive mining pools, no electric bills, little risk of detection, huge profits, and opportunities to launder illegally obtained cryptocurrencies into their own wallets.

Victims of Cryptojacking have noticed their devices slowing down, increased electric bills, and additional heat from their systems.

What Can I Do to Prevent Cryptojacking?

Cryptojacking hackers use techniques found in other computer intrusion schemes to overtake the computers.  They exploit poor cyber hygiene practices such as opening unsolicited emails and attachments, clicking on suspicious websites, using corrupted apps, and identifying weaknesses in the cyber system itself.  The best known preventative measures include updating software systems, immediate use of software patches, changing passwords, strengthening firewalls, continuous monitoring of cyber systems, and continuous training of individual users to recognize cyber attack vectors.

Conclusion: This seems like the same song in a different dance, doesn’t it? As we identify and beat down current threats, the bad actors come up with something new to poison our cyber environment. As we move towards a connected world in the Internet of Things, we can expect the scoundrels to develop and improve their attack capabilities.  Al Capone would be proud of them.

              

                            

Cryptocurrencies, Blockchain and Fraud, Uncategorized

Cryptocurrencies, Fraud Schemes, and Money Laundering

  In many presentations I have done to explain Bitcoin and other virtual currencies, the most difficult part for people to understand is how a virtual currency, which cannot be seen or held in our hands, can represent value.   In fact, critics of buying and trading in virtual currencies maintain that virtual currencies will never be a reliable form of commerce.  I am not promoting or demoting the idea of virtual currencies, but it is now unmistakable that virtual currencies have gained worldwide acceptance.  One can argue that virtual currencies will never replace fiat currencies, which is probably true.

Discussion Points to Consider:

  1. Currently, there are about 2000 virtual currencies
  2. Anyone can create a virtual currency
  3. Bitcoin was the first cryptocurrency and is the most well known
  4. Cryptocurrencies are easily converted to and from government-approved currencies (Fiat Currencies)
  5. Cryptocurrencies appear in multiple fraud schemes
  6. Cryptocurrencies are used to launder proceeds from criminal activity

Although virtual currencies have been in existence since the late 1990’s, they lacked reliability and acceptance for conducting financial transactions.  The release of the Bitcoin ecosystem in 2009 disrupted the financial systems in the world’s first virtual currency using cryptology to provide advanced anonymity, and the Blockchain to solve the “double spending” problem.   Thus, Bitcoin became the first convertible, de-centralized, math-based, cryptocurrency.  Bitcoin became convertible to and from fiat currency, de-centralized because transactions could be conducted Peer-to-Peer without government oversight, based on the mathematical solutions of increasingly complex algorithms, and concealed by cryptology.  The structure of Blockchain technology proved that an owner of Bitcoin could not double spend the same Bitcoin.

                What Are Virtual Currencies?

Virtual currencies can be described as a Digital Representation of Value functioning as a Medium of Exchange that does not have Legal Tender status.  All that is required to hold value is Trust and Adoption.  Bitcoin gained in prominence because of the ease of use and semi-anonymity, but government regulators in the United States and around the world have wrangled Bitcoin into a heavily regulated world of banking.  Bitcoin rivals such as Monero and Zcash now offer better anonymity.  Ethereum is another virtual currency which serves as the basis of Smart Contracts (digitalized contracts) for use in commerce.

What is Blockchain Technology?

Blockchain is described as a Distributed Ledger where all transactions are agreed on by Nodes, or participants.  Once approved, the transaction is time-stamped and added as a new Block to the previous Block.  Each new block is individually identified by a unique hash code and is digitally tied to the previous block by incorporating a portion of the hash code.  In this manner, the Blockchain provides an irreversible record of all transactions in ascending chronological order. 

The Blockchain used in the Bitcoin platform is open to the public, meaning that anyone can freely obtain the software program and become a Node in a Non-Permissioned environment.  Nodes can then “Mine” for Bitcoin for their own use or earn Bitcoin fees for approving transactions of other users of Bitcoin.  In this Public format, the Nodes have no need to know or trust each other.  Hybrid forms of Blockchain have been formed to create a Permissioned and Private system where the Nodes know and trust each other.  In both Non-Public and Public Blockchains, each transaction is recorded on a ledger, but the identity of the person or persons behind the transaction is not disclosed.  This is accomplished by using Public Keys to record the transactions, and Private Keys that allow entry into the Blockchain.  Therefore, the identity of the person or persons conducting the transaction remains anonymous.

How are Cryptocurrencies Used in Fraud Schemes?

Cryptocurrencies are emerging as a payment of choice in many fraud schemes.  More and more, we see bad actors avoid government oversight of financial institutions by demanding payment from victims in the form of cryptocurrencies.  And why shouldn’t they? Cryptocurrencies provide anonymity, speed, and worldwide acceptance for the transfer of funds from victims to the perpetrators.  Four main areas of concern are; (1) cryptocurrencies being used in Securities Fraud matters; (2) cryptocurrencies being stolen directly from victims; (3) cryptocurrencies used as payments in Ransomware and Extortion schemes; and (4) using cryptocurrencies to pay for illegal products and services on the Dark Web.

How are Cryptocurrencies used in Securities Fraud Schemes?

 Currently, one of the hottest investment markets involves high-risk Initial Coin Offerings (ICOs), and these ICOs often result in significant losses to unwary investors.  Certainly, there are legitimate ICOs to consider.  However, regulators have found that many are ripe with fraudulent misrepresentations that can result in significant losses to investors.  ICOs can provide a means for startups to avoid high costs of regulatory compliance found in Initial Public Offerings (IPOs).   ICOs involve crowdfunding centered around cryptocurrencies and sold to investors as Utility tokens or Asset-based tokens.  Tokens are promoted as Future Functional Units of Currency.  A holder of utility tokens can exchange value for a good or service in the future while asset-based tokens are backed by an underlying asset.  Some ICOs can fall outside of existing regulations and escape normal monitoring by government regulators.  We have seen cases where scammers will use ICOs in Pump and Dump schemes and Advance Fee schemes.

Investors in Bitcoin are at risk from Market Manipulation of Bitcoin prices.  Bitcoin, known for volatile price changes, is vulnerable to current-event price swings where illicit actors take advantage of news events to manipulate the prices.  Regulators are scrambling to keep pace as increasingly complex investments are expanding across national borders. 

Question: How do you steal cryptocurrencies?   Answer: Steal the Private Keys.

The Public Keys allow access to the Blockchain ledger to record transactions, but the Private Key unlocks the currency.  Therefore, the sophisticated thieves target the computers and smart phones of the owners to learn how the cryptos were purchased, which bank accounts were used to transfer fiat currency, passwords, security questionnaire answers, contacts with other persons transacting in cryptos, websites visited to buy and sell cryptos, and above all, the identity of the Private Keys.  If Private Keys are found, the criminal can permanently transfer the currencies into their own wallet.

Third-party repositories of Private Keys can become hacking targets.  Also, willing buyers and sellers will find one another in on-line forums to meet in person to buy and sell cryptos.  People carrying cash and/or their Private Keys are then susceptible to robbery, referred to as Stage Coach robberies. 

Ransomware and Extortion attacks are directed to large and small businesses, health care organizations, governmental entities, or other businesses holding sensitive information.  Bitcoin is the most common method of transferring the extortion amount, but other cryptocurrencies offering more complete anonymity are also used.

The Dark Web is the part of the internet accessible only by special programs and are available to anyone.  The Dark Web is used by actors to sell stolen goods, sell Malware and other cyber infections, stolen identities, stolen credit cards, pornography, illegal drugs, and actually any other tool of criminal activity. Cryptocurrencies such as Bitcoin, Monero, and ZCash are used to buy and sell illegal items or services. Tumbler and mixing services are also found on the Dark Web.

What About Money Laundering with Cryptocurrencies?Sophisticated criminals are often burdened by their own success, that is, hiding the money from regulators and investigators can be difficult.  Everybody loves cash but spending too much cash only tips-off authorities monitoring cash transactions.  Cryptocurrencies make it possible to easily hide, transfer, and clean the illicit money.

Money laundering is usually explained in three steps: Placement, Layering, and Integration.  Placement means that the dirty money is placed into the financial system, usually the Federal Reserve financial system in the United States.  Layering means the money is transferred through multiple accounts to confuse the financial trail.  Integration means that the dirty money is then transferred into legitimate accounts and businesses to distribute cash and/or purchase expensive assets.

Cryptocurrencies are purchased using the approved (Fiat) currency of a country.  The purchases of cryptocurrencies can be done through government-approved exchanges, or through unregulated exchanges.   

Current emerging money laundering threats with cryptocurrencies are found in multi-national exchanges, online gambling sources, and mixing/tumbling services. Online gambling is gaining legal acceptance in the United States and other countries and offers multiple, diverse opportunities to cleanse the dirty money. Mixing and tumbling services will take individual cryptocurrency transactions and tumble them through multiple wallets to obliterate the trail of transactions. Mixing and tumbling services are not necessarily illegal, however, nefarious operations abound on the Dark Net.  

Conclusion:  Criminal actors now have assortments of tools to bounce illegally obtained fiat currencies through multiple cryptocurrency transactions, multiple wallet addresses, and multiple countries in blizzards of transactions at a very high rate of speed.  Moving and hiding proceeds from criminal fraud schemes has become faster, more efficient, and harder to detect than ever before.  So, the cat and mouse game continues.  While authorities become better at identifying and following cryptocurrencies, the bad actors adjust and adapt to advances made by the good guys.