Categories
Banking Crime Payments Regulation

Brazil Legalises Crypto as a Payment Method

The Brazilian Chamber of Deputies, the equivalent of Australia’s House of Representatives, has approved legislation to legalise the use of cryptocurrencies as a payment method throughout the South American nation. Before the legislation becomes law, however, it must be approved by the executive branch of the Brazilian government. 

The new law will not recognise Bitcoin or any other cryptocurrency as legal tender, as was done in El Salvador last year. Instead, it adds cryptocurrencies to the definition of legal payment methods within the country, along with air mileage rewards programs.

Details of the New Legislation

The bill containing the new legislation, which was authored by Aureo Ribeiro, was passed by Brazil’s senate in April of this year but has been stuck in the nation’s lower house for several months.

In addition to recognising crypto as a legal payment method, the new law will allow for the creation of licenses for cryptocurrency exchanges, crypto custody providers and virtual asset managers. 

The law will also require that exchanges avoid the commingling of company assets and their customer’s assets, in what appears to be an attempt to avoid a repeat of the FTX collapse.

Legislation Creates New Crime

The bill also establishes the new crime of fraud involving virtual assets with a minimum penalty of two years in prison and a maximum of six years, plus a monetary fine.

It also adds to Brazil’s regulatory framework around crypto, declaring that any virtual assets defined as securities will be regulated by the nation’s securities watchdog, the CMV. Assets not defined as securities will be regulated by a body yet to be determined by the executive branch but expected to be the central bank.

Companies will have 180 days to comply with the new legislation after it passes into law.

What it Means for Crypto’s Growth

Once the new legislation is signed off by the executive branch, banks in Brazil could start allowing customers to pay for goods and services using crypto as an alternative to credit and debit cards, which may lead to significant growth in the use of cryptocurrencies.

Already, some banks in Brazil have begun offering crypto-based services — in October, the Warren Buffet-backed neobank, Nubank, announced its plan to launch its own cryptocurrency in the first half of 2023. 

Categories
Australia Crime Crypto.com Illegal

Melbourne Couple to Face Trial Over $10.4M Crypto.com Blunder

A Melbourne couple who spent most of a A$10.4 million refund they received in error from cryptocurrency exchange Crypto.com are set to face trial. An administrative mistake made by an employee in Bulgaria saw the couple receive the huge sum instead of what should have been a A$100 refund.

Jatinder Singh, 37, and his partner, Thevamanogari Manivel, 40, appeared in Melbourne Magistrate’s Court on October 11 to hear the charges against them. 

At the hearing, Singh pleaded not guilty to theft and dealing with property that is the suspected proceeds of crime while Manivel pleaded not guilty to negligently dealing with property that is the suspected proceeds of crime. 

Employee Blunder Turns $100 Into $10.4M

The error which led to the couple’s unintended windfall occurred on May 12, 2021 when a Crypto.com employee based in Bulgaria was processing a refund. Rather than entering the correct cash amount of A$100 in the ‘amount’ field, the employee inadvertently entered an account number. This simple mistake resulted in over A$10 million being deposited into Manivel’s Commonwealth Bank account.

Upon receiving the enormous payment, Singh claims he thought he had won a competition run by Crypto.com after supposedly receiving a notification from the Crypto.com app. However, Crypto.com claims there was no competition that involved a $10 million prize at the time, and even if there were, the company doesn’t notify winners of competitions through in-app notifications.

Couple Bought Up Big Time

After receiving the erroneous refund, the court was told Manivel bought four houses, numerous vehicles, furniture and art. The court was also told A$4 million was transferred to a bank account in Manivel’s home country of Malaysia.

Crypto.com was unaware of the mistake until it was revealed in an audit of the company’s finances in December 2021, around six months after it occurred.

Despite Attempt to Flee, Couple Couldn’t Escape the Fallout

Manivel was arrested in March of this year at Melbourne airport with a one-way ticket to Malaysia, in what prosecutors say was an attempt to flee the country.

Both Manivel and Singh have been committed to stand trial at a later date, Manivel was released on bail while Singh remains in custody awaiting trial.

Crypto.com is also pursuing civil action against the couple in an attempt to recover almost A$3 million dollars which is yet to be paid back.

Categories
Crime Crypto Exchange Illegal Stablecoins

Terra Co-founder Do Kwon Denies $39.6M Crypto Asset Freeze

Do Kwon, the CEO of Terraform Labs and the man behind the collapsed LUNA ecosystem, has denied a report from South Korean news outlet News1 claiming local prosecutors have frozen some of his crypto assets valued at 56.2 billion won (US$39.6 million).

In response to the report, Kwon tweeted that it’s a ‘falsehood’ and that he doesn’t have time to trade crypto.

Mounting Reports Matched by Kwon Denials

In his tweet Kwon also denied having accounts on the crypto exchanges KuCoin and OKX — this was a reference to his earlier denial of a September report that South Korean authorities had asked these exchanges to freeze 3,313 Bitcoin (BTC) linked to Kwon held on their platforms. 

Just a day earlier, Bloomberg had reported that South Korean prosecutors were claiming that Interpol had issued a red notice for Kwon, meaning law enforcement organisations globally had been asked to locate and apprehend him if he attempts to cross national borders.

Yet more claims against Kwon were reported back in July, when he was accused of rug pulling LUNA holders by quietly cashing out US$80 million per month in the lead-up to the blockchain’s collapse.

Despite these mounting reports against him and the fact he appears to have gone into hiding, Kwon maintains his innocence and claims to be cooperating with authorities.

Kwon Wanted in Relation to May LUNA Collapse

The legal troubles for Kwon stem from the spectacular collapse of the LUNA ecosystem in May 2022 in which the algorithmic stablecoin UST lost its peg with the US dollar, falling to virtually zero and taking down its sister token LUNA with it. 

This collapse wiped out around US$26 billion of investor value, triggered the collapse of Three Arrows Capital, contributed to the bankruptcy of crypto lenders Voyager and Celsius, and plunged the entire crypto market into a deep winter from which it is yet to emerge.

For his part in LUNA’s collapse, Kwon is now wanted by South Korean authorities for numerous crimes, including breaching the country’s capital-market laws.

Categories
Crime Crypto News

John McAfee’s Ex-Girlfriend Claims He’s Alive, Living in Texas

In a bizarre twist in the long and convoluted story of John McAfee, creator of the eponymous antivirus software, he is allegedly alive, well, and living in Texas.

The extraordinary claims are made by McAfee’s ex-girlfriend in an interview for a new Netflix documentary titled Running With The Devil: The Wild World of John McAfee, released this week.

https://www.businessinsider.com/bitcoin-price-john-mcafee-not-a-bubble-2017-8
Did John McAfee fake his own death?

McAfee ‘Speaks’ Post-‘Suicide’

Central to the Netflix biopic is an interview conducted with McAfee’s former partner Samantha Herrera, who claims she had spoken with the disgraced software developer over the phone after his supposed June 2021 suicide in a Spanish jail.

While the director of the documentary, Charlie Russell, is sceptical, stating “I can’t work out whether [Herrera] thinks it’s real or not”, McAfee’s widow, Janice, isn’t having any of it. She believes that if McAfee were hiding out, it wouldn’t be in Texas, or anywhere else in the US considering he is wanted by the IRS.

Instead, Janice McAfee is circulating a petition for the release of her husband’s remains – and for an independent autopsy – as they are yet to be returned to her by Spanish authorities:

Regardless of the truth surrounding McAfee’s passing, he remains as curious in death as he was in life. The biopic was released by Netflix on August 24.

Death and Taxes

McAfee was arrested at Barcelona International Airport in October 2020 for tax evasion. Late on June 23, 2021, he was reportedly discovered dead in his cell in a Barcelona jail, only hours after the Spanish National Court had approved his extradition to the US, where he would have faced up to 30 years in prison.

According to McAfee’s lawyer, he had hanged himself, although there were several signs of foul play in connection with his apparent death. One of these was a tweet from McAfee which read: ‘I am content in here. I have friends. The food is good. All is well. Know that if I hang myself, a la [convicted sex offender Jeffrey] Epstein, it will be no fault of mine’.

This Netflix documentary isn’t the only analysis of McAfee’s life in current circulation. No Domain: The John McAfee Tapes, a new book published by biographer Mark Eglinton, details exactly how McAfee managed to lose his US$100 million fortune. The funds were reportedly spent on “bizarre” mansions and compounds across the globe. Perhaps there’s one in Texas we didn’t know about.

Categories
Crime Ethereum Privacy Tornado Cash

Suspected Tornado Cash Developer Arrested by Dutch Authorities

Dutch authorities have announced their arrest last week of a Tornado Cash developer in Amsterdam for his alleged involvement in concealing criminal financial flows and facilitating money laundering through his work on the crypto mixing service. 

Tornado Cash, which is built on the Ethereum blockchain, allows users to conceal the sending and receiving addresses of transactions, thus concealing their identity. It has reportedly been widely used by criminals to launder stolen assets, but has also been used for legitimate purposes such as concealing the identities of Ukrainian citizens receiving donated crypto.

Dutch Investigators Say More Arrests May Follow

The Tornado Cash developer’s arrest was announced by the Dutch Fiscal Information and Investigation Service (FIOD) on August 12, two days after it took place. The FIOD said it couldn’t rule out further arrests in connection with the case.

FIOD’s interest in Tornado Cash began in June of this year when its Financial Advanced Cyber Team (FACT) launched a criminal investigation of the service. FACT claims that Tornado Cash has been widely used by hackers to launder vast quantities of stolen crypto assets including “funds stolen through hacks by a group believed to be associated with North Korea”.

FACT found evidence of high-value criminal cash flows through the mixer since it was launched in 2019:

Investigations showed that at least one billion dollars’ worth of cryptocurrencies of criminal origin passed through the mixer. It is suspected that persons behind this organisation have made large-scale profits from these transactions. 

Dutch Fiscal Information and Investigation Service (FIOD)

Crypto Community Reacts With Dismay

This arrest comes after the US Treasury’s sanctioning of Tornado Cash last week for what it described as the crypto mixer’s repeated failures to impose effective controls to curtail illegal use of the service. Tornado Cash had previously attempted to weed out criminal users of the service by blocking sanctioned addresses, but the US authorities considered these efforts inadequate.

The crypto community has generally reacted negatively to this arrest, suggesting it represents an infringement of the developer’s right to freedom of speech and an attack on crypto users’ privacy:

Other Twitter users have also pointed out the disparity between the treatment of the Tornado Cash developers and the creators of some high-profile crypto failures and rug pulls:

Categories
Crime DeFi Regulation Tornado Cash

US Treasury Sanctions Crypto Mixer ‘Tornado’, Freezing USDC and ETH Addresses  

Tornado Cash, a mixing service that obscures crypto transaction information, has been sanctioned by the US Treasury, which claims the DeFi protocol is regularly used for money laundering to cover up cybercrime.

Treasury added Tornado Cash and 44 of its Ethereum and USDC wallet addresses to its Specially Designated Nationals list of embargoed entities typically used to prohibit people in the US from dealing with terrorists and authoritarian regimes.  

According to Treasury, more than US$7 billion had been laundered via Tornado Cash, including some US$455 million of the US$625 million stolen by North Korean hacking group Lazarus in an exploit of the Ronin Network in March this year. Tornado Cash was also used to conceal the source of more than US$96 million in dirty money from June’s Harmony Bridge heist, Treasury said. 

Protocol Fails to Balance Privacy and Compliance 

Tornado Cash ‘mixes’ crypto transaction details to break the links in on-chain activity, in the interests of preserving users’ privacy. Deposits are made via one address and withdrawn by a different address, meaning transactions are harder to trace – and therefore appealing to criminals.

In April 2022, Tornado Cash moved to block access by addresses sanctioned by Treasury’s Office of Foreign Assets Control (OFAC) in an attempt to demonstrate compliance. More recently, the protocol transitioned to a fully open-source user interface to increase transparency by enabling contributors to suggest code improvements.

However, it’s clear Treasury did not feel the protocol was meeting its anti-money-laundering obligations, making it a threat to US national security.

Despite public assurances otherwise, Tornado Cash has repeatedly failed to impose effective controls designed to stop it from laundering funds for malicious cyber actors on a regular basis and without basic measures to address its risks. Treasury will continue to aggressively pursue actions against mixers that launder virtual currency for criminals and those who assist them.

Brian E. Nelson, Treasury Under Secretary for Terrorism and Financial Intelligence

Treasury Issues Broader Warning

Treasury also had a warning for the broader crypto ecosystem: “As today’s action demonstrates, mixers should in general be considered as high-risk by virtual currency firms, which should only process transactions if they have appropriate controls in place to prevent mixers from being used to launder illicit proceeds.”

Categories
Crime Crypto News

North Korea Hackers Use Fake Resumes to Get Hired and Steal Crypto: Report

In a report from Bloomberg, cybersecurity firm Mandiant has claimed that North Korean citizens are plagiarising online resumes and pretending to be from other countries as they attempt to fraudulently obtain remote, freelance employment at crypto firms. 

The warning from Mandiant follows a similar alert issued by the US government in May that North Koreans were seeking to infiltrate tech companies for malicious purposes.

Fake Employees Aim to Aid Regime’s Fundraising

According to Mandiant researchers, North Korean citizens have been copying resumes found on professional networking websites such as LinkedIn and Indeed, claiming to have skills relevant to working on crypto projects. 

In one case, a suspected North Korean applicant claimed to have published a whitepaper about the Bibox crypto exchange. In another, the applicant claimed to be a senior software developer at a blockchain consultancy firm.

Speaking to Bloomberg, Mandiant principal analyst Joe Dobson said the North Korean applicants were seeking to gain access that allowed them to influence an organisation’s direction:

It comes down to insider threats; if someone gets hired onto a crypto project and they become a core developer, that allows them to influence things, whether for good or not. 

Joe Dobson, principal analyst, Mandiant

Fellow Mandiant analyst Michael Barnhart said a central objective for the North Koreans applying for these jobs was to gather insider information on emerging trends in the crypto market, which could allow the North Korean regime to benefit through illicit fundraising efforts to skirt Western sanctions:

These are North Koreans trying to get hired and get to a place where they can funnel money back to the regime. 

Michael Barnhart, principal analyst, Mandiant

Mandiant said the North Korean applicants were mainly located in China and Russia, and presented themselves as being South Korean, Japanese and in some cases American.

North Korea’s Troubled History With Crypto

The North Korean regime has used crypto-based crime as a source of revenue for some time. According to Chainalysis, the regime stole almost US$400 million worth of crypto in 2021 alone – a staggering 2.4 percent of the nation’s total GDP. 

In April this year, the regime-backed Lazarus hacking group was believed to have been behind the US$625 million hack of the Ronin Network. 

In a related story, around the same time former Ethereum developer Virgil Griffith was sentenced to 63 months in prison and fined US$100,000 by a US Federal Court judge for illegally travelling to North Korea in 2019 to teach citizens how they could use crypto to evade US sanctions.

Categories
Australia Crime Cryptocurrencies Cryptocurrency Law

Victorian State Parliament Moves to Give Police Sweeping Powers to Seize Crypto

The Australian state of Victoria has this week introduced new laws allowing the seizure of assets including crypto if criminals are caught with guns or drugs.

Police Invested with ‘More Power’

The Justice Legislation Amendment (Police and Other Matters) Bill 2022, tabled in Victoria’s Parliament, will tighten the state’s confiscation laws and give authorities more power to investigate and impound proceeds of crime.

Under the legislation, a conviction for possessing a trafficable quantity of firearms, as well as drug and sexual offences, will trigger the automatic forfeiture of assets, including cryptocurrencies.

A year ago, Victoria Police took possession of what they claimed at the time was the largest quantity of crypto (A$8.5 million worth) ever seized in connection with an Australian crime.

Jaclyn Symes, Attorney-General of Victoria. Source: bendigoadvertiser.com.au

According to Victoria’s Attorney-General, Jaclyn Symes, the proposed new legislation will “better reflect the realities of modern policing”.

These reforms will provide law enforcement with greater opportunities to confiscate proceeds of crime, ensuring there’s no payday for criminals.

Jaclyn Symes, Attorney-General, Victoria

Crypto Exchanges Forced to Provide Customer Information

Cryptocurrency exchanges will be compelled to hand over information about suspects much in the same way as banks are able to seize digital wallets. Powers to obtain electronic data from computers and storage devices, and authorising specialised tradespeople such as locksmiths to search a criminal’s property, will also be facilitated.

Intelligence officers would also no longer need the approval of the Chief Commissioner of Police to investigate online predators, making it easier for police to assume fake identities to infiltrate online child grooming profiles.

Court oversight of search warrants would be streamlined under the reforms, though Victoria Police has issued assurances that “safeguards would remain in place”.

These would include court directions that seized items – including cryptocurrencies – be returned to owners. Victims of crime will also be eligible for more compensation from the proceeds of forfeited property. Whether that also includes crypto was not specified.

Categories
Crime Hackers Mining Scams Security

‘Cryptojacking’ in Financial Sector Soars 269% in 2022, Security Firm Report

A report from cybersecurity company SonicWall shows financial firms are now the main victims of so-called ‘cryptojacking’ attacks, following a 269 percent increase in the frequency of cyber-related exploits targeting the finance sector in the first half of 2022.

Cryptojacking refers to a cyber attack where a hacker uses malware to surreptitiously install crypto mining software on a victim’s computer, commandeering the computer’s resources to fraudulently mine crypto. It results in significantly degraded computer performance and high electricity costs for the victim.

Finance and Retail Sectors are Major Targets

In previous years, healthcare and education sectors had been the primary victims of cryptojacking, but that changed recently after what the report’s authors described as a “dramatic reshuffling” in 2022. 

Global cryptojacking volume increased 30 percent compared to the first half of 2021. The financial sector has borne the brunt of the massive increase and it now suffers over five times more cryptojacking attacks than the second-placed retail industry, which itself saw a 63 percent increase in attacks year-to-date.

Last year, partly in response to the number of cyberattacks against domestic businesses, the Australian federal government introduced controversial, far-reaching legislation to increase its powers in the event of a high-risk security attack.

Cryptojacking Increase Related to Fall in Ransomware Attacks

The report argues the huge growth in cryptojacking can be partly attributed to a shift away from ransomware attacks by scammers.

Unlike ransomware, which announces its presence and relies heavily on communication with victims, cryptojacking can succeed without the victim ever being aware of it.

2022 SonicWall Cyber Threat Report

“And for some cybercriminals feeling the heat, the lower risk is worth sacrificing a potentially higher payday.”

As mainstream adoption of crypto has grown, organised criminals have increasingly used the new technology to ply their illicit trade. A 2021 report from Chainalysis estimated US$33 billion had been laundered through crypto in the past five years.

Categories
Coinbase Crime Crypto Exchange Cryptocurrency Law

Former Coinbase Employee Charged in First Crypto Insider Trading Case

Three people, including a former Coinbase employee, have been charged with wire fraud conspiracy and wire fraud over an insider trading tip-off scheme that ran from June 2021 until April 2022, netting the accused over US$1.5 million in realised and unrealised profits. 

These charges are the first to be brought against defendants in a cryptocurrency insider trading case and act as a reminder that crypto markets are subject to many of the same laws that govern traditional financial markets.

Employee Tips Off Brother and Friend to Coinbase Listings

The three individuals charged by the US Attorney’s Office are former Coinbase product manager Ishan Wahi, his brother Nikhil, and his friend Sameer Ramani. 

It’s alleged that Ishan Wahi used his detailed knowledge of upcoming Coinbase asset listings to tip off Nikhil Wahi and Ramani, who then purchased large quantities of the assets just prior to the announcements of their listings and sold them for a profit shortly after the announcements. 

It’s alleged the trio used this method on at least 14 separate occasions, trading at least 25 different cryptocurrencies. In an attempt to cover their tracks, Nikhil Wahi and Ramani created accounts at centralised exchanges in other people’s names and transferred their assets through multiple anonymous Ethereum accounts.

Speaking about the charges against the trio, Damian Williams, Attorney General for the Southern District of New York, said:

Today’s charges are a further reminder that Web3 is not a law-free zone.  Just last month, I announced the first ever insider trading case involving NFTs, and today I announce the first ever insider trading case involving cryptocurrency markets.  Our message with these charges is clear: fraud is fraud is fraud, whether it occurs on the blockchain or on Wall Street. And the Southern District of New York will continue to be relentless in bringing fraudsters to justice, wherever we may find them. 

Damian Williams, US Attorney General, Southern District, New York

Twitter Post Helps Uncover Scheme

The beginning of the end for the insider trading scheme came on April 12 of this year when a Twitter user noted that an Ethereum wallet had bought hundreds of thousands of dollars’ worth of digital assets just 24 hours before their Coinbase listings were announced. 

The wallet was subsequently found to be under the control of Ramani. Following this tweet, Coinbase opened an investigation into the matter and on May 11, Coinbase’s director of security operations emailed Ishan Wahi to tell him to appear for an in-person meeting at Coinbase’s headquarters in Seattle, Washington, on May 16.

On the evening of May 15, Ishan Wahi bought a one-way ticket to India, which was scheduled to depart the following morning, just before the meeting with Coinbase security. However, before he could board his flight Wahi was intercepted by law enforcement and prevented from leaving the country.

Each of the defendants has been charged with one count of wire fraud conspiracy and one count of wire fraud – each charge carries a maximum sentence of 20 years in prison.

Insider trading is an ongoing issue that undermines confidence in both regulators and markets. Last September, the head of product development for the NFT marketplace OpenSea resigned following allegations of insider trading, and questions were raised about the integrity of the US Federal Reserve following the resignation of two regional Fed presidents over insider trading allegations.