1. Home
  2. TRM labs

TRM labs

Tron, Tether, and TRM Labs Join Forces to Tackle Crypto Crime

Tron, Tether, and TRM Labs Join Forces to Tackle Crypto CrimeTron, Tether, and TRM Labs have announced the creation of the T3 Financial Crime Unit (T3 FCU), a new initiative aimed at fighting illicit activity in the cryptocurrency space. The partnership, focused on public-private collaboration, seeks to improve security within the Tron blockchain and reduce the misuse of its tether (USDT) stablecoin. Crypto Giants Tron, […]

Bitcoin Bull Market May Drive Russian Miners Underground

Crypto ATMs: A Hotbed of Illicit Activity and Regulatory Crackdowns, Says Report

Crypto ATMs: A Hotbed of Illicit Activity and Regulatory Crackdowns, Says ReportA recent TRM Labs report reveals that crypto ATMs have processed at least $160 million in illicit transactions since 2019, with 2023 alone seeing over $30 million directed to known scam addresses. The rate of illicit activity at crypto ATMs is double that of the overall crypto industry, standing at 1.2% of total volume. Global […]

Bitcoin Bull Market May Drive Russian Miners Underground

Crypto ATMs surge 17X in Australia amid concerns over use by bad actors

The number of new crypto ATMs in Australia has surged 17 times over the past two years, but TRM Labs has warned about their use in scams, fraud, and crime.

Australia has seen the number of new crypto ATMs swell by 17 times in the past two years, making it one of the world’s fastest-growing markets for the kiosks, despite rising concerns over their use by malicious actors.

The country is now the world’s third-largest market for crypto ATMs with 1,162 machines — up from just 67 in August 2022, data from Coin ATM Radar shows.

This means that 160 ATMs have been added since the end of April, when Australia just crossed the milestone of having over 1,000 active machines in operation.

Read more

Bitcoin Bull Market May Drive Russian Miners Underground

Cambodian Firm Receives $150K in Crypto From North Korean Hackers

Cambodian Firm Receives 0K in Crypto From North Korean HackersA major payments firm in Cambodia, Huione Pay, received over $150,000 in cryptocurrency from a digital wallet used by the North Korean hacking group Lazarus, according to blockchain data reviewed by Reuters. The crypto was sent to Huione Pay between June 2023 and February 2024 from a wallet linked to funds stolen from Atomic Wallet, […]

Bitcoin Bull Market May Drive Russian Miners Underground

TRM Labs Report: Tether’s USDT Was the Go-to Stablecoin for Illicit Activities in 2023

TRM Labs Report: Tether’s USDT Was the Go-to Stablecoin for Illicit Activities in 2023A report issued by TRM Labs indicated that Tether’s USDT, the largest stablecoin in the cryptocurrency industry, was the preferred stablecoin used for illicit transactions during 2023. TRM Labs alleges that 1.6% of USDT’s volume was linked to illicit activity last year, with $19.3 billion worth of USDT used in illegal transactional flows. TRM Labs […]

Bitcoin Bull Market May Drive Russian Miners Underground

North Korean Hackers Stole Over $600,000,000 Worth of Crypto in 2023, According to Blockchain Analytics Firm

North Korean Hackers Stole Over 0,000,000 Worth of Crypto in 2023, According to Blockchain Analytics Firm

New data from blockchain intelligence firm TRM Labs reveals that North Korean hackers stole over half a billion dollars worth of digital assets in 2023. According to a new study by the crypto analytics platform, hackers associated with the Democratic People’s Republic of North Korea (DPRK) looted $600 million worth of crypto assets last year. […]

The post North Korean Hackers Stole Over $600,000,000 Worth of Crypto in 2023, According to Blockchain Analytics Firm appeared first on The Daily Hodl.

Bitcoin Bull Market May Drive Russian Miners Underground

North Korean hackers have stolen $2B of crypto since 2018: Report

TRM Labs estimates that North Korean hackers have stolen $200 million of cryptocurrency in 2023 alone.

North Korean hackers continue to threaten the broader cryptocurrency ecosystem, having stolen an estimated $2 billion of crypto over the past five years.

Blockchain intelligence firm TRM Labs released its latest deep dive into the murky world of cryptocurrency-related hacking, focusing on the exploits of North Korean cybercriminals. According to TRM Labs’ data, North Korea has stolen around $200 million of crypto in 2023, accounting for 20% of all stolen funds this year.

North Korean cyberattacks are estimated to be 10 times larger than attacks by other malicious actors. Hackers from the country have also honed in on the decentralized finance (DeFi) ecosystem, preying on cross-chain bridges that continue to handle a significant volume of cryptocurrency transfers.

Related: North Korea stole more crypto in 2022 than any other year: UN report

Cross-chain hacks, such as the Axie Infinity Ronin Bridge hack, resulted in $650 million of crypto stolen, with North Korean hackers collectively stealing around $800 million in three separate attacks in 2022 alone.

The methods used to carry out these cyberattacks vary, with phishing and supply chain attacks involving compromised private keys and seed phrases.

TRM Labs notes that North Korean hackers have become more industrious with on-chain laundering methods. In the past, cryptocurrency exchanges had been used to cash out stolen cryptocurrency, but this has evolved into highly complex “multi-stage money laundering processes.”

Hackers have evolved their methods in response to aggressive sanctions by the Office of Foreign Assets Control, law enforcement operations and improved blockchain tracing tools. TRM Labs unpacked North Korea’s 2023 Atomic Wallet hack as an example of the obfuscation methods now being used by hackers from the sanctioned state.

Data visualization of the Atomic Wallet hack carried out by North Korean hackers in June 2023. Source: TRM Labs

The incident occurred in June 2023, when hackers targeted noncustodial wallet provider Atomic Wallet and made off with $100 million of cryptocurrency from 4,100 addresses. TRM Labs speculates that a phishing or supply chain attack likely made the exploit possible.

Hackers drained user wallets across the Ethereum, Tron, Bitcoin, XRP, Dogecoin, Stellar and Litecoin blockchains, sending the stolen funds to new wallets.

ERC-20 and TRC-20 tokens were swapped to Ether (ETH) and Tron (TRX) using decentralized exchanges before being laundered with a mix of automated programs, mixers and cross-chain swaps.

Collect this article as an NFT to preserve this moment in history and show your support for independent journalism in the crypto space.

Magazine: Should crypto projects ever negotiate with hackers? Probably

Bitcoin Bull Market May Drive Russian Miners Underground

Evidence of crypto usage by ISIS is ‘mounting’: TRM Labs

Blockchain intelligence platform TRM Labs revealed that Tether (USDT) on the Tron network emerged as the primary choice for transactions among ISIS affiliates across Asia.

Blockchain intelligence platform TRM Labs recently released a report that highlighted the escalating use of cryptocurrency by ISIS affiliates across Asia. It linked significant on-chain connections between these groups and pro-ISIS fundraising campaigns in Syria.

Published on July 21, the report indicated that there was “mounting on-chain evidence” from the past twelve months that pro-ISIS networks in Tajikistan, Indonesia and Afghanistan have utilized cryptocurrency to help facilitate operations.

According to TRM, the majority of transactions linked with the cases involved the use of Tether (USDT) on the Tron network (TRX).

Extract from 'TRM Finds Mounting Evidence of Crypto Use by ISIS and its Supporters in Asia' report. Source: TRM Labs

On July 21, Cointelegraph covered a presentation by Tara Annison, Elliptic’s former head of technical crypto advisory, where she also emphasized that Tron and Tether were popular assets for illicit use. She noted criminals were shifting away from Bitcoin (BTC) in favor of stablecoins. 

Annison explained that decentralized exchanges (DEXs) have deep liquidity and "really good volume," making it "super easy" to launder funds. 

A significant number of individuals using Indonesian-based exchanges to send funds to addresses associated with pro-ISIS fundraising campaigns in Syria was also highlighted in the report. It was stated:

“Over USD 517,000 was sent in 2022 by individuals using an Indonesia-based exchange to addresses identified by TRM Labs as belonging to pro-ISIS fundraising campaigns in Syria and the local exchanges that facilitate their activities.”

TRM explained that these fundraising campaigns claimed the funds were being used to support and "help free ISIS families held in Syrian camps."  

All transfers were made using USDT on the Tron network in increments of $10,000, TRM wrote. 

An instance in Tajikistan was also reported where crypto was used to recruit fighters for ISIS’s affiliate in Afghanistan. One of the fundraising campaigns, which was operational for more than a year, was linked to an address that received approximately $2 million in USDT on Tron in 2022.

Through blockchain tracing, TRM Labs identified the flow of funds and notified the exchange used by the group for cashing out their funds. The exchange then alerted local authorities, resulting in Turkish authorities arresting a senior ISIS fundraiser, Shamil Hukumatov, on June 22.

Related: Debunking the myth: Cryptocurrency is used for criminal activity

It was further reported that a media unit linked to ISIS’s affiliate in Pakistan (ISPP) began promoting its ability to accept donations in the second half of 2022.

TRM Labs identified that the addresses controlled by the group had a total volume of approximately $40,000 USD over the last twelve months.

This comes after TRM Labs revealed in a June 28 report that illicit finance volume involving Bitcoin had fallen significantly over the past seven years. 

It noted that while Bitcoin was once the "exclusive currency" for terrorist financing, by 2022 it had all changed.

TRM Labs reported that by 2022, Tron was used for 92% of terrorist financing. 

Magazine: US enforcement agencies are turning up the heat on crypto-related crime

Bitcoin Bull Market May Drive Russian Miners Underground

Bitcoin no longer crypto of choice for illicit crypto activity: TRM Labs

While fiat channels remain the dominant tool for criminal financing, Bitcoin appears to have fallen out of favor for criminals as far as cryptocurrencies go.

According to new research, fewer cybercriminals are turning to Bitcoin as their primary method of moving illicit funds, with bad actors opting to go back to fiat channels or choosing other cryptocurrencies.

Digital asset compliance and risk management firm TRM Labs revealed that illicit finance volumes involving Bitcoin (BTC) had fallen significantly over the past seven years, according to its “Illicit Crypto Ecosystem Report,” released on June 28.

TRM Labs said instead a new multichain era has led to a “qualitative leap” away from Bitcoin as a primary means of moving criminal proceeds. The firm also highlighted that cash and other forms of fiat-related finance remain the “default” means of criminal money movements.

“Indeed, cash and even older forms of finance such as hawala (transferring money without physically moving it) remain the default means by which illicit activity is financed and its proceeds are laundered.”

TRM Labs also noted that while illicit activity involving crypto has increased, “crypto did not invent these criminal forms."

The firm reported that around $2 billion in crypto was stolen through attacks on cross-chain bridges in 2022, but very little of that was Bitcoin.

Charts showing the volume of Bitcoin used across various types of illicit activity. Source: TRM Labs

“The multi-chain era has had a sweeping impact on the distribution of illicit crypto volume as a whole,” it noted, adding that Bitcoin’s share of illicit transactions plummeted from 97% in 2016 to just 19% in 2022.

Furthermore, while two-thirds of the crypto hack volume was in Bitcoin back in 2016, that had fallen to just under 3% by 2022. The slack was taken up by Ethereum (68%) and BNB Smart Chain (19%), it said.

Meanwhile, Bitcoin was also once the “exclusive currency” for terrorist financing back then as well, but by 2022 it had been “all but replaced” by Tron, with 92%, TRM Labs claims.

Additionally, TRM Labs claims that there has been a 240% increase in the use of Tether (USDT) among the terror financing entities that it tracked in 2022.

Use of USDT and BTC for terrorist financing. Source: TRM Labs

The latest illicit finance figures in crypto may be brighter news for Bitcoin, which in recent days looks to be back on the table for institutional adoption.

However, the cryptocurrency saw at least $7.8 billion paid into Ponzi and pyramid schemes, as much as $1.5 billion was spent on darknet markets specializing in narcotics, and $3.7 billion was stolen through DeFi hacks and exploits in 2022, according to TRM Labs.

Related: North Korea and criminals are using DeFi services for money laundering

Earlier this year, Cointelegraph reported that 2022 set a new record for illicit crypto transactions. The total cryptocurrency value received by illicit addresses topped $20 billion last year, according to analytics firm Chainalysis.

Magazine: Hall of Flame: William Clemente III tips Bitcoin will hit six figures toward end of 2024

Bitcoin Bull Market May Drive Russian Miners Underground

CFTC adds execs from Circle, Ava Labs and Fireblocks to tech advisory group

The technology advisory committee aims to assist the CFTC in “identifying and understanding the impacts and implications of technological innovation in financial services and markets.”

The Commodity Futures Trading Commission has signaled receptiveness to the crypto and blockchain sector after including several executives from the space as part of its new Technology Advisory Committee (TAC).

CFTC commissioner and TAC sponsor Christy Goldsmith Romero announced the updated membership via a public statement on March 13, with the inaugural meeting of the new committee set to take place on March 22.

The TAC itself was formed in 1999 and aims to assist the CFTC in “identifying and understanding the impacts and implications of technological innovation in financial services and markets.”

“The TAC may inform the Commission’s consideration of technology-related issues in support of its mission to ensure the integrity of derivatives and commodities markets and the achievement of other public interest objectives,” the announcement reads.

The TAC also has the potential to provide advice on tech investments that “could support the Commission in meeting its surveillance and enforcement responsibilities.”

Former White House official Carole House will serve as the chair of the committee, with Ari Redboard, the head of legal and government affairs at blockchain intelligence firm TRM Labs, serving as the vice chair.

Other crypto-related members include Ava Labs founder and CEO Emin Gün Sirer, Circle vice president of global policy Corey Then, FireBlocks co-founder and CEO Michael Shaulov, Inca Digital CEO Adam Zarazinski and blockchain auditor Trail of Bits co-founder Dan Guid.

Outside of crypto, executives from major companies such as IBM, Amazon, the CME Group and Cboe Global Markets have also been included in the TAC. There is also a strong showing of professors from university law schools such as Cornell and the University of Michigan.

As part of the announcement, Goldsmith Romero emphasized the importance of working with members from private tech and other organizations to regulate and protect the commodities/futures market:

“To protect our markets from increasingly-sophisticated cyber attacks, to ensure responsible development of digital assets in a way that protects customers, and to ensure that the implications of emerging technologies like artificial intelligence are well understood, the Commission requires advice from technology experts.”

“These experts can provide us foundational knowledge about the technology, as well as the complex and nuanced impacts and implications of technology on financial markets,” she added.

Related: Biden vows to hold accountable those responsible for SVB, Signature collapse

The collaborative approach from the CFTC appears to be in stark contrast to that of the other U.S. agencies, such as the Securities and Exchange Commission, which has reportedly acted frostily toward crypto firms behind closed doors.

Executives such as Coinbase CEO Brian Armstrong, Kraken co-founder Jesse Powell and Custodia Bank CEO Caitlin Long have all highlighted issues with trying to proactively work with the SEC and the government over the past couple of years.

Bitcoin Bull Market May Drive Russian Miners Underground