Blockchain & Cryptocurrency , Cryptocurrency Fraud , Fraud Management & Cybercrime
Cryptohack Roundup: Focus on Pig Butchering
Also: Hacker Launders Stolen WazirX Funds; Galois, Uniswap SettlementsEvery week, Information Security Media Group rounds up cybersecurity incidents in digital assets. This week, pig-butchering scams and bitcoin ATM scams increased, an update in the FTX case, stolen WazirX funds were laundered, settlements in the SEC-Galois and CFTC-Uniswap cases, Scotland seized crypto in a robbery, North Korea targeted Web3 staff, and the Mt. Gox CEO launched a new crypto firm.
See Also: OnDemand | NSM-8 Deadline July 2022:Keys for Quantum-Resistant Algorithms Implementation
Pig-Butchering Scams
Cryptocurrency criminals are shifting focus from Ponzi schemes to more targeted scams, such as pig butchering, amid law enforcement efforts and blacklisting of scam addresses, said Chainalysis in its midyear report. Many scammers are also victims themselves, trafficked to Southeast Asia and forced to run these scams in labor camps. One of the largest operations, KK Park in Myanmar, has reportedly generated over $100 million this year, with funds coming from scam victims and ransom payments from families of trafficked individuals. Workers at KK Park endure extreme conditions, including 17-hour workdays and threats of violence if they attempt to flee. The scammers frequently use purchased social media and dating profiles to execute their campaigns.
FTX Update
During FTX's bankruptcy proceedings, various strategies have been floated to maximize creditor recovery, including relaunching the exchange or distributing claims as tradeable tokens. Some decentralized platforms, such as Found.xyz and Figure Markets, even supported tokenized trading of FTX claims. FTX, led by CEO John Ray III, rejected the idea of restarting the exchange due to a lack of investors. FTX plans to repay creditors in cash or stablecoins, despite calls from some creditors for crypto-based repayments. The U.S. Securities and Exchange Commission has raised concerns, warning that it reserves the right to challenge any transactions involving crypto assets, although it has not declared them outright illegal. The SEC and the trustee overseeing the bankruptcy also objected to a provision that would shield FTX debtors from future legal actions. Administrative costs have also surged, and fees exceed $800 million.
WazirX Hacker Begins to Launder Funds
The hacking group behind the WazirX hack transferred ETH worth about $14 million to sanctioned mixer Tornado Cash, said security firm PeckShield. WazirX reported a July cyberattack on its multisignature wallet, resulting in losses exceeding $230 million. The attack affected the exchange's operations, freezing withdrawals and pausing trading since July 21. WazirX is working on partial recovery, but users may not receive the full value of their assets. Losses are expected to be distributed among users. North Korea's Lazarus Group, known for high-profile thefts including the $600 million Ronin sidechain exploit in 2022, is suspected to be behind the attack.
SEC, Galois Capital Settle Charges
The U.S. Securities and Exchange Commission settled a lawsuit against crypto-focused investment advisory firm Galois Capital for improperly managing client assets. The SEC found that Galois failed to ensure that crypto assets were held by a qualified custodian, exposing investors to the risk of asset loss or misuse. The company stored crypto with platforms including FTX, which was not a qualified custodian. FTX's collapse in November 2022 led to Galois losing about half its assets. The firm shut down in February 2023. Without admitting or denying the SEC's findings, Galois agreed to pay $225,000 in penalties and to cease future violations of the Advisers Act. The SEC also found that Galois misled investors about redemption periods, allowing some to withdraw funds with shorter notice than officially required, creating unequal treatment among investors.
CFTC, Uniswap Settlement
The U.S. Commodity Futures Trading Commission fined Uniswap Labs $175,000 for offering "illegal digital asset derivatives trading" through its decentralized exchange. The CFTC stated that Uniswap Labs allowed users to trade digital assets and leveraged tokens without proper registration, violating the Commodity Exchange Act. The tokens exposed bitcoin and Ether, and although a third party issued them, Uniswap was not registered as a proper contract market for such transactions. The CFTC said that both bitcoin and Ether are commodities, though the Securities and Exchange Commission has been less definitive about Ether's classification.
Scottish Court Tracks, Seizes Crypto in Robbery Case
Scottish law enforcement seized 110,000 British pounds worth of bitcoin from John Ross Rennie, described as the "technical brains" behind a 2020 cryptocurrency robbery, the BBC said. Rennie was convicted of possessing stolen goods after helping three men assault a victim in his home and force him to transfer his cryptocurrency. Prosecutors converted the seized bitcoin into cash. This case marks the first time Scottish police have traced stolen cryptocurrency in a robbery case.
North Korea Aggressively Targeting Web3 Employees, Says FBI
The FBI warned that North Korean cybercriminals are "aggressively targeting" employees in the Web3 industry to steal cryptocurrency funds, using advanced social engineering tactics to deceive employees at cryptocurrency and decentralized finance firms and compromise networks linked to crypto assets.
In recent months, North Korean actors have researched targets connected to cryptocurrency exchange-traded funds, indicating potential future attacks. Their tactics include impersonating key figures within companies or crafting fake scenarios tailored to victims' backgrounds to gain trust. Cybercriminals also trick victims into downloading malicious applications or running nonstandard software that introduces harmful code. To mitigate these threats, the FBI advised firms to avoid storing wallet information on internet-connected devices, refrain from using company computers for de-bugging exercises and establish verification systems through separate communication channels.
Mt. Gox CEO to Launch New Crypto Exchange
Former Mt. Gox CEO Mark Karpelès is reportedly set to launch a new crypto exchange, EllipX, later this month, focused on "transparency." Based in Poland and compliant with European MiCA regulations, EllipX says it aims to provide consumers, especially newcomers, with full transparency in operations. Karpelès plans to separate the exchange's functions, such as brokerage, trading and storage. The platform will rely on clearinghouses such as BitGo to handle crypto transfers, ensuring transparency with audits and shared technical data. Karpelès' experience with the Mt. Gox hack in 2014, which resulted in the loss of 850,000 BTC, allegedly influenced his commitment to transparency. EllipX will also introduce the EllipX Wallet, designed for ease of use, and Karpelès is working on a nonprofit, Ungox, to rate crypto projects and exchanges. Mt. Gox non-fungible token owners will receive trading fee discounts on the new platform, and all former Mt. Gox customers are eligible to receive a free NFT.
Bitcoin ATM Scams Rise
The U.S. Federal Trade Commission reported an increase in bitcoin ATM scams, with losses exceeding $110 million in 2023 - nearly ten times the amount lost in 2020. Scammers target victims through bitcoin ATMs located in busy areas such as convenience stores and gas stations. They impersonate government officials or law enforcement to convince victims that their accounts have been compromised and urge them to deposit cash into bitcoin ATMs to "protect" their savings. In the first half of 2024, Americans lost $65 million to these scams. Older adults are especially vulnerable.