US, Germany Dismantle Cryptonator Platform That Processed Over $235M Obtained Via Cybercrime
Read also: The UK shuts down the Russian Coms fraud service, ten people arrested for a major SIM swap scam, and more.
Thursday, August 8, 2024
Singapore recovers over $40M from a major BEC scam
Authorities in Singapore have recovered over $40 million that was defrauded in a sophisticated business email compromise (BEC) scam, which targeted a Singapore-based commodity firm.
As part of the scam, the firm received what appeared to be a legitimate email from one of its suppliers requesting a pending payment to be made to a new bank account in Timor Leste. The company transferred $42.3 million to the fraudulent account. The deception was uncovered when the legitimate supplier contacted the firm inquiring about the overdue payment.
Following the incident, the police launched an investigation and sought international assistance through Interpol’s Global Rapid Intervention of Payments (I-GRIP) mechanism.
On July 25, the SPF’s Anti-Scam Centre received confirmation that $39 million of the stolen funds had been detected and frozen in the fraudulent bank account in Timor Leste. Further investigative efforts by Timor Leste authorities led to the arrest of seven suspects connected to the scam and the recovery of an additional $2 million, bringing the total amount recovered to just over $41 million.
The Cryptonator platform dismantled
In a coordinated effort, US and German authorities have taken down the domain of Cryptonator, an online cryptocurrency wallet, for facilitating illicit activities and lacking anti-money laundering controls. The US Internal Revenue Service-Criminal Investigation (IRS-CI), the Department of Justice (DoJ), and the Federal Bureau of Investigation (FBI) worked with Germany's Federal Criminal Police Office (BKA) and the Attorney General’s Office in Frankfurt to seize the platform.
Cryptonator, which has been in operation since December 2013, allowed users to perform transactions and exchanges between cryptocurrencies. A criminal complaint has been filed against Russian national Roman Pikulev, who is accused of founding and operating Cryptonator as an unlicensed money service business (MSB) that processed over $235 million in illicit funds without proper anti-money laundering measures.
The authorities claim Pikulev used the alias “Boss” and operated the platform through numerous US-based technology providers while advertising on US social media sites. He allegedly registered websites and email addresses using both Russian and German IDs and documents.
Pikulev faces charges of operating an unlicensed MSB and money laundering, with evidence showing that Cryptonator processed proceeds from cybercrimes, including ransomware and fraud. The platform also provided API keys to the Dark Web markets and other illicit services. Pikulev allegedly knew about the illegal use of the platform, which facilitated over 4 million transactions worth $1.4 billion. Significant portions of these transactions were linked to underground markets, scams, high-risk exchanges, ransomware, hacks, and sanctioned addresses.
Cybersecurity Compliance
Prevent data breaches and meet regulatory requirements
Ten people arrested, over 100 charges laid in connection to a major SIM swap scam
Toronto police have arrested ten individuals and laid more than 100 charges related to an extensive SIM swap scam that involved over 1,500 cellular accounts across Canada. The fraudulent activity has resulted in combined losses exceeding $1 million, impacting telecom companies, financial institutions, and individual victims.
The investigation, dubbed “Project Disrupt,” was launched in June 2023 by the Toronto Police Service in collaboration with the Coordinated Cyber Centre Unit. The probe revealed a sophisticated operation where suspects exploited weaknesses in two-factor authentication and two-step verification processes, often dependent on text messages or calls for security.
During the investigation, officers executed multiple search warrants and production orders, leading to the seizure of over 400 pieces of fake identification.
The fraudulent IDs were used by perpetrators to impersonate victims at cell phone stores and financial institutions, facilitating further access to the victims' accounts. Additionally, phishing techniques involving bogus web links and websites were employed to trick victims into handing over their account information.
The UK shuts down the Russian Coms fraud platform responsible for 1.8M scam calls
The UK’s crime agency, NCA, has dismantled a major fraud platform called ‘Russian Coms’, used by hundreds of criminals to defraud victims worldwide, with an estimated 170,000 victims across the UK alone.
Active sinse 2021, Russian Coms allowed criminals to mask their identities by spoofing the phone numbers of trusted institutions such as banks, telecommunications companies, and law enforcement agencies. This allowed them to gain victims' trust before stealing their money and personal information.
From 2021 to 2024, Russian Coms users made over 1.3 million calls to 500,000 unique UK phone numbers. According to officials, victims span over 100 countries, including the US, New Zealand, Norway, France, and the Bahamas, with financial losses exceeding tens of millions.
The police have arrested three individuals, including two key figures thought to be the platform’s developers and administrators. The suspects have been released on conditional bail, with ongoing investigations expected to yield more arrests in the UK and abroad.
A hacker sentenced to 22 months for social media crimes
Reginald Adams, also known as “Reggie Adams,” 25, of Chambersburg, Pennsylvania, the United States, was sentenced to 22 months in prison, followed by three years of supervised release, for a series of hacking crimes targeting female social media users.
On January 30, 2024, Adams pleaded guilty to one count of wire fraud, admitting to a scheme that took place between May 2020 and August 2021, which targeted mostly women he knew from high school. At least 20 women had their accounts hacked by Adams, according to the US Department of Justice.
Using anonymized phone numbers, he impersonated Snapchat staff, tricking his victims into providing their account security codes. He then would log into the victims’ accounts, reset their passwords, and comb through their private “My Eyes Only” sections for sexually explicit content.
Adams shared the victims’ most intimate photos with their contacts, including friends, family, coworkers, and acquaintances. In some instances, he posted the images on public websites, along with the victims’ contact information. Adams also extorted the victims after tricking them into sending him photos and used the explicit material to control the victims and demand more photos from them.
What’s next:
- Join our upcoming webinars
- Follow ImmuniWeb on Twitter, LinkedIn and Telegram
- Explore 20 use cases how ImmuniWeb can help
- Browse open positions to join our great Team
- See the benefits of our partner program
- Request a demo, quote or special price
- Subscribe to our newsletter
Key Dutch has been working in information technology and cybersecurity for over 20 years, starting his first job with Windows 95 and dial-up modems. As the Editor-in-Chief of our Cybercrime Prosecution Weekly blog series, he compiles the most interesting news about police operations against cybercrime, as well as about regulatory actions enforcing data protection and privacy law. 
