Elevate your Compliance with Intelect, our monthly round up of news items relevant to AML regulated businesses.
Cyber Security
Artificial intelligence
Kaspersky are drawing attention to dark web sites selling fake access to the malicious AI tool WormGPT. The sites have phishing-like characteristics, including differing designs, costs, currencies used for payment, and payment to a trial version, which tends not to be the norm.
WormGPT is a version of ChatGPT, unlike its legitimate counterpart it lacks specific limitations and renders itself to being tool for cybercriminals looking to carrying out the likes of Business Email Compromise (BEC).
Phishers and scammers will always exploit the popularity of certain products and brands, and WormGPT is no exception.
Social media security reminder
According to sources the hacking group known as Lazarus targeted a Spanish aerospace company last year by posing as recruiters for Meta (Facebook).
Cybersecurity researchers at ESET said that sometime last year the fake recruiter reached out to victims via LinkedIn Messaging, and then asked interested “applicants” to download a pair of coding challenges that were part of the hiring process. Those files were laced with malware, and once executed on a company device delivered a remote access Trojan that the researchers dubbed “LightlessCan.”
This in turn compromised company devices and is a reminder to be vigilant when interacting on social media!
Due Diligence
Crypto currency, money laundering and Estonia
Estonia is well known for its technological innovation and over the past few years has attracted numerous crypto companies. However, an investigation has revealed connections to Russian Intelligence, money laundering, fraud, and questionable companies.
There are also reported links to fundraising for the Russian mercenary group Wagner.
Some headlines from the investigation appear below,
- Over the last 5 years Estonia became a global hotspot for crypto companies
- Around 55% of all virtual currency service providers in the world are registered in Estonia
- One of the reasons behind the large numbers is thought to Estonia’s liberal crypto licensing system, allow non-doms and clients – to promote themselves as EU-licensed financial services.
The reach of Chinese criminal networks
The Florida State University (FIU) have published a research paper called “Triads, Snakeheads, and Flying Money: The Underworld of Chinese Criminal Networks in Latin America and the Caribbean.”
The authors make clear that Mexico and China are the primary sources of fentanyl and fentanyl-related substances trafficked directly into the U.S.
Since 1999, approximately one million Americans have lost their lives due to drug overdoses from synthetic opioids. In 2022 alone, drug overdose fatalities were estimated at nearly 110,000. The majority of the substances used are believed to have their origins in organised criminality.
Download report from Source
Regulatory
Revolut in hot water
The challenger bank, Revolut are reported to be under investigation by the UK Financial Conduct Authority (FCA) over an alleged failure to prevent money from being released from suspicious accounts.
The incident which occurred in July and August involved accounts which were said to have been flagged by the National Crime Agency (NCA) as suspicious. As much as £1.7m is believed to have been released.
Revolut, which does not currently have a banking licence, has signed up 2.25 million users since its launch in July 2015