#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security Posture Management

money laundering | Breaking Cybersecurity News | The Hacker News

CACTUS Ransomware Exploits Qlik Sense Vulnerabilities in Targeted Attacks

CACTUS Ransomware Exploits Qlik Sense Vulnerabilities in Targeted Attacks

Nov 30, 2023 Ransomware / Vulnerability
A  CACTUS ransomware campaign  has been observed exploiting recently disclosed security flaws in a cloud analytics and business intelligence platform called Qlik Sense to obtain a foothold into targeted environments. "This campaign marks the first documented instance [...] where threat actors deploying CACTUS ransomware have exploited vulnerabilities in Qlik Sense for initial access," Arctic Wolf researchers Stefan Hostetler, Markus Neis, and Kyle Pagelow  said . The cybersecurity company, which said it's responding to "several instances" of exploitation of the software, noted that the attacks are likely taking advantage of three flaws that have been disclosed over the past three months - CVE-2023-41265  (CVSS score: 9.9) - An HTTP Request Tunneling vulnerability that allows a remote attacker to elevate their privilege and send requests that get executed by the backend server hosting the repository application. CVE-2023-41266  (CVSS score: 6.5) - A path tr
Key Cybercriminals Behind Notorious Ransomware Families Arrested in Ukraine

Key Cybercriminals Behind Notorious Ransomware Families Arrested in Ukraine

Nov 28, 2023 Ransomware / Cybercrime
A coordinated law enforcement operation has led to the arrest of key individuals in Ukraine who are alleged to be a part of several ransomware schemes. "On 21 November, 30 properties were searched in the regions of Kyiv, Cherkasy, Rivne, and Vinnytsia, resulting in the arrest of the 32-year-old ringleader," Europol  said  in a statement today. "Four of the ringleader's most active accomplices were also detained." The  development  comes more than two years after  12 people were apprehended  in connection with the same operation. The individuals are primarily linked to LockerGoga, MegaCortex, and Dharma ransomware families. The suspects are estimated to have targeted over 1,800 victims across 71 countries since 2019. They have also been accused of deploying the now-defunct  Hive ransomware  against high-profile organizations. Some of the co-conspirators are believed to be involved in penetrating IT networks by orchestrating brute-force attacks, SQL injectio
cyber security

Guide: How to Minimize Third-Party Risk With Vendor Management

websitewww.vanta.comVendor Risk Management
Manage third-party risk while dealing with challenges like limited resources and repetitive manual processes.
Transform Your Data Security Posture – Learn from SoFi's DSPM Success

Transform Your Data Security Posture – Learn from SoFi's DSPM Success

Nov 28, 2023Data Security / Posture Management
As cloud technology evolves, so does the challenge of securing sensitive data. In a world where data duplication and sprawl are common, organizations face increased risks of non-compliance and unauthorized data breaches. Sentra's DSPM (Data Security Posture Management) emerges as a comprehensive solution, offering continuous discovery and accurate classification of sensitive data in the cloud. This informative webinar, " Securing Sensitive Data Starts with Discovery and Classification: SoFi's DSPM Story " unveils the success story of SoFi, a pioneering cloud-native financial services provider, and its journey with Sentra's DSPM. It explores the challenges and triumphs in securing cloud data and a roadmap to implementing effective DSPM strategies in your organization. Expert Panel: Aviv Zisso:  As Director of Customer Success at Sentra, Aviv brings deep insights into data security needs and solutions. Pritam H Mungse:  SoFi's Director of Product Security, Pr
U.S. Treasury Sanctions Russian Money Launderer in Cybercrime Crackdown

U.S. Treasury Sanctions Russian Money Launderer in Cybercrime Crackdown

Nov 06, 2023
The U.S. Department of the Treasury imposed sanctions against a 37-year-old Russian woman for taking part in the laundering of virtual currency for the country's elites and cybercriminal crews, including the Ryuk ransomware group. Ekaterina Zhdanova, per the department, is said to have facilitated large cross border transactions to assist Russian individuals to gain access to Western financial markets and circumvent international sanctions. "Zhdanova utilizes entities that lack Anti-Money Laundering/Combatting the Financing of Terrorism (AML/CFT) controls, such as OFAC-designated Russian cryptocurrency exchange Garantex Europe OU (Garantex)," the treasury department  said  last week.  "Zhdanova relies on multiple methods of value transfer to move funds internationally. This includes the use of cash and leveraging connections to other international money laundering associates and organizations." It's worth noting that Garantex was  previously sanctioned
34 Cybercriminals Arrested in Spain for Multi-Million Dollar Online Scams

34 Cybercriminals Arrested in Spain for Multi-Million Dollar Online Scams

Oct 24, 2023 Cyber Fraud / Cyber Crime
Spanish law enforcement officials have  announced  the arrest of 34 members of a criminal group that carried out various online scams, netting the gang about €3 million ($3.2 million) in illegal profits. Authorities conducted searches across 16 locations Madrid, Malaga, Huelva, Alicante, and Murcia, seizing two simulated firearms, a katana sword, a baseball bat, €80,000 in cash, four high-end vehicles, and computer and electronic material worth thousands of euros. The operation also uncovered a database with cross-referenced information on four million people that was collated after infiltrating databases belonging to financial and credit institutions. The scams, which were conducted via email, SMS, and phone calls, entailed the threat actors masquerading as banks and electricity supply companies to defraud victims, in some cases even perpetrating  "son in distress" calls  and manipulating delivery notes from technology firms. In one instance, the miscreants reportedly
Tornado Cash Founders Charged in Billion-Dollar Crypto Laundering Scandal

Tornado Cash Founders Charged in Billion-Dollar Crypto Laundering Scandal

Aug 24, 2023 Cyber Crime / Cryptocurrency
The U.S. Justice Department (DoJ) on Wednesday  unsealed an indictment  against two founders of the now-sanctioned Tornado Cash cryptocurrency mixer service, charging them with laundering more than $1 billion in criminal proceeds. Both the individuals, Roman Storm and Roman Semenov, have been charged with conspiracy to commit money laundering, conspiracy to commit sanctions violations, and conspiracy to operate an unlicensed money-transmitting business. Storm, 34, is said to have been arrested in the U.S. state of Washington. Semenov, 35, remains at large in Dubai. They are alleged to have "made millions of dollars in profits" from promoting and operating the service. Tornado Cash is estimated to have processed upwards of $7 billion worth of crypto assets over a period of three years. In a related move, the U.S. Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned  Semenov and  eight cryptocurrency addresses  connected to him, days after a U.S. cou
Authorities Shut Down ChipMixer Platform Tied to Crypto Laundering Scheme

Authorities Shut Down ChipMixer Platform Tied to Crypto Laundering Scheme

Mar 16, 2023 Cyber Crime / Cryptocurrency
A coalition of law enforcement agencies across Europe and the U.S.  announced  the takedown of ChipMixer, an unlicensed cryptocurrency mixer that began its operations in August 2017. "The ChipMixer software blocked the blockchain trail of the funds, making it attractive for cybercriminals looking to launder illegal proceeds from criminal activities such as drug trafficking, weapons trafficking, ransomware attacks, and payment card fraud," Europol  said  in a statement. The coordinated exercise, besides dismantling the clearnet and dark web websites associated with ChipMixer, also resulted in the seizure of $47.5 million in Bitcoin and 7 TB of data. Mixers, also called tumblers,  offer full anonymity  for a fee by commingling cryptocurrency from different users – both legitimate and criminally-derived funds – in a manner that makes it hard to trace the origins. This is achieved by funneling different payments into a single pool before splitting up each amount and transmit
Bitzlato Crypto Exchange Founder Arrested for Aiding Cybercriminals

Bitzlato Crypto Exchange Founder Arrested for Aiding Cybercriminals

Jan 19, 2023 Cryptocurrency / Money Laundering
The U.S. Department of Justice (DoJ) on Wednesday announced the arrest of Anatoly Legkodymov (aka Gandalf and Tolik), the cofounder of Hong Kong-registered cryptocurrency exchange Bitzlato, for allegedly processing $700 million in illicit funds. The 40-year-old Russian national, who was arrested in Miami, was charged in a U.S. federal court with "conducting a money transmitting business that transported and transmitted illicit funds and that failed to meet U.S. regulatory safeguards, including anti-money laundering requirements," the DoJ  said . According to court documents, Bitzlato is said to have advertised itself as a virtual currency exchange with minimal identification requirements for its users, breaking the rules requiring the vetting of customers. This lack of know your customer (KYC) enforcement led to the service becoming a "haven for criminal proceeds" and facilitating transactions worth more than $700 million on the Hydra darknet marketplace prior
U.S. Sanctions Cryptocurrency Mixer Blender for Helping North Korea Launder Millions

U.S. Sanctions Cryptocurrency Mixer Blender for Helping North Korea Launder Millions

May 07, 2022
The U.S. Treasury Department on Friday moved to sanction virtual currency mixer Blender.io, marking the first time a mixing service has been subjected to economic blockades. The move signals continued efforts on the part of the government to prevent North Korea's Lazarus Group from laundering the funds stolen from the  unprecedented hack of Ronin Bridge  in late March. The newly imposed sanctions, issued by the U.S. Office of Foreign Assets Control (OFAC), target 45 Bitcoin addresses linked to Blender.io and four new wallets linked to Lazarus Group, an advanced persistent with ties to the Democratic People's Republic of Korea (DPRK). "Blender was used in processing over $20.5 million of the illicit proceeds," the Treasury  said , adding it was utilized by DPRK to "support its malicious cyber activities and money-laundering of stolen virtual currency." Cryptocurrency mixers, also called  tumblers , are privacy-focused services that allow users to move cr
DeepDotWeb News Site Operator Sentenced to 8 Years for Money Laundering

DeepDotWeb News Site Operator Sentenced to 8 Years for Money Laundering

Jan 31, 2022
An Israeli national was sentenced to 97 months in prison in connection with operating the DeepDotWeb ( DDW ) clearnet website, nearly a year after the individual pleaded guilty to the charges. Tal Prihar, 37, an Israeli citizen residing in Brazil, is said to have played the role of an administrator of DDW since the website became functional in October 2013. He  pleaded guilty  to money laundering charges in March 2021 and agreed to forfeit the illegally amassed profits. DDW, until its seizure in May 2019, ostensibly  served  as a "news" website that connected internet users with underground marketplaces on the dark web that operate via darknets such as Tor, enabling the purchase of illegal firearms, malware and hacking tools, stolen financial data, heroin, fentanyl, and other illicit materials. Prihar, acting in cohorts with co-defendant Michael Phan, 34, of Israel, provided direct links to illegal marketplaces and in return for advertising these links, reaped substantia
Clop Gang Partners Laundered $500 Million in Ransomware Payments

Clop Gang Partners Laundered $500 Million in Ransomware Payments

Jun 25, 2021
The cybercrime ring that was apprehended last week in connection with Clop (aka Cl0p) ransomware attacks against dozens of companies in the last few months helped launder money totaling $500 million for several malicious actors through a plethora of illegal activities. "The group — also known as FANCYCAT — has been running multiple criminal activities: distributing cyber attacks; operating a high-risk exchanger; and laundering money from dark web operations and high-profile cyber attacks such as Cl0p and Petya ransomware," popular cryptocurrency exchange Binance  said  Thursday. On June 16, the Ukraine Cyber Police  nabbed six individuals  in the city of Kyiv, describing the arrests as resulting from an international operation involving law enforcement authorities from Korea, the U.S., and Interpol. While the bust was seen as a major blow to the operations of the Clop gang, the hackers published earlier this week a fresh batch of confidential employee records stolen from
DeepDotWeb Admin Pleads Guilty to Money Laundering Charges

DeepDotWeb Admin Pleads Guilty to Money Laundering Charges

Apr 01, 2021
The U.S. Department of Justice (DoJ) on Wednesday said that an Israeli national pleaded guilty for his role as an "administrator" of a portal called DeepDotWeb ( DDW ), a "news" website that "served as a gateway to numerous dark web marketplaces." According to the unsealed court documents, Tal Prihar , 37, an Israeli citizen residing in Brazil, operated DDW alongside Michael Phan , 34, of Israel, starting October 2013, in return for which they received kickbacks from the operators of the marketplaces in the form of virtual currency amounting to 8,155 bitcoins (worth $8.4 million at the time of the transactions). In an attempt to conceal the illicit payments, Prihar is said to have transferred the money to other bitcoin accounts and to bank accounts under his control in the name of shell companies. "Tal Prihar served as a broker for illegal Darknet marketplaces — helping such marketplaces find customers for fentanyl, firearms, and other dangerous
2 Chinese Charged with Laundering $100 Million for North Korean Hackers

2 Chinese Charged with Laundering $100 Million for North Korean Hackers

Mar 03, 2020
Two Chinese nationals have been charged by the US Department of Justice (DoJ) and sanctioned by the US Treasury for allegedly laundering $100 million worth of virtual currency using prepaid Apple iTunes gift cards. According to a newly unsealed court document , the illicit funds originated from a $250 million haul stolen from two different unnamed cryptocurrency exchanges that were perpetrated by Lazarus Group , a cybercrime group with ties with the North Korean government. The two individuals in question — Tian Yinyin (田寅寅)  and Li Jiadong (李家东) — were both charged with operating an unlicensed money transmitting business and money laundering conspiracy. Prosecutors said the defendants worked on behalf of the threat actors based in North Korea to allegedly launder over a $100 million worth of stolen cryptocurrency to obscure transactions, adding the hacking of cryptocurrency exchanges posed a severe threat to the security of the global financial system. It's worth notin
French Dark-Web Drug Dealer Sentenced to 20 Years in US Prison

French Dark-Web Drug Dealer Sentenced to 20 Years in US Prison

Oct 11, 2018
A dark web drugs kingpin who was arrested last year when he arrived in the United States to compete in the World Beard and Mustache Championships has now been sentenced to 20 years in prison. On Tuesday, U.S. District Judge Robert N. Scola sentenced 36-year-old French national Gal Vallerius, aka "OxyMonster," after pleading guilty to conspiracy to possess with the intent to distribute controlled substances and conspiracy to launder money in June this year. According to a press release published by the U.S. Department of Justice, Vallerius was an administrator, senior moderator and vendor on Dream Market —one of the largest dark web marketplaces for illegal narcotics and drug paraphernalia. Launched in November 2013, Dream Market began operating on the TOR "dark web" network and was designed to make it easier for people to anonymously buy and sell illegal items and services in exchange for Bitcoin and other peer-to-peer cryptocurrencies. Vallerius initi
Greece U-Turns — Now Approves Mr. Bitcoin's Extradition To Russia

Greece U-Turns — Now Approves Mr. Bitcoin's Extradition To Russia

Sep 17, 2018
Greece just took another U-turn. Mr. Bitcoin a.k.a. Alexander Vinnik is not going to France nor to the United States; instead, he is now possibly going to his homeland Russia. The Supreme Civil and Criminal Court of Greece on Friday has overruled previous decisions and approved to extradite the alleged owner of the now-defunct Bitcoin cryptocurrency exchange BTC-e Vinnik to Russia. Several Greek courts have previously ruled in favor of all three countries, Russia, France, and the United States, where Vinnik is wanted to face different criminal and hacking charges. Vinnik, 38, has been accused of operating BTC-e cryptocurrency exchange, which was shut down right after his arrest by Greek police in July 2017 at the request of the U.S., where he is convicted for fraud and money laundering more than $4 billion worth amount of Bitcoin (BTC) for criminals involved in hacking attacks, tax fraud, and drug trafficking. Vinnik is also accused to the failure of the once-most famous
Former Microsoft Engineer Gets Prison for Role in Reveton Ransomware

Former Microsoft Engineer Gets Prison for Role in Reveton Ransomware

Aug 15, 2018
A former Microsoft network engineer who was charged in April this year has now been sentenced to 18 months in prison after pleading guilty to money laundering in connection with the Reveton ransomware. Reveton malware is old ransomware, also known as scareware or police ransomware that instead of encrypting files locks the screen of victims' computers and displays a message purporting to come from a national law enforcement agency. The splash screen of the malware was designed to falsely tell unsuspecting victims that they have been caught doing illegal or malicious activities online or the law enforcement had found illegal material on their computer, forcing users to make pay a "fine" of $200-300 within 48 hours to regain access to their computers. Raymond Odigie Uadiale, 41-year-old, who worked as a Microsoft network engineer, is not the actual author of the Reveton ransomware , but he helped the Reveton distributor, residing in the UK and identified as the online
BTC-e Operator, Accused of Laundering $4 Billion, to be Extradited to France

BTC-e Operator, Accused of Laundering $4 Billion, to be Extradited to France

Jul 17, 2018
In a legal extradition tug-of-war between the United States and Russia, it seems France has won the game, surprisingly. A Greek court has ruled to extradite the Russian cybercrime suspect and the former operator of now-defunct BTC-e crypto exchange to France, instead of the United States or to his native Russia, according to multiple Russian news outlets. Alexander Vinnik , 38, has been accused of laundering more than $4 billion in bitcoin for criminals involved in hacking attacks, tax fraud and drug trafficking with the help of BTC-e crypto exchange. BTC-e, a digital currency exchange service operating since 2011, was seized by the authorities right after Vinnik's arrest in northern Greece in late July 2016 at the request of US law enforcement authorities. Vinnik is also accused to the failure of the once-most famous Japanese bitcoin exchange Mt. Gox , which was shut down in 2014 following a series of mysterious robberies, which totaled at least $375 million in Bitcoin
Corrupt Federal Agent, Who Stole Bitcoins From Silk Road, Pleads Guilty To Money Laundering

Corrupt Federal Agent, Who Stole Bitcoins From Silk Road, Pleads Guilty To Money Laundering

Aug 16, 2017
A former the United States Secret Service agent who stole hundreds of thousands of dollars worth of Bitcoins during an investigation into then-largest underground marketplace Silk Road has now pleaded guilty to money laundering. Shaun W. Bridges is one of two former US undercover agents who pleaded guilty in 2015 to one count of money laundering and one count of obstruction and was sentenced in December same year to almost six years in prison for stealing over $800,000 in Bitcoin while investigating Silk Road. 35-years-old Bridges, who had been a Special Agent with the U.S. Secret Service for almost 6 years, along with his partner stole money from Silk Road accounts and framed someone else for the laundering, which even led the Silk Road founder Ross Ulbricht to plan a murder. Ulbricht was convicted in February 2015 of running the Silk Road underground black market and is now serving life in prison sentence . According to the Department of Justice, Bridges is believed to
How Hackers Cash Out Thousands of Bitcoins Received in Ransomware Attacks

How Hackers Cash Out Thousands of Bitcoins Received in Ransomware Attacks

Jul 28, 2017
Digital currencies have emerged as a favourite tool for hackers and cyber criminals, as digital currency transactions are nearly anonymous, allowing cyber criminals to use it in underground markets for illegal trading, and to receive thousands of dollars in ransomware attacks— WannaCry , Petya , LeakerLocker , Locky and Cerber to name a few. Also, every other day we hear about some incidents of hacking of crypto currency exchange or digital wallets, in which hackers stole millions of dollars in Bitcoin or Ethereum. The latest back-to-back series of thefts of Ethereum —one of the most popular and increasingly valuable cryptocurrencies—in which around half a billion dollars in total were stolen is the recent example of how much hackers are after crypto currencies. It's obvious that after ripping off hundreds of thousands of cryptocurrencies from exchanges, wallets and ransomware victims, cyber criminals would not hold them in just digital form—the next step is to cash the
Cybersecurity Resources