Chainalysis’ Crypto Crime Intelligence Briefs Cast Spotlight on North Korea and Iran

Published at: May 5, 2020

New York-based blockchain intelligence firm Chainalysis has launched a new initiative to shed more light on the scope of its latest cryptocurrency crime analyses. 

Published on May 4, three installments of the firm’s new Crypto Crime Intelligence Briefs provide insights into the mechanisms and routes being used for illicit transactions in the crypto space. 

In launching its new series, Chainalysis says that while none of the entities analyzed in its new briefs is currently under active investigation, it is releasing the information to support ongoing work by law enforcement, regulators, cybersecurity firms and compliance professionals. 

Global vectors to keep an eye on

The first of Chainalysis’ briefs looks at the role played by Black Host — an example of a so-dubbed bulletproof hosting provider, which provides anonymity-preserving web hosting services.

Other examples of bulletproof hosting services include, but are not limited to, virtual SIM card providers, VPN providers, and anonymous email providers. All these fit under a canopy of anonymity services that help protect the privacy of users’ web presence.

In the case of Black Host, the provider also supports cryptocurrency purchasing for its services, adding another layer of pseudonymous protection. 

Although many users’ privacy concerns are legitimate, Chainalysis notes, in the case of Black Host its analysis has identified that its services were used, back in May 2018, by a Bitcoin (BTC) address associated with the North Korean government-aligned cybercriminal Lazarus Group

The second of Chainalysis briefs casts the spotlight on the Iranian cryptocurrency exchange ecosystem, in particular a popular local trading platform, Farhad Exchange. 

While many established crypto peer-to-peer sites such as Localbitcoins have halted operations in Iran for fear of fines of United States sanctions violations, domestic exchanges have continued to operate. This is despite the Central Bank’s pledge to crack down on private cryptocurrency projects in recent years.

Farhad, which supports Iranian rials, U.S. dollar and Russian ruble e-currencies from WebMoney, and major cryptocurrencies, has an active social media and online educational program for domestic crypto users. 

Over 20,000 BTC addresses attributed to the exchange have been identified by Chainalysis, involved in over 46,000 transactions. These have purportedly become less active in recent months, and overall hold a balance of under 1 Bitcoin. Nonetheless, they do continue to transact as of April 29, and addresses associated with the platform have received 7,993.09 BTC and sent 7,978.77 BTC since 2016.

In its most recent traffic, Farhad has interacted with mainstream exchanges, as well as higher-risk entities, gambling sites and peer-to-peer platforms. 

Between 2014 to 2017, the exchange received 74 BTC from an address linked to an Iranian national sanctioned for his role in assisting the SamSam ransomware attackers to convert BTC into rials.

The last of Chainalysis’ briefs focuses on a Poland-based crypto Ponzi Scheme, FutureNet, which has established an infrastructure of mock companies to create a veneer of legitimacy for the scam. 

Recent Chainalysis research

Last month, Cointelegraph reported on Chainalysis’ analysis of the use of cryptocurrencies to purchase child sexual abuse material on the darknet, which found that such transactions had increased by 32% in 2019 over the previous year.

Tags
Related Posts
Polish crypto exchange employee in induced coma after armed attack
Polish police have detained a suspect in an armed attack on FlyingAtom, a cryptocurrency and gold exchange in the city of Olsztyn in northeastern Poland. The incident, which occurred around 7 p.m. local time on Jan. 22, resulted in the injuries of two employees — one of whose situation was severe enough to necessitate an induced coma. According to local media reports from Jan. 23, the masked attacker escaped with gold worth 450,000 zloty (roughly $120,000), fleeing the exchange's office on the fourth floor of a skyscraper in the city center. Following the incident, police secured the area and scoured …
Bitcoin / Feb. 3, 2021
Binance denies allegations of market manipulation
Major cryptocurrency exchange Binance is pushing back against allegations of market manipulation and working against the interest of its users. In a Monday Twitter thread, Binance seemingly laid the blame for any claims of manipulating the crypto market on publications spreading fear, uncertainty and doubt, as well as certain individuals impersonating employees at the exchange. The firm said it “reserves the right to take legal action to protect its interests,” but was not opposed to “responsible whistle-blowing that protects the trust of our community.” “Binance has never traded against our users nor manipulated the market, and we never will,” said …
Business / Aug. 23, 2021
North Korea’s ‘Bureau 121’ Has an Army of 6000 Hackers
A report unveiled by the U.S. Army reveals that North Korea now has more than 6,000 hackers stationed in countries such as Belarus, China, India, Malaysia, Russia, among others. The operations of four sub divisions are overseen by Bureau 121, the cyber warfare guidance unit of the hermit nation. The report, named North Korean Tactics, suggests the hackers do not exclusively launch cyberattacks from North Korea itself, as the country lacks the IT infrastructure to deploy the massive campaigns. Financial crimes division The “financial crime division” called the Bluenoroff Group has around 1,700 members and is dedicated to crypto crimes …
Blockchain / Aug. 19, 2020
Co-Owner of Now-Defunct Crypto Exchange BitMarket Found Dead
Tobiasz Niemiro, co-owner of now-defunct Polish cryptocurrency exchange BitMarket, has been found dead, local public radio station Radio Olsztyn reported on July 25. The local police stated that Niemiro had been found dead with a wound in his skull near his residence in the city of Olsztyn. The exact circumstances of Niemiro’s death have not yet been established. Polish political and general news-focused newspaper Gazeta Wyborcza suggested that Niemiro committed suicide. The authorities are ostensibly still working on determining the exact circumstances of Niemiro’s death. BitMarket suffered from lack of liquidity Niemiro purchased the BitMarket exchange a year after it …
Altcoin / July 27, 2019
NCFTA onboards crypto exchange Binance to fight against cybercrime
The National Cyber-Forensics and Training Alliance (NCFTA), an American non-profit, onboarded its first crypto firm Binance to aid their ongoing battle against cybercrimes. Founded in 2002, the NCFTA partners with law enforcement and various business and academic entities to source threat intelligence to identify and mitigate cybercrime threats. By partnering with Binance, the world’s biggest crypto exchange in terms of trading volume, the NCFTA aims to tackle international cybersecurity investigations. According to Binance’s VP of Global Intelligence and Investigations, Tigran Gambaryan, the exchange aims to be the leading contributor in the fight against cybercrime, ransomware, and terrorism financing: “Joining the …
Blockchain / Jan. 18, 2022