Category: Crime

Categories
Australia Crime Crypto News Investing

Aussie ‘Arbitrage King’ Claims Bullies Led Him to Commit $100+ Million Crypto Fraud

Australian-born former crypto hedge fund manager Stefan He Qin, who last weekend began his seven-and-a-half year sentence in a US federal prison for securities fraud, says he lied about his investors’ returns “to avoid being bullied”.

In a frank YouTube interview (see below) just days before he began his custodial sentence, Qin claimed that defrauding Australian and US investors of US$90 million between 2017 and 2020 was the end result of bullying during his teen years at a Canberra high school, adding that he felt “immense pressure” to succeed because of his Asian heritage.

Not Just Bullies, It’s the Peer Pressure

“There’s probably, like, this huge insecurity in the Asian community to just be as successful as possible at all costs,” the first-year university dropout said. “And … it’s not even about the money – it’s just [about] looking good.” Qin added: 

I felt immense pressure to inflate the returns and to just lie because I needed to match [investors’] expectations. They have this image in their head of this wunderkind who could make them a lot of money, and unless I met that image, I was a failure, right? And maybe I’d go back to being bullied; maybe people would go back to making fun of me and I would never have friends again.

Stefan He Qin

‘This is Where Greed Gets You’

Qin pleaded guilty to one count of securities fraud and was last September sentenced in a New York District Court to seven and a half years in prison. Qin had masterminded a brazen and wide-ranging Ponzi scheme while he owned and controlled two Manhattan-based cryptocurrency investment funds over a three-year period until 2020.

The so-called “Arbitrage King” (buy low, sell high!) used the proceeds to fund personal expenses, including the rented $US24,500-a-month New York City apartment in which the YouTube interview was filmed. “This is where greed gets you,” Qin says offhandedly at one point during the video, gesturing towards floor-to-ceiling views of the Manhattan skyline.

While serving his time, Qin intends to write a book and expresses a long-term ambition to return to Australia and become a politician. Some might say he’s eminently qualified.

Categories
Crime Crypto News Crypto Wallets Hackers

Warning: New ‘BHUNT’ Malware Targets Crypto Wallets and Passwords

Research done by cybersecurity company Bitdefender has found a new kind of “cryptocurrency stealer” called BHUNT, a form of malware that infiltrates wallet files and other sensitive information in the browser to access a personal wallet and transfer funds to the attackers’ wallet(s).

In a recent whitepaper, Bitdefender’s senior security researcher Janos Gergo Szeles details how BHUNT works. Similar to CryptBot, Redline Stealer and WeSteal, the malware slips in with downloads of cracked or unsecured software in order to gain access to a wallet’s seed or configuration file.

Seven Different Wallets Affected

The document states that BHUNT can exfiltrate contents from Exodus, Electrum, Atomic, Jaxx, Ethereum, Bitcoin and Litecoin wallets along with passwords stored in the browser and phrases used to recover accounts. With information such as this, a hacker can then easily access and transfer crypto straight out of a target’s wallet.

While the malware primarily focuses on stealing information related to cryptocurrency wallets, it can also harvest passwords and cookies stored in browser caches,

Janos Gergo Szeles,  senior software engineer, Bitdefender

Hackers and the like have even started targeting Discord servers of crypto and NFT communities to let loose ‘Babadeda’ malware disguised as a legitimate app.

Prevention Better Than Cure

At the moment countries with the highest infection rates include Australia, Egypt, Germany, India, Indonesia, Japan, Malaysia, Norway, Singapore, South Africa, Spain and the US.

As the virus spreads, users should be aware that they could compromise their private information as well as their crypto wallets. By downloading software from unknown vendors, people can potentially expose themselves to malware. This is why it’s important to keep security software up to date to block the installation of unwanted software.


The most effective way to defend against this threat is to avoid installing software from untrusted sources and to keep security solutions up to date.

Janos Gergo Szeles,  senior software engineer, Bitdefender
Categories
Bitcoin Crime Crypto News Ethereum

Report Shows North Korean Hackers Stole Nearly $400 Million in Crypto in 2021

North Korean hackers launched at least seven attacks against cryptocurrency platforms last year, netting almost US$400 million worth of digital assets, according to a Chainalysis report.

“Once North Korea gained custody of the funds, they began a careful laundering process to cover up and cash out,” the blockchain analytics firm’s team claims in its blog post.

Ethereum Looms Large Among Stolen Funds

The overwhelming majority (58 percent) of stolen funds was Ethereum, with Bitcoin accounting for less than a quarter of the 2021 haul. Incidentally, a prominent Ethereum developer pleaded guilty last September to a federal charge of conspiring with the North Korean government to evade US sanctions law.

According to Chainalysis, the typical hack procedure starts by swapping Ethereum-based ERC-20 tokens and other cryptocurrencies for Ethereum (ETH) via a decentralised exchange. The ETH is then put through a so-called mixer, which Chainalysis describes as “software tools that pool and scramble cryptocurrencies from thousands of addresses”. Those funds are then swapped for bitcoin, mixed a second time, and consolidated into a new wallet.

Crypto Laundering Up More Than 40% in Two Years

The mixed bitcoin is then sent to deposit addresses where crypto can be converted into a fiat currency, typically at exchanges elsewhere on the Asian continent. Over 65 percent of the North Korean rogue regime’s stolen funds were laundered through mixers in 2021. In 2020 and 2019, the respective numbers were 42 percent and 21 percent.

Hacks by total value linked to North Korea, 2017-2021. Source: Chainalysis

The Chainalysis report, released on January 13, blames the crypto heists on a state-sponsored, North Korea-based hacking group called Lazarus, best known for masterminding the 2014 Sony Pictures hack and the WannaCry ransomware attack of 2017.

Since the latter incident, the group has stolen hundreds of millions in cryptocurrencies from virtual exchanges and investment firms. The UN claims Lazarus’ goal is to fund North Korea’s government and nuclear weapons programs.

From 2020 to 2021, the number of North Korean-linked hacks jumped from four to seven, and the value extracted from these hacks grew by 40 percent.

Chainalysis report

$170 Million Stolen in 49 Hacks Yet to Be Laundered

One of the hacks involved crypto exchange Liquid.com, which lost US$91.5 million to the group. By tracking the Lazarus attacks, Chainalysis claims to have uncovered several cryptocurrency wallets the North Korean hackers are using to stockpile a fortune.

“Chainalysis has identified US$170 million in current balances – representing the stolen funds of 49 separate hacks from 2017 to 2021 – that are controlled by North Korea but have yet to be laundered through services,” the Chainalysis report noted, adding:

It’s unclear why the hackers would still be sitting on these funds, but it could be that they are hoping law enforcement interest in the cases will die down so they can cash out without being watched.

Chainalysis report

In February last year, the US Department of Justice charged three hackers associated with the Lazarus group with theft and extortion of cryptocurrencies between 2017 and 2020.

Categories
Blockchain Crime Crypto News DeFi Illegal Scams

Report: Crypto Crime Reached New Highs in 2021

In its annual Crypto Crime report, New York-based blockchain analytics firm Chainalysis has reported that although the percentage of illicit crypto transactions fell drastically in 2021, their dollar value surged significantly.

As per the Chainalysis report, the value of crimes involving cryptos surged to a new high of US$14 billion in 2021. This represents an increase of 79 percent from US$7.8 billion reported in 2020, which is mainly due to the upward spiral in crypto prices experienced in 2021.

The cryptocurrency market has expanded to such an extent that Chainalysis has even opened a new office in the Australian capital due to increased mainstream adoption in the Pacific region.

Year-to-year comparison of illicit share of all cryptocurrency transaction volume. Source: Chainalysis

Although the dollar value appears to be astronomical, the activity represents a mere 0.15 percent of the total of US$15.8 trillion in crypto transaction volumes over the year – the lowest percentage ever recorded. To put this in perspective, the illicit share of crypto transaction volume in 2019 was 3.37 percent, and 0.62 percent in 2020.

DeFi Scams and Rug Pulls Main Drivers of Crypto Crime

The Chainalysis report attributes the growth in the volume of scams and legitimate crypto transactions to the boom in decentralised finance (DeFi). While scams accounted for the largest share in 2021, rising 82 percent to US$7.8 billion, nearly US$3 million of the total crime value came from rug pulls.

Last year, Crypto News Australia reported that crypto scams, particularly rug pulls, have become the main trust issue in the crypto space, especially for newcomers.

DeFi protocols have become the primary target for cryptocurrency crimes. Source: Chainalysis

Aside from rug pulls, DeFi platforms were also widely used for money laundering and were targeted by hackers for large-scale theft.

As Chainalysis head of research Kim Grauer noted: “DeFi services were hacked at rates that we’ve never seen before. Not only are people using DeFi to carry out crime, they’re also targeting DeFi for crime.”

Grauer added that DeFi platform protocols were often hacked because it’s a new industry and a lot of the code is open-source, exposing vulnerabilities.

In 2021, US$2.2 billion worth of cryptos was stolen from DeFi protocols, which accounts for two-thirds of all cryptos stolen in 2021 – this figure represents a 516 percent increase on the numbers reported in 2020.

Categories
Australia Crime Crypto News Gold Scams South Africa Tokens

Australian Man Charged by SEC for Fraudulent ICO

Australian cryptocurrency entrepreneur Craig Sproule has been charged by the US Securities and Exchange Commission (SEC) for defrauding investors by diverting millions from a digital coin offering into South African gold mining interests.

Australian crypto entrepreneur Craig Sproule. Source: medium.com

Sproule, currently a resident of California, faces additional charges of making false and misleading statements when selling digital asset securities. Jointly named on the SEC charge sheet are two companies founded by the Lismore-born entrepreneur – Crowd Machine Inc and Metavine Pty Ltd.

‘The Man Behind the Machine’

Self-proclaimed on social media as “the Man behind the Machine”, Sproule has been ordered to pay a US$200,000 (A$280,000) civil penalty while Crowd Machine’s digital tokens will be banned from crypto trading platforms.

Crowd Machine was intended to replace Amazon Web Services, the cloud-based computer infrastructure, with a distributed system. To achieve this, Sproule claimed to have raised US$40.7 million through an initial coin offering of Crowd Machine Compute Tokens (CMCT) in early 2018 that was to fund a decentralised computer network.

Almost $6 Million Siphoned into South African Gold Mines

Instead, Sproule siphoned US$5.8 million into gold mining entities in South Africa, which was not disclosed to Crowd Machine token investors. None of the US$5.8 million has been recovered, and the South African gold mining operations “have returned no revenue”, according to the SEC’s statement of claim.

Along with Sproule and Crowd Machine, another entity registered in Australia, Metavine Pty Ltd, has committed to covering any future civil penalties relating to Crowd Machine. An application for voluntary deregistration of Metavine was filed with the Australian Securities and Investments Commission (ASIC) last month.

Sproule and Crowd Machine have neither admitted nor denied the allegations, although Sproule will be summarily banned from serving as an officer or director of a public company.

Shades of Last Year’s BitConnect Fiasco

The Sproule/Crowd Machine imbroglio echoes the circumstances of an SEC lawsuit filed last May against five individuals linked to BitConnect for promoting and selling unregistered securities. That case also shared a connection down under, with ASIC accusing a former BitConnect promoter of defrauding small investors in Australia in 2017-2018.

Categories
Banking Bitcoin Crime Crypto News Crypto Wallets Ransomware

FBI Seizes $154 Million in Bitcoin Stolen from Sony by Rogue Employee

US law enforcement has taken legal action to seize and return over US$154 million embezzled from Sony Life Insurance Company Ltd by an employee in a textbook business email compromise (BEC) attack.

Rei Ishii, 32, a Tokyo-based employee of the Sony Corporation subsidiary, allegedly diverted the funds when Sony Life attempted to transfer them between its financial accounts.

Culprit Diverts Funds, Converts Them to Crypto

Ishii was alleged to have done this by falsifying transaction instructions, which caused the funds to be transferred to an account he controlled at a Californian bank. He later converted the stolen funds into more than 3879 bitcoins held in an offline cryptocurrency cold wallet.

In a crude attempt at blackmail, Ishii also tried to block his supervisor and several Sony Life executives from assisting in the investigation by emailing them a “ransom note” typed in English and Japanese:

If you accept the settlement, we will return the funds … [But] if you [file] criminal charges, it will be impossible to recover [them]. We might go down [for] this, but … you [will] be right there next to us. We strongly recommend to stop communicate (sic) with any third parties, including law enforcement.

Ransom note from Rei Ishii, accused embezzler and former employee of Sony Life Insurance Co Ltd

Earlier this month, following a joint investigation by the FBI and Japanese authorities, the 3879 bitcoins (worth more than US$150 million at the time) in Ishii’s cold wallet were seized after the FBI obtained the private key and transferred the ill-gotten crypto to its own bitcoin wallet.

Tokyo’s Metropolitan Police Department arrested Ishii on the same day and criminally charged him on suspicion of obtaining US$154 million dollars via fraudulent money transfers.

In a statement, Acting US Attorney Randy Grossman said:

This case is an example of amazing work by FBI agents and Japanese law enforcement, who teamed up to track this virtual cash. Criminals take note: You cannot rely on cryptocurrency to hide your ill-gotten gains from law enforcement.

Acting US Attorney Randy Grossman

Echoes of the REvil Ransomware Case

The case echoes charges filed by the US Department of Justice last month against a REvil ransomware affiliate responsible for the July attack against the Kaseya MSP platform. This case had ripple effects as far as Australia, with more than US$6 million seized from another REvil partner.

Categories
Banking Bitcoin CBDCs Crime Crypto News Investing Russia Scams

Russia Central Bank Moves to Ban Investment in Crypto

According to a report by Reuters, the Central Bank of the Russian Federation (CBR) is looking to ban crypto investments. In a directive issued earlier this week, the bank has also barred mutual funds from investing in digital currency.

Russia Rebels Against Crypto

The Russian Federation, which has long argued against cryptos – citing concerns of risks to financial stability, money laundering, and possible financial terrorism – has yet again spoken its mind.

After issuing concerns over the security implications associated with cryptos, the federation eventually gave them legal status in 2020 but banned their use as a means of payment. Following this, the central bank is now in talks with market players and experts regarding a possible overall ban on cryptos.

Should a ban be approved by lawmakers, it would apply to new purchases of crypto assets but not those made in the past. Russia’s current stance amounts to a “complete rejection” of all cryptos, a source close to the bank has said.

According to the bank, the annual volume of crypto transactions conducted by Russians amounts to about US$5 billion, with CBR first deputy governor Ksenia Yudaeva claiming the use of cryptos lowered the efficiency of monetary policy. According to Yudaeva, “The situation in developed market countries more and more resembles the so-called shadow financial system.”

CBR Seeks to Ban Mutual Funds from Investing in Crypto

Adding to the bad news for investors, Russia has issued a directive that prohibits Russian mutual funds from directly or indirectly investing in crypto assets.

According to the CBR, funds cannot invest in digital currencies or in “financial instruments, the value of which depends on the price of digital currencies”. The proposal issued by the CBR, in line with its hard stance on decentralised digital money, comes after the regulator urged stock exchanges to avoid trading securities tied to cryptocurrencies in July 2021.

Despite its firm stance against cryptos, Russia is currently working on a Ruble-backed central bank digital currency (CBDC). A pilot program was set for launch this month, but the deadline has been moved with a prototype expected to be created in “early 2022”.

Hacking a Cause of Concern for Russia

Hacking has become a hot topic in the crypto world as the incidence continues to rise. Of particular concern is the involvement of Russian-based hackers. In October, Google’s Threat Analysis Group (TAG) spent a good deal of time fending off hackers attacking the accounts of YouTubers to hijack and repurpose them to run ads for crypto scams. TAG had found that the perpetrators of the campaign were recruiting hackers from a “Russian-speaking forum”.

Last month, the US Department of Justice announced charges against a REvil ransomware affiliate responsible for the hack against the Kaseya MSP platform in which ransom demands totalled US$767 million. Law enforcement has also impounded an additional US$6.1 million from another REvil ransomware affiliate, Russian national Yevgeniy Polyanin, who remains at large.

Categories
Australia Crime Crypto News

Liquidators Fight to Recover $21 Million in Crypto from Melbourne Firm’s ‘Stolen Laptop’

Melbourne-based multinational bitcoin mining firm Blockchain Global Limited collapsed in October, owing more than A$20 million to investors. Now those investors are seeking millions of dollars’ worth of bitcoin in a stolen laptop. 

Blockchain Global operated a crypto trading firm, ACX, which was drawn into a legal battle facing at least 94 investors after it stopped working in February 2020. A Victoria Supreme Court judge granted the firm’s administrators more time to recover the millions lost due to the complexity of recovering lost crypto.

Investors were complaining about being unable to access their funds at first. Withdrawals were suddenly blocked and customer support stopped providing any assistance.

Andrew Yeo, from accounting and advisory firm Pitcher Partners, said Blockchain Global’s assets included millions in bitcoin and ethereum. But contacting Blockchain Global’s directors – Allan Guo and Sam Lee – proved problematic as they reside overseas. Lee was not responsive when contacted via email or Chinese messaging service WeChat, the court was told.

Yeo said Guo had confirmed he could access the funds, but that the credentials he needed to access it were on a stolen laptop.

Investors Fighting to Recover More Than $21 Million

Investors are now fighting to recover more than A$21 million sitting on the missing laptop. This has raised concerns among investors, who now suspect fraud on the part of the former directors.

One investor, Bruno Fabre, told The Sunday Age newspaper that he had no concerns or issues with Blockchain Global and ACX until withdrawals were suddenly blocked.

I had no suspicion that it was a scam or anything like that. I was buying and selling, everything was functioning the way I thought it should function. It’s become obvious since then that there’s been some sort of wrongdoing.

Bruno Fabre, investor

Some investors claim that Blockchain and ACX owe them hundreds of thousands of dollars. When the case was taken to legal action, the Supreme Court granted a freezing order over an additional 117 BTC -roughly A$9 million.

This case is similar to the A$100 million class action lawsuit against the issuers of Qoin, a token promoted by the Queensland-based backers of 30-year old trading exchange Bartercard.

Misleading statements and failing to comply with consumer guarantees are not unusual in shady Australian-based crypto projects. A month ago, Crypto News Australia reported the shutdown of unlicensed Gold Coast financial services business A One Multi for suspected unlawful activity.

`

Categories
Bitcoin Crime Crypto Art Crypto News NFTs

Silk Road Founder Drops NFT, Causing a Stir Among Bitcoiners

Silk Road founder Ross Ulbricht, who was convicted six years ago on conspiracy charges of money laundering, computer hacking, fraud and drug trafficking, is auctioning his own non-fungible token (NFT) for charity.

In May 2015, Ulbricht was handed two life sentences plus 40 years without the possibility of parole. After two unsuccessful appeals in 2017 and 2018, he remains in a US Penitentiary in Tucson, Arizona.

“Decades of incarceration stretch out in front of me,” Ulbricht writes in his prison blog, titled My NFT:

As I face that future – my eventual old age and death in this cage – I find myself looking for meaning and purpose. Why am I here? What good can I do with the time I have left and from where I am?

Ross Ulbricht, My NFT

Aged 29 when he was arrested and with time on his hands, Ulbricht reconnected with his art, producing illustrations that told the story of what he was going through. “Then someone said, ‘You should sell your art as an NFT. The community will love it’.”

Life in a Box, graphite pencil drawing, one of 10 artworks in the Genesis Collection NFT. It depicts Ulbricht’s shared cell in New York City, before he was moved to the Federal Penitentiary in Tucson, Arizona, where he remains. Ulbricht was 32 at the time he completed this drawing.

Hence the Ross Ulbricht Genesis Collection NFT, an assembly of writings and 10 artworks with an original animation by Seattle-based audiovisual artist Levitate. The singular NFT is being auctioned on the SuperRare platform, with bids closing December 8.

Proceeds Will Support Prisoners and Families and Fund Further Legal Efforts

As well as supporting other prisoners and their families, proceeds from the NFT sale will fund a trust dedicated to efforts to free Ulbricht from a life in prison. These include new legal proceedings.

At the time of Ulbricht’s arrest in 2013, Bitcoin was the only means of exchange on the Silk Road platform. While some devotees of Bitcoin and other cryptocurrencies recognise Ulbricht’s vision as an original catalyst for blockchain adoption, just as many have greeted news of his NFT offering with derision:

Among Ulbricht’s supporters, however, @CryptoCobain possibly pleaded his case most articulately:

Just over a year ago, Crypto News Australia reported on a police seizure of nearly US$1 billion in bitcoin from Silk Road‘s hoard.

Categories
Crime Crypto News Cryptocurrencies

Crypto Lender Celsius CFO Arrested on Charges of Money Laundering

Yaron Shalem, the chief financial officer of crypto lending firm Celsius, was arrested last week along with seven others in connection with the Moshe Hogeg case. The firm confirmed the arrest on Twitter, saying it had been “made aware” of a police investigation led by Israeli forces, but didn’t disclose the name of the employee involved.

That employee is Celsius’ CFO, Yaron Shalem, included along with 17 others in an appendix to a letterhead document of the Israel Police’s National Fraud Investigation Unit.

Massive Money Laundering Scheme Foiled

Moshe Hogeg is a crypto entrepreneur behind the blockchain smartphone startup Sirin Labs. On November 18, he was arrested for money laundering, wire fraud, historical sexual assault, cryptocurrency-related scams and other charges. An undercover investigation led by Israeli Police found that Hogeg had laundered hundreds of millions of shekels through cryptocurrency.

Eight suspects were arrested on suspicion of committing fraudulent offences in the field of cryptocurrencies, amounting to hundreds of millions of shekels, following an undercover investigation conducted in recent months at the National Fraud Investigation Unit … and the Diamond Unit of the Tax Authority. According to the suspicion, [the suspects] acted systematically to commit investor fraud in a number of ventures in the field.

Israeli Police, Twitter

It’s clear that Celsius is referring to Shalem, whether or not it wants to admit it. What isn’t clear is what charges he’s facing, or the identities of the other people arrested with him.

Celsius has been under the scope of several US regulators for selling “unregistered securities”. Shalem’s suspension comes shortly after the firm revealed its Series B funding round had been incremented to US$750 million, giving the company a $3.25 billion valuation in October.

A similar case arose in Australia when a Sydney man was arrested earlier this year for running a multimillion-dollar crime syndicate.