North Korean state sponsored hackers are showing us a future of transnational organised crime using crypto currencies and money laundering.
Last week the Norwegian Police seized $5.8 million of crypto-currency that was part of $625 million stolen in 2022 from a blockchain project linked to the crypto-based game Axie Infinity by North Korean hackers suspected to be the ‘Lazarus’ group. The Norwegian Police worked with the FBI to trace the crypto-currency, and were assisted by crypto exchange Binance.
North Korea seems to be leading crypto crime. Chainalysis, a US company that develops crypto compliance and investigation software, reported in October 2022 that North Korea-linked hackers were behind attacks on crypto platforms and theft of cryptocurrencies from KuCoin and the Japanese platform Liquid.com. Chainalysis reported that crypto hacking led to $3.8 billion in thefts in 2022, with North Korean hackers responsible for an estimated $1.7 billion of this. North Korean hackers reportedly mainly used ‘Tornado Cash’ to launder the proceeds of their hacking theft. Tornado Cash is an open source decentralized cryptocurrency tumbler that offers a service that mixes potentially identifiable or "tainted" cryptocurrency funds with others, obscuring the trail back to the fund's original source. This is clearly dealing with the proceeds of crypto crime, and the Russian founder of Tornado Cash is in custody in the Netherlands facing money laundering charges.
Also reported recently was that cryptocurrency anonymization service Blender, sanctioned by the US Department of the Treasury last year for laundering hundreds of millions of dollars in digital assets stolen by the North Korean-linked gang Lazarus Group, appears to have relaunched. Blockchain analysis company Elliptic said that a cryptocurrency mixer called "Sinbad" that has already laundered at least $100 million from attacks linked to Lazarus, is probably a Blender reboot. Sinbad began operating in October 2022, ‘tumbling’ tens of millions of dollars in digital assets from Lazarus and other North Korean-linked groups. Sinbad is a custodial mixer, which can be used to launder stolen digital assets or ransom payments, blend crypto holdings from multiple sources so that users can withdraw their balance later. Chainalysis have pointed out how North Korean hackers bridge stolen funds from the Ethereum blockchain to Bitcoin, then send that Bitcoin to Sinbad, with a total of 1,429.6 Bitcoin worth approximately $24.2 million sent to the mixer between December 2022 and January 2023.
Crypto-currencies are becoming an increasingly common target for theft and fraud, with systems available to efficiently launder the proceeds. North Korean hackers and other criminals using “mixers” such as Tornado Cash, Sinbad, and Blender to launder the proceeds of their hacking theft are showing how these tools and systems could provide a major source of funding for organised crime groups.
There is not yet a global regulatory structure or systems to manage the impact of organised crime in the use of crypto currencies. We will see more instances of state sponsored North Korean criminals stealing crypto currencies, laundering the proceeds, and then utilising them for other criminal activities. Crypto currencies will become a funding mechanism for transnational organised crime groups unless there is concerted action to regulate the industry globally.
China
The Supreme People’s Procuratorate announced that Chinese prosecutors have indicted more than 185,000 people for financial crimes over the past five years, a 28.2% increase compared with the previous half-decade. The increase in enforcement action includes action against financial crime involving large conglomerates, such as the Tomorrow Holding Co. Ltd. and Anbang Insurance Group Co. Ltd, which according to the authorities were part of long term efforts to mitigate risks in the financial system. The founder of Anbang, Wu Xiaohui, was imprisoned for 18 years in 2018 after conviction for theft and fraud related charges and the huge Anbang group was taken over by the government to later be transformed into Dajia Insurance Group. The founder of the Tomorrow Group, Xiao Jianhua, was imprisoned for 13 years after being found guilty of charges relating to bribery and illegal deposit taking, with the government seizing companies linked to the group to dismantle high risk assets.
Whilst this narrative sounds reasonable, there is always concern that criminal cases against business tycoons in China are in some way politically motivated. The key question regarding Xiao Jianhua is whose risky assets was he managing as the Tomorrow Group grew to become one of the largest conglomerates in China. Xiao and the Tomorrow Group were alleged to have illegally raised funds from sales of wealth management products totalling Rmb311.6 billion from 2010 to 2017, and transferred Rmb148.6 billion of funds from trustees for their own use around that period. Xiao allegedly bribed state officials with equities, property, and cash totalling over Rmb680 million in order to evade regulatory supervision.
Continued high level corruption in China was illustrated by the recent announcement that the President of the Chinese Football Association is under investigation for corruption. The Central Commission for Discipline Inspection stated that Chen Xuyuan is suspected of “serious violations of discipline and law,” the usual CCDI language for corruption. Football in China has been plagued by corruption, with three other senior officials placed under investigation since November 2022, including former head coach of the Chinese men’s soccer team Li Tie, the CFA’s executive deputy secretary-general, Chen Yongliang, and the association’s former Secretary-General Liu Yi.
India
The National Cyber Security Coordinator of India stated that over 3,500 financial frauds are reported daily to the government’s Cyber Crime Portal. He said that the elderly are often targeted, but that prosecutions are abysmally low. The National Crime Records Bureau registered 52,974 incidents of cyber-crimes in 2021, an increase of 6 per cent from the prior year.
Japan
Four more executives from advertising and event companies including Hakuhodo Inc. are suspected of involvement in bid-rigging linked to the Tokyo Olympic Games, following the arrest of four others already arrested on suspicion of violating the Antimonopoly Law over alleged bid-rigging for pre-Games events. Those already arrested include the former deputy director of the Tokyo Games organizing committee’s Operations Bureau, a former Dentsu Inc. executive, executives from event company Cerespo Co. and TV production company Fuji Creative Corp. In addition to the executives linked to Dentsu, Cerespo and Fuji Creative, the Tokyo District Public Prosecutors’ special investigation squad is also investigating suspected bid-rigging by the executives of Hakuhodo, ADK Holdings Inc., Tokyu Agency Inc. and Same Two Inc. The special investigation squad suspects contract coordination discussions involving the seven companies were held at the organizing committee’s secretariat office in Tokyo and other locations.
Myanmar
Several groups of young men and women from the Philippines were repatriated after being trafficked to Myanmar to work in compounds where they were forced to take part in online scams to trick people to invest in cryptocurrency. The Philippines Foreign Ministry stated that Chinese criminals operating cryptocurrency scams in Southeast Asia are targeting Filipinos to work for them because of their English-language and computer skills, leading to them being tricked into jobs and then trafficked to Myanmar, Laos, and Cambodia. The scam centres are involved in online gambling, cryptocurrency, online money lending and similar advance fee frauds.
It has been reported that at least 1,000 Malaysians are still being held at the KK Garden in Myanmar’s Myawaddy township, which is notorious for being a crime hub. The huge scale of the human trafficking in South East Asia is being reported on a daily basis, and coordinated action by governments against the criminal groups hiding largely in Myanmar is well overdue.
South Korea
The South Korean government has identified $9.5 billion worth of illegal overseas remittances related to virtual assets last year, five times the amount seen between 2018 and 2021. The Korea Customs Service and the Financial Supervisory Service reported to prosecutors’ cases worth over $9 billion of illegal overseas remittance tied to cryptocurrency trades in 2022. The funds are known to be transactions for the ‘kimchi premium’ that leverages higher cryptocurrency prices in local exchanges than other markets. The funds flowing out to other markets are suspected to be linked to overseas criminal organizations or money laundering, with 71% of the funds going to entities in Hong Kong, 15.3 percent to Japan, and 5 percent to Mainland China.
Singapore
The Singapore Police reported a slight rise in physical crime in 2022, with molestation, voyeurism, and theft among crimes increasing. The total number of cases of outrage of modesty, or molestation, rose to 1,610 in 2022, compared with 1,474 in 2021, but over 50% of the cases involved culprits known to the victims. Shop thefts increased from 2,652 in 2021 to 3,244 in 2022. There were only 7 murders in 2022 (the same number as in 2021) and all of the culprits were known to the victims. Singapore is a remarkably peaceful society with some of the lowest levels of violent crime in the world. However, data on scams was reported earlier separately from the main crime statistics, and shows the rise of this epidemic across Asia with 31,728 cases reported in Singapore 2022, up from 23,933 cases in 2021, an increase of 32.6 per cent.