US cybercops trace and return nearly $9M stolen by scammers

8 views 11:43 am 0 Comments November 22, 2023

The US has seized nearly $9 million in proceeds generated by exploiting more than 70 victims across the nation in so-called “pig butchering” scams.

Authorities tracked payments to cryptocurrency addresses belonging to one organization known for romance scams and fake cryptocurrency investments, known together as “pig butchering,” which means the marks are “fattened” for slaughter as they load up scammers’ accounts before being taken for as many as the crims can extract.

The Department of Justice (DOJ) said on Tuesday that the cybercriminals worked together to create and pitch fake investment companies and crypto exchanges to investors, convincing them to deposit their money which was then stolen.

The criminals then attempted to launder the proceeds using chain hopping techniques, which involve quick and frequent transactions whereby the crims switch cryptocurrency tokens in an attempt to evade detection.

The switch between blockchains makes investigators’ roles more difficult. The attackers often use the method in addition to converting tokens with so-called “privacy coins” like Monero or Z-cash, which are more challenging to track than tokens such as Bitcoin and Ethereum.

Cryptocurrency laundering used to be performed using services called mixers and tumblers, but after a series of arrests and sanctions, scammers have started to use fresh forms of laundering.

Alongside chain hopping, coin swaps and cross-chain bridges have also emerged as go-to methods of attempting to evade law enforcement, according to Mark Tibbs, cyber intelligence director at Mishcon De Reya.

“Coin swaps represent decentralized protocols enabling users to exchange coins directly without intermediaries,” he explained.

“Cross-chain bridges connect various blockchains, facilitating the transfer of assets and information. While these services can be utilized for legitimate privacy reasons, they also pose the risk of being exploited for money laundering.”

Analysts at the US Secret Service San Franciso Field Office tied the criminals’ laundering efforts to multiple wallet addresses associated with the criminal organization and various reports made through the FBI’s and FTC’s cybercrime reporting portals.

“This seizure exemplifies the Secret Service’s mission to protect the financial infrastructure of the United States. We remain determined and vigilant to combat cyber-enabled financial fraud,” said Shawn Bradstreet, special agent in charge of the USSS San Francisco Field Office. 

“It is a priority for the Secret Service to protect the financial security citizens work so hard to obtain. We want to thank the Justice Department for their partnership, dedication, and outstanding work on this case.”

The DoJ didn’t mention any arrests or the names of the cyber criminals in the organization. Still, the case continues to be handled by its computer crime division, the National Cryptocurrency Enforcement Team, and assistant US attorneys Chris Kaltsas and Galen Phillips for the Northern District of California.

The proceeds were returned in the US dollar-tied stablecoin Tether, which received thanks from the DoJ for its involvement in effectuating the transfer of assets.

Pig butcherers were sent to the abattoir.

Romance scammers and fake crypto investors have been firmly in the crosshairs of law enforcement for some time, partly due to the continued success they generate.

According to the FTC, nearly 70,000 US citizens reported romance scams in 2022, netting cybercriminals at least $1.3 billion.

These romance scams typically involve criminal Cassanovas drumming up a rapport with their victims, usually over dating apps, then selling an excuse as to why they need to be sent some money, perhaps for hospital bills or desperately needing money for an emergency flight home to see a dying relative – you know the ones. If you spot them early, you can even have some fun with them, like this guy.

Pig butchering is a more recent twist on the typical romance scam. It still involves a high degree of social engineering, but instead of playing on victims’ heartstrings, criminals prey on victims’ desire to get rich quickly.

Some involve the traditional formula of making contact, building a bond, and introducing the scam with a quick “You seem cool; I’ll let you in on this crypto opportunity that’s made me some serious cash recently…”

Others are a bit more high-tech and involve creating a brand-new beta crypto-trading app to download, which, of course, is just some stealer malware skinned with enough buttons and features to trick users who download them outside of approved app stores to enter their financial information. 

Speaking on the most recent seizure, Ismail J. Ramsey, US attorney for the Northern District of California, said the government would continue to crack down on these scams.

“This seizure is the culmination of the exceptional hard work and collaborative partnership between the Justice Department and the United States Secret Service,” he said.

“Silicon Valley remains one of the world’s preeminent locations for cryptocurrency firms,” he added. “As such, we remain dedicated to using all tools at our disposal to bring justice to the victims of frauds and scams. Even when money and criminals are abroad, we will work with our partners to seize cyber criminals’ illegal proceeds.” 

This article was generated with the support of AI and reviewed by an editor. If you would like more information, you can see our T&C.