Tron, Tether, and TRM Labs Join Forces to Tackle Crypto Crime

September 10, 2024 Bitcoin.com

Crypto ATMs: A Hotbed of Illicit Activity and Regulatory Crackdowns, Says Report

August 30, 2024 Bitcoin.com

Crypto ATMs surge 17X in Australia amid concerns over use by bad actors

August 30, 2024 Coin Telegraph

Cambodian Firm Receives $150K in Crypto From North Korean Hackers

July 16, 2024 Bitcoin.com

TRM Labs Report: Tether’s USDT Was the Go-to Stablecoin for Illicit Activities in 2023

March 30, 2024 Bitcoin.com

North Korean Hackers Stole Over $600,000,000 Worth of Crypto in 2023, According to Blockchain Analytics Firm

January 6, 2024 The Daily Hodl

North Korean hackers have stolen $2B of crypto since 2018: Report

August 18, 2023 Coin Telegraph

North Korean hackers have stolen B of crypto since 2018: Report

Coin Telegraph

TRM Labs estimates that North Korean hackers have stolen $200 million of cryptocurrency in 2023 alone.

North Korean hackers continue to threaten the broader cryptocurrency ecosystem, having stolen an estimated $2 billion of crypto over the past five years.

Blockchain intelligence firm TRM Labs released its latest deep dive into the murky world of cryptocurrency-related hacking, focusing on the exploits of North Korean cybercriminals. According to TRM Labs’ data, North Korea has stolen around $200 million of crypto in 2023, accounting for 20% of all stolen funds this year.

North Korean cyberattacks are estimated to be 10 times larger than attacks by other malicious actors. Hackers from the country have also honed in on the decentralized finance (DeFi) ecosystem, preying on cross-chain bridges that continue to handle a significant volume of cryptocurrency transfers.

Cross-chain hacks, such as the Axie Infinity Ronin Bridge hack, resulted in $650 million of crypto stolen, with North Korean hackers collectively stealing around $800 million in three separate attacks in 2022 alone.

The methods used to carry out these cyberattacks vary, with phishing and supply chain attacks involving compromised private keys and seed phrases.

TRM Labs notes that North Korean hackers have become more industrious with on-chain laundering methods. In the past, cryptocurrency exchanges had been used to cash out stolen cryptocurrency, but this has evolved into highly complex “multi-stage money laundering processes.”

Hackers have evolved their methods in response to aggressive sanctions by the Office of Foreign Assets Control, law enforcement operations and improved blockchain tracing tools. TRM Labs unpacked North Korea’s 2023 Atomic Wallet hack as an example of the obfuscation methods now being used by hackers from the sanctioned state.

*Data visualization of the Atomic Wallet hack carried out by North Korean hackers in June 2023. Source: TRM Labs*

The incident occurred in June 2023, when hackers targeted noncustodial wallet provider Atomic Wallet and made off with $100 million of cryptocurrency from 4,100 addresses. TRM Labs speculates that a phishing or supply chain attack likely made the exploit possible.

Hackers drained user wallets across the Ethereum, Tron, Bitcoin, XRP, Dogecoin, Stellar and Litecoin blockchains, sending the stolen funds to new wallets.

ERC-20 and TRC-20 tokens were swapped to Ether (ETH) and Tron (TRX) using decentralized exchanges before being laundered with a mix of automated programs, mixers and cross-chain swaps.

Collect this article as an NFT to preserve this moment in history and show your support for independent journalism in the crypto space.

Magazine: Should crypto projects ever negotiate with hackers? Probably

Evidence of crypto usage by ISIS is ‘mounting’: TRM Labs

July 23, 2023 Coin Telegraph

Blockchain research Firm

Blockchain intelligence platform TRM Labs revealed that Tether (USDT) on the Tron network emerged as the primary choice for transactions among ISIS affiliates across Asia.

Blockchain intelligence platform TRM Labs recently released a report that highlighted the escalating use of cryptocurrency by ISIS affiliates across Asia. It linked significant on-chain connections between these groups and pro-ISIS fundraising campaigns in Syria.

Published on July 21, the report indicated that there was “mounting on-chain evidence” from the past twelve months that pro-ISIS networks in Tajikistan, Indonesia and Afghanistan have utilized cryptocurrency to help facilitate operations.

According to TRM, the majority of transactions linked with the cases involved the use of Tether (USDT) on the Tron network (TRX).

*Extract from 'TRM Finds Mounting Evidence of Crypto Use by ISIS and its Supporters in Asia' report. Source: TRM Labs*

On July 21, Cointelegraph covered a presentation by Tara Annison, Elliptic’s former head of technical crypto advisory, where she also emphasized that Tron and Tether were popular assets for illicit use. She noted criminals were shifting away from Bitcoin (BTC) in favor of stablecoins.

Annison explained that decentralized exchanges (DEXs) have deep liquidity and "really good volume," making it "super easy" to launder funds.

A significant number of individuals using Indonesian-based exchanges to send funds to addresses associated with pro-ISIS fundraising campaigns in Syria was also highlighted in the report. It was stated:

“Over USD 517,000 was sent in 2022 by individuals using an Indonesia-based exchange to addresses identified by TRM Labs as belonging to pro-ISIS fundraising campaigns in Syria and the local exchanges that facilitate their activities.”

TRM explained that these fundraising campaigns claimed the funds were being used to support and "help free ISIS families held in Syrian camps."

All transfers were made using USDT on the Tron network in increments of $10,000, TRM wrote.

An instance in Tajikistan was also reported where crypto was used to recruit fighters for ISIS’s affiliate in Afghanistan. One of the fundraising campaigns, which was operational for more than a year, was linked to an address that received approximately $2 million in USDT on Tron in 2022.

Through blockchain tracing, TRM Labs identified the flow of funds and notified the exchange used by the group for cashing out their funds. The exchange then alerted local authorities, resulting in Turkish authorities arresting a senior ISIS fundraiser, Shamil Hukumatov, on June 22.

It was further reported that a media unit linked to ISIS’s affiliate in Pakistan (ISPP) began promoting its ability to accept donations in the second half of 2022.

TRM Labs identified that the addresses controlled by the group had a total volume of approximately $40,000 USD over the last twelve months.

This comes after TRM Labs revealed in a June 28 report that illicit finance volume involving Bitcoin had fallen significantly over the past seven years.

It noted that while Bitcoin was once the "exclusive currency" for terrorist financing, by 2022 it had all changed.

TRM Labs reported that by 2022, Tron was used for 92% of terrorist financing.

Magazine: US enforcement agencies are turning up the heat on crypto-related crime

Bitcoin no longer crypto of choice for illicit crypto activity: TRM Labs

June 28, 2023 Coin Telegraph

Bitcoin

While fiat channels remain the dominant tool for criminal financing, Bitcoin appears to have fallen out of favor for criminals as far as cryptocurrencies go.

According to new research, fewer cybercriminals are turning to Bitcoin as their primary method of moving illicit funds, with bad actors opting to go back to fiat channels or choosing other cryptocurrencies.

Digital asset compliance and risk management firm TRM Labs revealed that illicit finance volumes involving Bitcoin (BTC) had fallen significantly over the past seven years, according to its “Illicit Crypto Ecosystem Report,” released on June 28.

TRM Labs said instead a new multichain era has led to a “qualitative leap” away from Bitcoin as a primary means of moving criminal proceeds. The firm also highlighted that cash and other forms of fiat-related finance remain the “default” means of criminal money movements.

“Indeed, cash and even older forms of finance such as hawala (transferring money without physically moving it) remain the default means by which illicit activity is financed and its proceeds are laundered.”

TRM Labs also noted that while illicit activity involving crypto has increased, “crypto did not invent these criminal forms."

The firm reported that around $2 billion in crypto was stolen through attacks on cross-chain bridges in 2022, but very little of that was Bitcoin.

*Charts showing the volume of Bitcoin used across various types of illicit activity. Source: TRM Labs*

“The multi-chain era has had a sweeping impact on the distribution of illicit crypto volume as a whole,” it noted, adding that Bitcoin’s share of illicit transactions plummeted from 97% in 2016 to just 19% in 2022.

Furthermore, while two-thirds of the crypto hack volume was in Bitcoin back in 2016, that had fallen to just under 3% by 2022. The slack was taken up by Ethereum (68%) and BNB Smart Chain (19%), it said.

Meanwhile, Bitcoin was also once the “exclusive currency” for terrorist financing back then as well, but by 2022 it had been “all but replaced” by Tron, with 92%, TRM Labs claims.

Additionally, TRM Labs claims that there has been a 240% increase in the use of Tether (USDT) among the terror financing entities that it tracked in 2022.

*Use of USDT and BTC for terrorist financing. Source: TRM Labs*

The latest illicit finance figures in crypto may be brighter news for Bitcoin, which in recent days looks to be back on the table for institutional adoption.

However, the cryptocurrency saw at least $7.8 billion paid into Ponzi and pyramid schemes, as much as $1.5 billion was spent on darknet markets specializing in narcotics, and $3.7 billion was stolen through DeFi hacks and exploits in 2022, according to TRM Labs.

Earlier this year, Cointelegraph reported that 2022 set a new record for illicit crypto transactions. The total cryptocurrency value received by illicit addresses topped $20 billion last year, according to analytics firm Chainalysis.

Magazine: Hall of Flame: William Clemente III tips Bitcoin will hit six figures toward end of 2024

CFTC adds execs from Circle, Ava Labs and Fireblocks to tech advisory group

March 14, 2023 Coin Telegraph

Abalanche

The technology advisory committee aims to assist the CFTC in “identifying and understanding the impacts and implications of technological innovation in financial services and markets.”

The Commodity Futures Trading Commission has signaled receptiveness to the crypto and blockchain sector after including several executives from the space as part of its new Technology Advisory Committee (TAC).

CFTC commissioner and TAC sponsor Christy Goldsmith Romero announced the updated membership via a public statement on March 13, with the inaugural meeting of the new committee set to take place on March 22.

The TAC itself was formed in 1999 and aims to assist the CFTC in “identifying and understanding the impacts and implications of technological innovation in financial services and markets.”

“The TAC may inform the Commission’s consideration of technology-related issues in support of its mission to ensure the integrity of derivatives and commodities markets and the achievement of other public interest objectives,” the announcement reads.

Today @CFTCcgr announced the membership of the newly constituted Technology Advisory Committee, its Chair, and Vice Chair. Learn more: https://t.co/9sYxiLiiJE
— CFTC (@CFTC) March 13, 2023

The TAC also has the potential to provide advice on tech investments that “could support the Commission in meeting its surveillance and enforcement responsibilities.”

Former White House official Carole House will serve as the chair of the committee, with Ari Redboard, the head of legal and government affairs at blockchain intelligence firm TRM Labs, serving as the vice chair.

Other crypto-related members include Ava Labs founder and CEO Emin Gün Sirer, Circle vice president of global policy Corey Then, FireBlocks co-founder and CEO Michael Shaulov, Inca Digital CEO Adam Zarazinski and blockchain auditor Trail of Bits co-founder Dan Guid.

I'm thrilled to have been appointed to the CFTC's Technical Advisory Board. I'll do everything I can to move the space forward, inform regulators about the latest developments in crypto, and bring the benefits of blockchains to our financial system.https://t.co/5RpC1pb8Sd
— Emin Gün Sirer (@el33th4xor) March 13, 2023

Outside of crypto, executives from major companies such as IBM, Amazon, the CME Group and Cboe Global Markets have also been included in the TAC. There is also a strong showing of professors from university law schools such as Cornell and the University of Michigan.

As part of the announcement, Goldsmith Romero emphasized the importance of working with members from private tech and other organizations to regulate and protect the commodities/futures market:

“To protect our markets from increasingly-sophisticated cyber attacks, to ensure responsible development of digital assets in a way that protects customers, and to ensure that the implications of emerging technologies like artificial intelligence are well understood, the Commission requires advice from technology experts.”

“These experts can provide us foundational knowledge about the technology, as well as the complex and nuanced impacts and implications of technology on financial markets,” she added.

The collaborative approach from the CFTC appears to be in stark contrast to that of the other U.S. agencies, such as the Securities and Exchange Commission, which has reportedly acted frostily toward crypto firms behind closed doors.

Executives such as Coinbase CEO Brian Armstrong, Kraken co-founder Jesse Powell and Custodia Bank CEO Caitlin Long have all highlighted issues with trying to proactively work with the SEC and the government over the past couple of years.

TRM labs