filmov
tv
Russian Sanctions Evasion Puts Merchants and Banks at Risk | SLEUTHCON 2023
Показать описание
SLEUTHCON 2023 - May 12, Arlington, VA
Presentation by Ilya Volovik, Recorded Future
Cybercriminals devise and execute various workarounds to legalize their illicit income. After international sanctions were leveled against Russia in the wake of Russia’s full-scale invasion of Ukraine, ordinary Russian consumers have likely resorted to similar workarounds to obtain goods produced abroad.
Recorded Future has uniquely identified prepaid cryptocurrency virtual credit cards and mail forwarding services — also known as “reshippers” — as methods that can potentially be exploited to illegally bypass sanctions. International financial institutions and merchants that are indirect participants of these workarounds may be at risk of falling under secondary sanctions. This risk could be greatly reduced by implementing more stringent verification procedures for the services and transactions involved in these workarounds.
In this talk, Ilya will outline the key findings of this research, including:
● Many crypto services allow customers to register prepaid cryptocurrency virtual credit cards with minimal or no verification. This lack of verification and dark web sources indicate that these prepaid cryptocurrency VCCs can be used for sanctions evasion.
● Various mail forwarding services, including Qwintry, allow Russian customers to order goods produced from abroad. Purchases and deliveries organized through Qwintry can be funded through various means, including cryptocurrency and Russian-issued payment cards. Although these services publish lists of restricted goods that they claim they are unable to ship, dark web sources indicate that they can be used to receive goods that are subject to export controls.
● We registered a prepaid cryptocurrency VCC using the service Moon. Open source analysis revealed the payment card’s bank identification number (BIN) was issued by Bay First Bank, a US financial institution.
● It is likely that additional financial institutions and merchants are also being enlisted as unwitting participants in sanctions evasion schemes that involve prepaid VCCs and mail forwarding services. If this is the case, they may be at risk of secondary sanctions.
● Mitigation strategies for financial institutions to defend against their unknowing participation in this illicit sanction-evading campaigns.
#cybersecurity #cybercrime #crypto #cryptonews #cryptocurrency
Presentation by Ilya Volovik, Recorded Future
Cybercriminals devise and execute various workarounds to legalize their illicit income. After international sanctions were leveled against Russia in the wake of Russia’s full-scale invasion of Ukraine, ordinary Russian consumers have likely resorted to similar workarounds to obtain goods produced abroad.
Recorded Future has uniquely identified prepaid cryptocurrency virtual credit cards and mail forwarding services — also known as “reshippers” — as methods that can potentially be exploited to illegally bypass sanctions. International financial institutions and merchants that are indirect participants of these workarounds may be at risk of falling under secondary sanctions. This risk could be greatly reduced by implementing more stringent verification procedures for the services and transactions involved in these workarounds.
In this talk, Ilya will outline the key findings of this research, including:
● Many crypto services allow customers to register prepaid cryptocurrency virtual credit cards with minimal or no verification. This lack of verification and dark web sources indicate that these prepaid cryptocurrency VCCs can be used for sanctions evasion.
● Various mail forwarding services, including Qwintry, allow Russian customers to order goods produced from abroad. Purchases and deliveries organized through Qwintry can be funded through various means, including cryptocurrency and Russian-issued payment cards. Although these services publish lists of restricted goods that they claim they are unable to ship, dark web sources indicate that they can be used to receive goods that are subject to export controls.
● We registered a prepaid cryptocurrency VCC using the service Moon. Open source analysis revealed the payment card’s bank identification number (BIN) was issued by Bay First Bank, a US financial institution.
● It is likely that additional financial institutions and merchants are also being enlisted as unwitting participants in sanctions evasion schemes that involve prepaid VCCs and mail forwarding services. If this is the case, they may be at risk of secondary sanctions.
● Mitigation strategies for financial institutions to defend against their unknowing participation in this illicit sanction-evading campaigns.
#cybersecurity #cybercrime #crypto #cryptonews #cryptocurrency
0:08:41
0:03:04
0:14:32
0:24:02
0:00:20
0:17:20
0:03:23
0:09:43
0:02:05
0:20:06
0:18:34
0:22:40
0:04:39
0:11:40
0:11:16
0:10:05
0:18:37
0:03:13
0:28:43
0:30:09
1:00:10
0:50:05
0:40:22
0:35:42