Cryptocrime Digest (20 July 2020)
A weekly summary of news and commentary about criminal activity related to cryptocurrencies brought to you by Merkle Science. Subscribe here to receive this in your inbox every Monday.
Our Top 5 Articles From the Week
Twitter Struggles to Unpack a Hack Within Its Walls
Investigators know that at least one employee’s account and credentials were taken over and used to gain access to an internal dashboard, allowing the infiltrator to control most Twitter accounts. But investigators were still trying to determine if the hackers tricked the employee into handing over login information. Another line of inquiry includes whether a Twitter employee was bribed for their credentials, something one person who claimed responsibility for the hack told the technology site Motherboard. The Federal Bureau of Investigation said it was looking into the hack. “At this time, the accounts appear to have been compromised in order to perpetuate cryptocurrency fraud,” the agency said in a statement. “We advise the public not to fall victim to this scam by sending cryptocurrency or money in relation to this incident.” (The New York Times) — Read Merkle Science’s analysis of the Twitter hack.
Mac cryptocurrency trading application rebranded, bundled with malware
ESET recently discovered websites distributing malicious cryptocurrency trading applications for Mac. This malware is used to steal information such as browser cookies, cryptocurrency wallets and screen captures. ESET found that the malware authors wrap the original, legitimate application to include malware and also rebranded the Kattana trading application with new names and copied its original website. ESET have seen the following fictitious brandings used in different campaigns: Cointrazer, Cupatrade, Licatrade and Trezarus. In addition to the analysis of the malware code, ESET researchers have also set up honeypots to try to reveal the motivations behind this group of criminals. (We Live Security)
The DOJ Wants to Hire a Crypto Crime Attorney Adviser
The U.S. Department of Justice (DOJ) is looking to hire a dark web, cryptocurrency and computer hacking attorney adviser to assist in its crackdown on international cybercrime. This 12-month position will build out DOJ’s crypto tracing and blockchain analysis capabilities, according to a Thursday job listing by the Criminal Division’s overseas development office. Asia Pacific, Eastern Europe and Central Asia — regions DOJ said are rife with “sophisticated transnational organized crime threats” in the cybercrime and intellectual property underworld — will be a top focus for the adviser, according to the posting. Applicants must attain or maintain a Top Secret security clearance as they work alongside DOJ’s Computer Crime and Intellectual Property Section and the U.S. Transnational and High-Tech Crime Global Law Enforcement Network, according to the posting. (Coin Desk)
US Army Seeks Cryptocurrency Tracing Tools
The United States Army has expressed interest in kitting out its principal investigative division with cryptocurrency tracing tools. In a Statement of Work (SOW) published July 10, the Army’s Criminal Investigation Command’s Major Cybercrime Unit (MCU) began the process of welcoming bids from contractors. Instead of software or hardware offerings, the Army is inviting vendors of SaaS (Software-as-a-Service) solutions to come forward and provide information for planning purposes. Contractors have until July 20 to accept the Army’s invitation to express interest. According to the document, the US Army Contracting Command-New Jersey (CC-NJ) located at Fort Dix, NJ, is “surveying the market for potential contractors capable of providing one license for one user of a cloud, web-based application capable of assisting law enforcement to identify and stop actors who are using cryptocurrencies for illicit activity such as fraud, extortion, and money laundering.” (Infosecurity Magazine)
Leaked police docs reveal crypto’s role in dark web bioweapons trade
A leaked INTERPOL manual covering the trade in chemical and biological weapons on the dark web includes advice for transacting in and seizing cryptocurrencies. The manual, titled ‘Investigating Biological and Chemical Terrorism on the Darknet’, coaches law enforcement on best practices for infiltrating the dark web’s contrabandist subcultures. As well as advising investigators on how to transact in cryptocurrency, it also explains how to create an undercover identity, use the Tor browser and access dark web community forums such as Dread. The document coaches law enforcement on how to seize cryptocurrency that is suspected to be tainted by crime. (Decrypt)
Watch
Double Hack: Bitcoin Bandits Take Over Twitter While Russia Spies On Covid Vaccine Researchers
Twitter CEO Jack Dorsey “feels terrible” about yesterday’s unprecedented hack on prominent users like Barack Obama and Elon Musk. Meanwhile, hackers of a different sort are attempting to steal our Covid vaccine research. We’re starting to think the internet isn’t a safe place! (The Late Show with Stephen Colbert)
Listen
Million Dollar Fraud
A new kind of man-in-the-middle attack is emerging, and it may just be the most lucrative method of hacking ever conceived. (CheckPoint Research Podcasts)
Download
An Examination of the Cryptocurrency Pump and Dump Ecosystem
The surge of interest in cryptocurrencies has been accompanied by a proliferation of fraud. This paper examines pump and dump schemes. The recent explosion of nearly 2,000 cryptocurrencies in an unregulated environment has expanded the scope for abuse. The researchers quantify the scope of cryptocurrency pump and dump schemes on Discord and Telegram, two popular group-messaging platforms. They joined all relevant Telegram and Discord groups/channels and identified thousands of different pumps. Their findings provide the first measure of the scope of such pumps and empirically document important properties of this ecosystem. (SSRN)
Merkle Science News
Hack Track: #Twitterhack bitcoin scam
Merkle Science Hack Track provides digestible insights on the movement of stolen funds from the latest cryptocurrency heists and scams. Thanks to the transparency of the bitcoin blockchain, Merkle Science’s Data Intelligence team has been tracing the funds sent to and from the known bitcoin addresses associated with the Twitterhack scam. So far we have found that more than US$120,000 equivalent in bitcoin has been scammed off cryptocurrency holders across the globe.
Upcoming Webinar: The Current State of Cryptoasset Institutionalization: Capital, Compliance and Custody.
Merkle Science will be hosting a webinar panel discussion on Thursday, 30th July at 15:00 SGT, that will look at the current state of institutional grade capital, compliance and custody solutions for cryptoassets.
Panelists include:
- Mriganka Pattnaik, CEO and Co-Founder, Merkle Science
- Irfan Ahmad, Vice President & APAC Team Lead for Digital Product Development and Innovation (DPDI), State Street
- Stephen Richardson, Vice President of Product Strategy, Fireblocks
- Henry Chong, CEO, Fusang Group
Topics to be discussed:
- The reality behind the headlines
- What institutions are actually involved
- What technology and regulatory infrastructure improvements have been made
- What still needs to be done to facilitate further institutional adoption
Following the panel discussion there will be an opportunity for audience Q&A. Register here.
About Merkle Science
Merkle Science provides blockchain transaction monitoring and intelligence solutions for cryptoasset service providers, financial institutions and government agencies to detect, investigate and prevent the use of cryptocurrency for money laundering, terrorist financing and other criminal activities. Merkle Science is headquartered in Singapore with offices in Bangalore, Seoul and Tokyo and backed by Digital Currency Group, Kenetic, SGInnovate and LuneX.
