Connect with us

Published

on

In this article

When the FBI successfully breached a crypto wallet held by the Colonial Pipeline hackers by following the money trail on bitcoin’s blockchain, it was a wake-up call for any cyber criminals who thought transacting in cryptocurrency automatically protected them from scrutiny.

One of the core tenets of bitcoin is that its public ledger, which stores all token transactions in its history, is visible to everyone. This is why more hackers are turning to coins like dash, zcash, and monero, which have additional anonymity built into them.

Monero, in particular, is increasingly the cryptocurrency of choice for the world’s top ransomware criminals.

“The more savvy criminals are using monero,” said Rick Holland, chief information security officer at Digital Shadows, a cyberthreat intelligence company.

Created in 2014

Monero was released in 2014 by a consortium of developers, many of whom chose to remain anonymous. As spelled out in its white paper, “privacy and anonymity” are the most important aspects of this digital currency.

The privacy token operates on its own blockchain, which hides virtually all transaction details. The identity of the sender and recipient, as well as the transaction amount itself, are disguised.

Because of these anonymity features, monero allows cyber criminals greater freedom from some of the tracking tools and mechanisms that the bitcoin blockchain offers.

“On the bitcoin blockchain, you can see what wallet address transacted, how many bitcoin, where it came from, where it’s going,” explained Fred Thiel, former chairman of Ultimaco, one of the largest cryptography companies in Europe, which has worked with Microsoft, Google and others on post-quantum encryption.

“With monero, [the blockchain] obfuscates the wallet address, the amount of the transactions, who the counter-party was, which is pretty much exactly what the bad actors want,” he said.

With monero, they’re obfuscating the wallet address, the amount of the transactions, who the counter-party was, which is pretty much exactly what the bad actors want.
Fred Thiel
CEO, Marathon Digital Holdings

While bitcoin still dominates ransomware demands, more threat actors are starting to ask for monero, according to Marc Grens, president of DigitalMint, a company that helps corporate victims pay ransoms. 

“We’ve seen REvil…give discounts or request payments in monero, just in the past couple months,” continued Holland.

Monero was also a popular choice on AlphaBay, a massive underground marketplace popular up until it was shut down in 2017.

“It’s almost like we’re seeing, at least from a cyber criminal perspective, a resurgence…in monero, because it has inherently more privacy than some of the other coins out there,” Holland said of monero’s recent rise in popularity among actors in the ransomware space.

Monero’s limitations

There are, however, a few major barriers when it comes to the mainstreaming of monero.

For one, it’s not as liquid as other cryptocurrencies — many regulated exchanges have chosen not to list it due to regulatory concerns, explained Mati Greenspan, portfolio manager and Quantum Economics founder. “It certainly isn’t enjoying as much from the recent wave of institutional investments,” he said.

In practice, that means that it’s harder for cyber criminals to get paid directly in the currency.

“If you’re a corporation and you want to acquire a bunch of monero to pay somebody, it’s very hard to do,” Thiel told CNBC. 

The digital currency could also be more vulnerable to regulation at its on-and-off-ramps, which is the bridge between fiat cash and crypto tokens. 

“I would wager to say the U.S. and other regulators are going to shut them [monero] down pretty hard,” said Thiel.

One way they could go about that: telling an exchange that if they list monero, they risk losing their license.  

But while the U.S. government can indeed keep monero at bay by marginalizing liquidity points, Castle Island Ventures founding partner Nic Carter believes that markets which allow peer-to-peer transfers of monero to fiat will always be hard to regulate. 

There’s also nothing to keep hackers within U.S. jurisdiction. Criminals could easily choose to carry out all of their transactions overseas, in places that aren’t subject to the kind of controls American regulators might put in place.

Bitcoin still rules ransomware

Cyber insurance is another reason why bitcoin is still the currency of choice for most ransomware attacks.

“Insurance is so important in this space, and insurers often refuse to reimburse a ransom payment if it’s been in monero,” said former CIA case officer Peter Marta, who now advises companies about cyber risk management as a partner with law firm Hogan Lovells. 

“One of the things that insurers will always ask for is what type of due diligence the victim company conducted, before making the payment…to try to minimize the chance that the payment goes to an entity on the sanctions list,” explained Marta. 

Traceability is more easily accomplished with bitcoin, given that its blockchain lays bare transaction amounts and the addresses of both the sender and recipients taking part in the exchange. There is also an established infrastructure already in place for officials to monitor these transactions.

Authorities keep lists of bitcoin wallets, which are tied to different sanctions regimes.

While monero does offer a greater degree of privacy over bitcoin, Holland points out that threat actors have mastered certain techniques to anonymize transactions in bitcoin, in order to obscure the chain of custody. 

He says that cyber criminals often turn to a mixing or tumbling service, where they can combine the illicit funds with clean crypto to essentially make a new type of bitcoin, at which point, they turn to currency swaps. 

“Just like you would do dollars to pounds…they may go bitcoin, to monero, then back to bitcoin, and then get a bitcoin ATM card, where they can just cash out dollars with it,” explained Holland.

So even though bitcoin’s blockchain is public, there are still ways to make it difficult for investigators to trace transactions to their ultimate destination. 

Continue Reading

Technology

DOJ asks for independent probe into FTX bankruptcy, a likely tactic to gather evidence on alleged fraud

Published

on

By

DOJ asks for independent probe into FTX bankruptcy, a likely tactic to gather evidence on alleged fraud

John Ray, chief executive officer of FTX Cryptocurrency Derivatives Exchange, arrives at bankruptcy court in Wilmington, Delaware, US, on Tuesday, Nov. 22, 2022.

Eric Lee | Bloomberg | Getty Images

The Department of Justice has requested that an independent examiner be appointed to review “substantial and serious allegations of fraud, dishonesty” and “incompetence” after the implosion of Sam Bankman-Fried’s crypto empire. It could be one way for the DOJ to gather evidence of alleged fraud.

In a filing in Delaware federal bankruptcy court, Andrew Vara, a U.S. bankruptcy trustee, told the court that the allegations of corporate misconduct and complete failure merited an immediate and speedy examination of the events leading up to FTX’s stunning collapse three weeks ago.

Vara said there’s a substantial basis to believe that Bankman-Fried and other managers mismanaged FTX or engaged in fraudulent conduct.

“It seems to me that the DOJ is trying to use the bankruptcy process as a way of getting evidence,” former federal prosecutor Renato Mariotti told CNBC.

“Many times, the Department of Justice and bankruptcy estates in fraud cases work together in compiling potential restitution or other types of actions to make victims whole,” he said. The DOJ “will likely be part of the asset recovery and potentially having a Victims Fund with money going to those that lost money and what the Department of Justice potentially will view as a fraud.”

“It just shows a level of interest and attention that they’re paying to this that should be troubling to Mr. Bankman-Fried.”

Vara said an examination is preferable to an internal investigation because of the wider implications the company’s collapse may have on the crypto industry.

Another legal expert said that there could be other factors at play too, including the extensive political donations that FTX executives were involved in on both sides of the aisle.

There have been “campaign donations on both sides of the aisle from FTX and there have been political overtones and undertones in this case,” said Braden Perry, former senior trial attorney at the Commodities Futures Trading Commission and Kennyhertz Perry partner.

“I think that this is just out of prudence and out of caution to make sure that whatever is happening is done at an independent level,” Perry continued.

It’s not unusual to appoint a bankruptcy examiner. There was one to oversee the crypto bankruptcy process of Celsius Network, for example.

Bankruptcies above a certain size require an examiner. In this case, the U.S. Trustee said that an examiner is mandatory because FTX’s fixed, liquidated and unsecured debts to customers exceed the $5 million threshold.

FTX’s November collapse left creditors reeling over the loss of hundreds of millions of dollars, in some cases, and has rocked the wider crypto world. BlockFi, a crypto lender, filed for bankruptcy protection in New Jersey last week.

Continue Reading

Technology

Tech layoffs send visa holders on frantic search for employment to avoid deportation

Published

on

By

Tech layoffs send visa holders on frantic search for employment to avoid deportation

After years of seemingly boundless expansion, the U.S. tech industry has hit a wall. Companies are in cash preservation mode, leading to thousands of job cuts a month and a surge of layoffs in November.

While the sudden loss of a paycheck can be devastating for anyone, especially during the holiday season, the recent wave of reductions is having an outsized impact on skilled workers who are living in the U.S. on temporary visas and are at risk of being sent home if they can’t secure a new job in short order.

Tech companies are among the employers with the most approvals for H-1B visas, which are granted to people in specialty occupations that often require a college degree and extra training. Silicon Valley has for years leaned on temporary visas issued by the government to employ thousands of foreign workers in technical fields such as engineering, biotech and computer science. That’s a big reason tech companies have been outspoken in their defense of immigrants’ rights.

Workers on temporary visas often have 60 to 90 days to find a new gig so they can avoid being deported.

“It’s this amazing talent pool that the U.S. is fortunate to attract, and they’re always living on the edge,” said Sophie Alcorn, an immigration lawyer based in Mountain View, California, who specializes in securing visas for tech workers. “Many of them up are up against this 60-day grace period deadline. They have a chance to find a new job to sponsor them, and if they can’t do that, they have to leave the U.S. So it’s a stressful time for everybody.”

The already grim situation worsened in November, when Meta, Amazon, Twitter, Lyft, Salesforce, HP and DoorDash announced significant cuts to their workforces. More than 50,000 tech workers were let go from their jobs in November, according to data collected by the website Layoffs.fyi.

Amazon gave staffers who were laid off 60 days to search for a new role inside the company, after which they’d be offered severance, according to a former Amazon Web Services employee who lost his job. The person spoke to CNBC on the condition of anonymity.

In fiscal 2021, Amazon had the most approved petitions for H-1B visas, with 6,182, according to a National Foundation for American Policy review of U.S. immigration data. Google, IBM and Microsoft also ranked near the top of the list.

The former AWS employee has been in the country for two years on student and employment visas. He said he was unexpectedly laid off at the beginning of November, just months after joining the company as an engineer. Despite Amazon informing him that he had 60 days to find another position internally, the person said his manager advised him to apply for jobs elsewhere due the company’s pullback in hiring. Amazon said in November it’s pausing hiring for its corporate workforce.

An Amazon spokesperson didn’t provide a comment beyond what CEO Andy Jassy said last month, when he told those affected by the layoffs that the company would help them find new roles.

Companies generally aren’t specifying what percentage of the people being laid off are on visas. A search for “layoffs H1B” on LinkedIn surfaces a stream of posts from workers who recently lost their jobs and are expressing concern about the 60-day unemployment window. Visa holders have been sharing resources on Discord servers, the anonymous professional network Blind and in WhatsApp groups, the former AWS employee said.

It had already been a frenetic few years for foreign workers in the U.S. well before surging inflation and concerns of a recession sparked the latest round of job cuts.

The Trump administration’s hostile posture toward immigration put the H-1B program at risk. As president in 2020, Donald Trump signed an executive order suspending work visas, including those with H-1B status, claiming they hurt employment prospects for Americans. The move drew a strong rebuke from tech executives, who said the program serves as a pipeline for talented individuals and strengthens American companies. President Joe Biden allowed the Trump-era ban to expire last year.

Whatever relief the Biden presidency provided is of limited value to those who are now jobless. An engineer who was recently laid off by gene-sequencing technology company Illumina said he hoped his employer would sponsor his transfer to an H-1B visa. He’s here on a different visa, known as Optional Practical Training (OPT), which allows graduates in science, technology, engineering and mathematics (STEM) to work in the U.S. for up to three years after graduation.

The former Illumina employee, who spoke on condition that he not be named, not only has to find a new job within 90 days from the layoff date, but his OPT visa expires in August. Any company that hires him must be willing to sponsor his visa transfer and pay the related fees. He’s considering going back to school in order to extend his stay in the U.S., but he’s anxious about taking on student loans.

Illumina said in November it was cutting about 5% of its global workforce. A company spokesperson told CNBC that less than 10% of impacted employees were here on H-1B or related visas.

“We are engaging with each employee individually so that they understand the impact to their employment eligibility and options to remain in the U.S.,” the spokesperson said by email. “We are working to review each and every situation to ensure great care for those impacted, and to ensure compliance with immigration law.”

The ex-employee said he had dreams of working for Illumina, planting roots in the U.S. and buying a house. Now, he said, he’s just trying to find a way to stay in the country without going deep into debt. In just a matter of months, it’s “like a night and day difference,” he said.

WATCH: Tech layoffs double from October to November

Continue Reading

Technology

Elon Musk suspends Ye’s Twitter account after swastika post

Published

on

By

Elon Musk suspends Ye's Twitter account after swastika post

Ye suspended from Twitter again after antisemitic post

Ye’s Twitter account was suspended again Friday for violating the social media platform’s rules on “incitement to violence,” CEO Elon Musk said.

The rapper, formerly known as Kanye West, appeared to post an image of a swastika, a symbol synonymous with the Nazis, inside a Star of David, a prominent symbol of Judaism.

Musk said he “tried his best” in response to Ye’s tweet, which can no longer be viewed. “Despite that, he again violated our rule against incitement to violence. Account will be suspended.”

Ye’s tweet came after he made antisemetic comments in an interview with the controversial radio host Alex Jones on Thursday. Ye referred to “the Jewish media” and said he saw “good things about Hitler” in an hourlong conversation with the conspiracy theorist.

In October, Twitter locked Ye’s account for an unspecified amount of time following a string of antisemitic remarks which escalated into threatening and hateful comments about Jewish people. He returned to Twitter in November.

Deals off

Elon Musk is the bravest, most creative person on the planet, says Netflix's Reed Hastings

The billionaire Tesla CEO, who has called himself a “free speech absolutist,” is finding the limits of that tested in his early days of owning Twitter.

‘Verified’ service

Musk has attempted to make sweeping changes in his first few days in charge, including gutting a huge swathe of Twitter’s workforce and launching an $8 per month “Verified” service that allows users to buy the coveted blue check mark.

Twitter was forced to pause its subscription service however after users abused it by paying the fee to get a blue check then impersonating celebrities.

Musk said last week that the “Verified” service would be relaunched on Friday with different colored check marks, but there has been no update on whether this is still the case.

Continue Reading

Trending