Feeds

Russian cybercrooks shun real currencies, develop private altcoins

Only n00bs need real-world cash in the cryptocurrency era

Internet Security Threat Report 2014

Fraudsters are using private currencies to conduct transactions with each other on Russian-language cybercrime forums.

The advent of new private financial systems and currencies in the Russian-language cybercrime community is a trend indicating a stronger level of collaboration, cooperation and sophistication amongst individual fraudsters and between different fraudster boards in the digital underground, according to security researchers at RSA.

"Ever since the Liberty Reserve takedown in May of last year and the confiscation of all accounts by law enforcement, fraudsters have been busy finding a solid currency to which they can entrust their spoils without the risk of losing them in a bust," the researchers explain in a blog post.

"The obvious choices were Perfect Money and BitCoin, but both currencies carry inherent risk. Perfect Money is of questionable background, while BitCoin does not provide fraudsters the required level of anonymity and is not immune to seizure. These risks have pushed the underground to adopt - or really create - unique currency systems to help protect the financial security of its dwellers."

Examples of new underground digital currencies include MUSD. The MUSD currency, first seen in November 2013, is used in a single underground board. Forum members can use the currency to purchase services from each other, as well as pay for advertising on the board itself. The currency provides a built-in escrow-service and guarantees anonymity. One exchange agent is "offering to cash out MUSD for hard currency in person at an office in Kiev, Ukraine," RSA’s Fraud Intelligence agent reports.

Another currency, United Payment System, is shared by four different Russian language forums. Each forum has its own official exchange agent, and each exchange agent has an administrator who is supervised by a senior forum member to keep him or or "honest". Cash-out options include refilling different pre-paid cards as well as using the exchange agent.

Yet another digital currency, UAPS, is referred to as the ‘First Commercial Bank’ on one of the most powerful boards in the Russian-language cybercrime community. RSA researchers rate it as the "most advanced and secure option for fraudsters" of the three nascent currencies. Adding funds and cashing out is available directly from the UAPS system. And there's a strict policy of retaining data for only two months, an approach that brings privacy benefits.

Researchers at RSA conclude that the use of bespoke digital currencies on underground forums creates a huge headache for law enforcement.

Private financial systems and currencies in the Russian-language cybercrime community is a trend indicating a stronger level of collaboration, cooperation and sophistication amongst individual fraudsters and between fraudster boards in the cybercrime world.

These new internal currencies are carefully administered and secured, ensuring a high level of anonymity in transaction and hiding the user identities, making it more difficult for law enforcement to trace, block, or seize funds and accounts.

Michael Jackson, the former COO at Skype, a decentralised comms network just as Bitcoin is a decentralised digital currency, and an expert in digital currencies told El Reg that cybercrooks may be moving away from BitCoin because of its volatility.

"It is clear that criminals are often the first to exploit new technology, so it comes as no surprise that fraudsters are using underground forum-specific currencies as a system for value transfer," said Jackson, partner at early-stage venture capital firm Mangrove Capital Partners "Indeed, e-gold and even less supervised mainstream products such as DMZ have been used as currency on botnets for a long time."

"This demonstrates to us, as investors, that virtual currencies can be useful rather than just speculative. It also shows us that there will be various iterations on virtual currencies and Bitcoin itself may not be the dominant one. Furthermore, it suggests that criminals don't trust Bitcoin - I hope this is because they think the police will find them, but I suspect it's more to do with the fact that they don't like volatility. Even an online dope seller wants predictability in his business."

Jackson added that there are historical precedents for undergrounds currencies finding their own exchange commodities.

"Systems for value transfer have obviously been used for many years in criminal circles. There is reasonable certainty that art stemming from high value art thefts are used as collateral," he added. ®

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.