Elevate your Compliance and Security with Intelect.
Our monthly round up of news items which are of particular relevance to those businesses regulated for the purposes of Anti-Money Laundering.
‘We prevent bad things happening to good people and their businesses’.
Cyber Security
Russian state-sponsored hacking group Cozy Bear (APT29) has launched a sophisticated phishing campaign targeting European diplomats using fake wine-tasting event invitations.
The emails, disguised as official messages from a European Ministry of Foreign Affairs, contain links that, if clicked, download a malicious archive named wine.zip. This archive includes a trojanized PowerPoint executable and obfuscated DLL files that deploy Grapeloader malware, which establishes persistence on victims’ machines and communicates with Cozy Bear’s command-and-control servers.
Grapeloader acts as a loader for the more advanced Wineloader backdoor, a 64-bit trojan designed to harvest sensitive data, encrypt it, and stealthily send it back to Russian intelligence. The malware is engineered to evade detection by using junk code and deleting traces from memory, and it activates only under specific conditions such as geographic location and timing.
This campaign follows a similar tactic used last year when Cozy Bear targeted German politicians with malware concealed in fake dinner invitations, indicating a persistent and evolving espionage effort by the Kremlin’s cyber operatives.
Cozy Bear, linked to Russia’s FSB intelligence agency, has a notorious history of high-profile cyber-espionage, including the 2020 SolarWinds hack and interference in the 2016 US elections. Their current focus remains on Western governments and diplomatic targets, using increasingly refined social engineering methods to infiltrate secure networks. This latest campaign highlights the ongoing cyber threat posed by Russian intelligence and underscores the importance of vigilance and robust cybersecurity measures within diplomatic circles.
Comment – These sorts of attacks are quickly adapted to suit different audiences, be alert to online invitations that are unexpected.
Organised Crime
Why AML controls are so important
Glasgow is currently facing a violent surge in gang-related attacks, including firebombings targeting homes and businesses linked to rival crime families. This outbreak of violence stems from a fierce feud among three major gangs-the Daniel family from Glasgow, the Richardson clan from Edinburgh, and the Lyons gang connected to the Irish Kinahan cartel.
The conflict intensified after the Richardson gang reportedly seized a £500,000 cocaine shipment from an influential Irish criminal known as “Mr. Big,” who operates from Dubai and has been flooding Scotland with drugs. Masked enforcers allied to Mr. Big have issued chilling threats, demanding the expulsion of rival associates from Scotland.
As reported by The Daily Mail, former undercover detective Simon McLean, with decades of experience infiltrating Glasgow’s criminal networks, warns that organised crime has effectively taken control of the city, exacerbated by reduced police presence and what he describes as a lenient government stance on crime.
Despite a long-term decline in murder rates since 2005, the current turf wars have revived a climate of fear reminiscent of Glasgow’s notorious past. The violence has devastating human consequences, highlighted by tragic incidents such as the firebombing of a home that killed two children, underscoring the brutal cost of the ongoing power struggles.
Police Scotland has responded with arrests of over 20 suspects linked to the recent attacks, while officials emphasize continued efforts to combat organised crime. The Scottish government maintains that overall crime remains low by historical standards and plans further investment in policing. However, insiders and former criminals alike express deep concern about the entrenched nature of gang violence and its impact on communities, warning that without sustained and effective intervention, Glasgow’s streets will remain a battleground for criminal empires.
Comment – Criminals conduct the majority of their illicit activities for money, it is being laundered by legitimate institutions, most likely unwittingly. Are you conducting effective due diligence?
Regulatory
Malta Fines Crypto Exchange OKX £950,000 for AML Compliance Failures
Malta’s Financial Intelligence Analysis Unit (FIAU) has fined OKX’s European subsidiary, Okcoin Europe, €1.1 million (approximately £950,000) for serious and systematic breaches of anti-money laundering (AML) regulations uncovered during a 2023 compliance review.
The regulator found that OKX failed to properly assess and mitigate money laundering risks associated with products such as stablecoins, privacy coins, mixers, and tokens traded on decentralized exchanges. Additionally, OKX did not adequately consider the risks posed by customers and funds originating outside the European Union, despite its focus on servicing European clients.
Although the FIAU acknowledged that OKX has made significant improvements to its AML framework over the past 18 months, the fine reflects the regulator’s position that past compliance failures could not be overlooked. OKX secured a Markets in Crypto Assets (MiCA) license in Malta earlier this year, allowing it to operate across the EU, but the fine highlights that regulatory licensing does not exempt firms from accountability for previous shortcomings. The enforcement action also follows reports of OKX’s decentralized exchange aggregator being used to launder funds linked to a major hack of the Bybit exchange, further intensifying regulatory scrutiny.
Comment – A reminder about theregulatory pressure on crypto firms to maintain robust AML controls and thorough risk assessments as authorities clamp down on vulnerabilities in the digital asset sector.
Do you want an effective tool to help manage you due diligence and risk assessment responsibilities? Look no further than Investigation Engine.
