money laundering | Breaking Cybersecurity News | The Hacker News

A coalition of international law enforcement agencies has seized the website associated with the cryptocurrency exchange Garantex ("garantex[.]org"), nearly three years after the service was sanctioned by the U.S. Treasury Department in April 2022. "The domain for Garantex has been seized by the United States Secret Service pursuant to a seizure warrant obtained by the United States Attorney's Office for the Eastern District of Virginia under the authority of 18 U.S.C. §§ 981 and 982," reads a seizure banner on the website. The operation was carried out in coordination with the U.S. Department of Justice's Criminal Division, the Federal Bureau of Investigation, Europol, the Dutch National Police, the German Federal Criminal Police Office (Bundeskriminalamt aka BKA), the Frankfurt General Prosecutor's Office, the Finnish National Bureau of Investigation, and the Estonian National Criminal Police. Founded in 2019, Garantex was previously subject to U....

U.S. President Donald Trump on Tuesday granted a "full and unconditional pardon" to Ross Ulbricht, the creator of the infamous Silk Road drug marketplace, after spending more than 11 years behind bars. "I just called the mother of Ross William Ulbricht to let her know that in honor of her and the Libertarian Movement, which supported me so strongly, it was my pleasure to have just signed a full and unconditional pardon of her son, Ross," Trump said in a post shared on Truth Social. "The scum that worked to convict him were some of the same lunatics who were involved in the modern day weaponization of government against me. He was given two life sentences, plus 40 years. Ridiculous!" Launched in February 2011, Silk Road emerged as a major hub on the dark web for illegal drugs and other illicit goods and services. The marketplace generated over $200 million in revenue in its nearly three years of existence, per authorities. It was taken down in Octobe...

Everybody knows browser extensions are embedded into nearly every user's daily workflow, from spell checkers to GenAI tools. What most IT and security people don't know is that browser extensions' excessive permissions are a growing risk to organizations. LayerX today announced the release of the Enterprise Browser Extension Security Report 2025 , This report is the first and only report to merge public extension marketplace statistics with real-world enterprise usage telemetry. By doing so, it sheds light on one of the most underestimated threat surfaces in modern cybersecurity: browser extensions. The report reveals several findings that IT and security leaders will find interesting, as they build their plans for H2 2025. This includes information and analysis on how many extensions have risky permissions, which kinds of permissions are given, if extension developers are to be trusted, and more. Below, we bring key statistics from the report. Highlights from the Enterprise Browse...

The Telegram-based online marketplace known as HuiOne Guarantee and its vendors have cumulatively received at least $24 billion in cryptocurrency, dwarfing the now-defunct Hydra to become the largest online illicit marketplace to have ever operated. The figures, released by blockchain analytics firm Elliptic, show that monthly inflows have increased by 51% since July 2024. Huione Guarantee, part of the HuiOne Group of companies, came under spotlight mid-last year when it was exposed as a hub for online fraudsters, advertising money laundering services, stolen data, and even electrified shackles meant for use against people who are trafficked into scam compounds under the pretext of high paying jobs to conduct romance baiting scams . The development led to cryptocurrency company Tether freezing $29.62 million of its stablecoin connected to the marketplace. Established in 2021 ostensibly to facilitate the sale of cars and real estate, it's said to have strong links with Camb...

The U.S. Department of Justice (DoJ) on Friday indicted three Russian nationals for their alleged involvement in operating the cryptocurrency mixing services Blender.io and Sinbad.io. Roman Vitalyevich Ostapenko and Alexander Evgenievich Oleynik were arrested on December 1, 2024, in coordination with the Netherlands' Financial Intelligence and Investigative Service, Finland's National Bureau of Investigation, and the U.S. Federal Bureau of Investigation (FBI). It was not revealed from where they were apprehended. The third individual, Anton Vyachlavovich Tarasov, is still at large. The defendants have been accused of operating cryptocurrency mixers (aka tumblers) that served as safe havens for "laundering criminally derived funds," including the proceeds of ransomware and wire fraud, thereby allowing state-sponsored hacking groups and cybercriminals to profit off their malicious operations. Specifically, they allowed their paying users to send cryptocurrency to ...

The U.S. Department of Justice (DoJ) has indicted 14 nationals belonging to the Democratic People's Republic of Korea (DPRK or North Korea) for their alleged involvement in a long-running conspiracy to violate sanctions and commit wire fraud, money laundering, and identity theft by illegally seeking employment in U.S. companies and non-profit organizations. "The conspirators, who worked for DPRK-controlled companies Yanbian Silverstar and Volasys Silver Star, located in the People's Republic of China (PRC) and the Russian Federation (Russia), respectively, conspired to use false, stolen, and borrowed identities of U.S. and other persons to conceal their North Korean identities and foreign locations and obtain employment as remote information technology (IT) workers," the DoJ said . The IT worker scheme generated at least $88 million for the North Korean regime over a span of six years, it's been alleged. In addition, the remote workers engaged in information th...

The U.K. National Crime Agency (NCA) on Wednesday announced that it led an international investigation to disrupt Russian money laundering networks that were found to facilitate serious and organized crime across the U.K., the Middle East, Russia, and South America. The effort, codenamed Operation Destabilise , has resulted in the arrest of 84 suspects linked to two Russian-speaking networks Smart and TGR. In addition, £20 million ($25.4 million) in cash and cryptocurrency has been seized. Both the businesses are based in Moscow's Federation Tower, per The Telegraph , which is known to act as a hub for money laundering firms . Concurrent with the takedown and arrests, the U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) has sanctioned five individuals and four entities associated with the TGR Group. "Through the TGR Group, Russian elites sought to exploit digital assets – in particular U.S. dollar-backed stablecoins – to evade U.S. and in...

Ilya Lichtenstein, who pleaded guilty to the 2016 hack of cryptocurrency stock exchange Bitfinex, has been sentenced to five years in prison, the U.S. Department of Justice (DoJ) announced Thursday. Lichtenstein was charged for his involvement in a money laundering scheme that led to the theft of nearly 120,000 bitcoins (valued at over $10.5 billion at current prices) from the crypto exchange. Heather Rhiannon Morgan, his wife, also pleaded guilty to the same crimes last year. They were both arrested in February 2022. Morgan is scheduled to be sentenced on November 18. "Lichtenstein, 35, hacked into Bitfinex's network in 2016, using advanced hacking tools and techniques," the DoJ said in a press statement. "Once inside the network, Lichtenstein fraudulently authorized more than 2,000 transactions transferring 119,754 bitcoin from Bitfinex to a cryptocurrency wallet in Lichtenstein's control." TRM Labs said Lichtenstein exploited a vulnerability in Bit...

The 36-year-old founder of the Bitcoin Fog cryptocurrency mixer has been sentenced to 12 years and six months in prison for facilitating money laundering activities between 2011 and 2021. Roman Sterlingov, a dual Russian-Swedish national, pleaded guilty to charges of money laundering and operating an unlicensed money-transmitting business earlier this March. The U.S. Department of Justice (DoJ) described Bitcoin Fog as the darknet's longest-running cryptocurrency mixer , allowing cybercriminals to conceal the source of their cryptocurrency proceeds. "Over the course of its decade-long operation, Bitcoin Fog gained notoriety as a go-to money laundering service for criminals seeking to hide their illicit proceeds from law enforcement and processed transactions involving over 1.2 million bitcoin, valued at approximately $400 million at the time the transactions occurred," the DoJ said . "The bulk of this cryptocurrency came from darknet marketplaces and was tied ...

The U.S. government on Thursday sanctioned two cryptocurrency exchanges and unsealed an indictment against a Russian national for his alleged involvement in the operation of several money laundering services that were offered to cybercriminals. The virtual currency exchanges, Cryptex and PM2BTC, have been alleged to facilitate the laundering of cryptocurrencies possibly obtained through cybercrime. The coordinated action was carried out in collaboration with the Netherlands Police and the Dutch Fiscal Intelligence and Investigation Service (FIOD) as part of an ongoing law enforcement crackdown called Operation Endgame . Pursuant to the exercise, the websites associated with both the exchanges have been confiscated and replaced with a law enforcement seizure banner. Furthermore, it has led to the seizure of cryptocurrency worth €7 million ($7.8 million). "The United States and our international partners remain resolute in our commitment to prevent cybercrime facilitators li...

The U.S. Department of Justice (DoJ) on Wednesday announced the seizure of 32 internet domains used by a pro-Russian propaganda operation called Doppelganger as part of a sweeping set of actions. Accusing the Russian government-directed foreign malign influence campaign of violating U.S. money laundering and criminal trademark laws, the agency called out companies Social Design Agency (SDA), Structura National Technology (Structura), and ANO Dialog for working at the behest of the Russian Presidential Administration. The goal, it said , is to "covertly spread Russian government propaganda with the aim of reducing international support for Ukraine, bolstering pro-Russian policies and interests, and influencing voters in U.S. and foreign elections, including the U.S. 2024 Presidential Election." Among the methods Doppelganger used to drive viewership to the cybersquatted media domains encompassed the deployment of "influencers" worldwide, paid social media ads, a...

Cryptocurrency analysts have shed light on an online marketplace called HuiOne Guarantee that's widely used by cybercriminals in Southeast Asia, particularly those linked to pig butchering scams. "Merchants on the platform offer technology, data, and money laundering services, and have engaged in transactions totaling at least $11 billion," Elliptic said in a report shared with The Hacker News. The British blockchain analytics firm said that the marketplace is part of HuiOne Group, a Cambodian conglomerate with links to Cambodia's ruling Hun family and that another HuiOne business, HuiOne International Payments, is actively involved in laundering scam proceeds globally. According to its website , HuiOne's financial services arm is said to have 500,000 registered users. It also touts Alipay, Huawei, PayGo Wallet, UnionPay, and Yes Seatel as its customers. Southeast Asian countries like Burma, Cambodia, Laos, Malaysia, Myanmar, and the Philippines have become...

The U.S. Department of Justice (DoJ) on Wednesday said it dismantled what it described as "likely the world's largest botnet ever," which consisted of an army of 19 million infected devices that was leased to other threat actors to commit a wide array of offenses. The botnet, which has a global footprint spanning more than 190 countries , functioned as a residential proxy service known as 911 S5 . A 35-year-old Chinese national, YunHe Wang, was arrested in Singapore on May 24, 2024, for creating and acting as the primary administrator of the illegal platform from 2014 to July 2022. Wang has been charged with conspiracy to commit computer fraud, substantive computer fraud, conspiracy to commit wire fraud, and conspiracy to commit money laundering. If convicted on all counts, Wang faces a maximum penalty of 65 years in prison. The Justice Department said the botnet was used to carry out cyber attacks, financial fraud, identity theft, child exploitation, harassment, bo...

The U.S. Department of Justice (DoJ) has sentenced a 31-year-old man to 10 years in prison for laundering more than $4.5 million through business email compromise ( BEC ) schemes and romance scams. Malachi Mullings, 31, of Sandy Springs, Georgia pleaded guilty to the money laundering offenses in January 2023. According to court documents, Mullings is said to have opened 20 bank accounts in the name of a non-existent company named The Mullings Group LLC., which served as a conduit to launder the fraudulent proceeds from at least 2019 to July 2021. The scheme netted millions of dollars via BEC attacks targeting a healthcare benefit program, private companies, and other entities, as well as romance fraud schemes targeting the elderly. A BEC scam is a form of targeted cyber attack in which financially motivated bad actors trick unsuspecting executives and employees into sending money or sensitive data to accounts under their control using various social engineering ploys. Such atta...

An Indian national has pleaded guilty in the U.S. over charges of stealing more than $37 million by setting up a website that impersonated the Coinbase cryptocurrency exchange platform. Chirag Tomar, 30, pleaded guilty to wire fraud conspiracy, which carries a maximum sentence of 20 years in prison and a $250,000 fine. He was arrested on December 20, 2023, upon entering the country. "Tomar and his co-conspirators engaged in a scheme to steal millions in cryptocurrency from hundreds of victims located worldwide and in the United States, including in the Western District of North Carolina," the Department of Justice (DoJ) said last week. The website, created around June 2021, was named "CoinbasePro[.]com" in an effort to masquerade as Coinbase Pro and deceive unsuspecting users into believing that they were accessing the legitimate version of the virtual currency exchange. It's worth noting that Coinbase discontinued the offering in favor of Advanced Trade ...