Bromium, Inc., the pioneer and leader in application isolation using virtualisation-based security, has announced the findings of an independent, academic study into the macro economics of cybercrime and how cybercriminals launder and ‘cash out’ the profits of criminal endeavours. The findings are part of a larger nine-month study titled Into the Web of Profit, sponsored by Bromium. The full findings will be presented at the RSA Conference in April by Dr. Mike McGuire, Senior Lecturer in Criminology at Surrey University, England.
According to the report, cybercriminal proceeds make up an estimated 8-10% of total illegal profits laundered globally; amounting to an estimated $80-$200 billion each year. Other key findings include:
- Virtual currencies have become the primary tool used by cybercriminals for money laundering
- Cybercriminals are moving away from Bitcoin to less recognised virtual currencies, like Monero, that provide greater anonymity
- In-game purchases and currencies are spurring a rise in gaming-related laundering; as China and South Korea become hotspots for gaming-currency laundering
- Covert data collection found that PayPal and other digital payment systems are employed by cybercriminals to launder money
- Digital payment systems laundering often involves the use of micro-laundering techniques where multiple, small payments are made so laundering limits aren’t triggered
“We invested in this research to instigate a meaningful conversation about how to disrupt the economic systems and poor security practices that enable cybercrime around the world; frankly because it’s far too easy for them,” commented Gregory Webb, CEO of Bromium. “Today it is easy for hackers to infect machines, steal data and hold businesses and individuals for ransom or sell stolen IP because enterprise defences are not fit for purpose. It is equally easy for them to wash that money and convert it into cash – and the rise in use of unregulated, virtual currencies is making this even easier. We need to attack the problem in a different way. Law enforcement, the cybersecurity industry and both the public and private sectors need to be vigilant about disrupting cybercrime. Protecting applications that access sensitive data is an absolute requirement. We need a whole new approach to cybersecurity or these figures will continue to increase over time.”
Virtual currency could be the future of laundering – but only if it’s anonymous
Many cybercriminals are using virtual currency to make property purchases which convert illegal proceeds into legitimate cash and assets. Websites such as Bitcoin Real Estate offer everything from penthouse suites and lavish mansions, to 160-acre private islands, all with the option to buy using bitcoins. Unlike cash purchases which are subject to regulation and scrutiny, properties purchased with cryptocurrency are not as closely scrutinised because cryptocurrencies aren’t regulated by any central banks or governments.
The study found that nearly 25% of total property sales are predicted to be in cryptocurrency in the next few years. This is concerning financial analysts who worry that allowing swifter, more covert transactions, many with criminal origins, will disrupt global property markets. However, the report highlights that law enforcement agencies are now monitoring Bitcoin, causing many cybercriminals to look for alternatives. Information on bitcoin transactions can leak during web transactions – typically via web trackers or cookies. This means that connecting transactions to individuals is possible in up to 60% of Bitcoin payments.
Researcher and report author Dr. Mike McGuire, Senior Lecturer in Criminology at Surrey University, noted, “It’s no surprise to see cybercriminals using virtual currency for money laundering. The attraction is obvious. It’s digital, so is an easily convertible way of acquiring and transferring cybercrime revenue. Anonymity is also key, with platforms like Monero designed to be truly anonymous and tumbler services like CoinJoin that can obscure transaction origins. Targeted organisations must do more to protect their customers.”
Laundering through in-game currency and goods is on the rise
The report also indicates that cybercriminals are spending ‘considerable time’ converting stolen income into video game currency or in-game items like gold, which are then converted into bitcoin or other electronic formats. Games such as Minecraft, FIFA, World of Warcraft, Final Fantasy, Star Wars Online and GTA 5 are among the most popular options because they allow covert interactions with other players that allow trade of currency and goods.
Dr. McGuire added, “Gaming currencies and items that can be easily converted and moved across borders offer an attractive prospect to cybercriminals. This trend appears to be particularly prevalent in countries like South Korea and China – with South Korean police arresting a gang transferring $38 million laundered in Korean games, back to China. The advice on how to do this is readily available online and explains how cybercriminals can launder proceeds through both in-game currencies and goods.”
Digital payment systems are used to help hide the money trail
Covert data collection in online forums and interviews with experts and cybercriminals indicate that an estimated 10% of cybercriminals are using PayPal to launder money. A further 35% use other digital payment systems, including Skrill, Dwoll, Zoom and mobile payment systems like M-Pesa.
Methods like ‘micro laundering’, where thousands of small electronic payments are made through platforms like PayPal, are increasingly common and more difficult to detect. Another common technique is to use online transactions – via sites like eBay – to facilitate the laundering.
Dr. McGuire concludes, “The growing use of digital payment systems by cybercriminals is creating significant problems for the global financial system. Revenues that previously would have flowed within proven and well-established banking systems and could be traced are now outside of its jurisdiction. Digital payment systems are most effective when combined with other digital resources, like virtual currencies and online banking. This hides the money trail and confuses law enforcement and financial regulators.”