Global Ledger

In May 2024, Japanese crypto exchange DMM Bitcoin suffered a breach, losing $305M in Bitcoin. Investigations attribute the attack to North Korea's Lazarus Group, a state-backed hacking organization. Key Details: ▶️ The attack involved exploiting vulnerabilities in the exchange’s systems. ▶️ Lazarus Group is linked to $1.34B in cryptocurrency thefts in 2024, accounting for two-thirds of global crypto thefts. ▶️ The funds are believed to support North Korea’s missile and nuclear programs. ▶️ Japan’s Financial Services Agency has since tightened security guidelines for exchanges. Read more here 🔗 https://lnkd.in/dxc5jXPj. #Cryptocurrency #Cybersecurity #LazarusGroup #BlockchainTheft #CryptoHacks

This week’s newsletter covers crypto laundering gaps exploited for $195M, a $39.4M crypto theft tied to the LastPass breach, MiCAR reporting guidance from the EBA, a dismantled North Korean laundering network, and Nigeria’s crackdown on international crypto scams.

The U.S. Department of Justice has charged two individuals for operating an NFT rug pull that defrauded investors of over $22 million. The fraudulent projects, launched on Ethereum and Solana, included Vault of Gems, Faceless, and Sinful Souls. These projects attracted investments through false promises and deceptive roadmaps before the funds were taken and the projects abandoned. The DOJ identified this case as the largest NFT fraud prosecuted to date. Read the full article here 🔗 https://lnkd.in/dVQj634G #NFTs #Crypto #FraudPrevention #Blockchain

Crypto Crime Alert: LastPass Threat Actor 🚨 In August 2022, LastPass, a password management service, experienced a significant security breach. The hacker obtained the company’s source code and technical information. By December 2022, this stolen information was used to target employees’ devices, gaining access to keys for customer data stored in a cloud storage system. As a result: ▶️ Unencrypted customer metadata and encrypted password vaults were stolen. ▶️ The encrypted vaults, containing website credentials, could potentially be cracked through brute force attacks. Crypto Theft Totals $39.4M as of December 2024: Since the breach, the stolen data has been used to steal over $39.4 million in cryptocurrencies. In December 2024 alone, $11.94 million was added to the total. Key activities between December 16–17, 2024: ▶️ 72 EVM wallets were emptied, leaving a balance of just 0.24 ETH. ▶️ Funds were transferred to instant exchanges ChangeNOW and FixedFloat, which lack KYC requirements. Breakdown of Fund Transfers: ▶️ 7.998 ETH ($26,274.17) to KuCoin. ▶️ 208.51 ETH ($686,709.67) to ChangeNOW. ▶️ 1,078.07 ETH (~$3.53 million) to FixedFloat. On the Bitcoin network, the hacker consolidated funds into 48 wallets, holding 118.32 BTC (~$11.94 million) unspent. Victim Action Steps: ▶️ The owner of wallet 0x261a398f5293dddb8f7dac08418a923f4b8c101e should contact KuCoin and local law enforcement to request a freeze on the stolen funds deposited into KuCoin. ▶️ Other victims should collaborate and file a mutual complaint with law enforcement to increase the likelihood of identifying and prosecuting the attackers. Protect Your Accounts: ▶️ If you used LastPass to store login credentials, immediately: ▶️ Change all logins and passwords stored in the app. ▶️ Enable two-factor authentication (2FA) on sensitive accounts to enhance security. #CyberSecurity #DataBreach #CryptoTheft #BlockchainSecurity #DigitalSafety

Roman Storm, co-founder of Tornado Cash, is pushing to dismiss criminal charges following a major court decision. The Fifth Circuit Appeals Court ruled that U.S. Treasury sanctions on Tornado Cash's smart contracts were unlawful, stating that these contracts aren’t “property” under federal law. Storm faces accusations of conspiracy to commit money laundering and running an unlicensed money-transmitting business. His legal team argues: ▶️ The court ruling undermines the charges against him. ▶️ As a developer, he had no control over the smart contracts after they were deployed on Ethereum. Read the full story here: https://lnkd.in/d2HBdxqH #CryptoNews #Blockchain #Decentralization

Crypto Crime Alert 🚨 U.S. authorities have dismantled a North Korean crypto money-laundering network. The operation targeted a group accused of laundering stolen cryptocurrency to support North Korea’s nuclear weapons program. Key details: ▶️ The network was linked to cyberattacks that drained hundreds of millions from cryptocurrency platforms. ▶️ Laundered funds were funneled through multiple wallets and services to obscure their origins. ▶️ This action is part of a broader effort to combat the use of crypto in state-sponsored criminal activity. Read more here: https://lnkd.in/dx5B2Wrz #CryptoCrime #MoneyLaundering #NorthKorea #Blockchain

 DEXX.ai Hack: Update ▶️ December 17, 2024: Hacker began swapping tokens across Ethereum, Base, and BNB networks into ETH. ▶️ Tornado Cash Transactions: Conducted 4 additional deposits, totaling 220 ETH (~$851,081). ▶️ Remaining Balance: ~$549,390 in various tokens, though highly volatile due to a large number of memecoins. ▶️ Cumulative Deposits: 6,432.40 ETH (~$24.09M) funneled into Tornado Cash between Dec 5–17, 2024. #CryptoNews #BlockchainSecurity #TornadoCash

Our latest investigation at Global Ledger have uncovered critical gaps in the crypto ecosystem that illicit actors are exploiting. From partial KYC platforms to laundering via USDT, the findings reveal the urgent need for industry-wide action. 🔍 Key Takeaways: 1️⃣ USDT: The go-to cryptocurrency for large-scale laundering. 2️⃣ $195M USDT Laundered: Magomedov's wallet showed complex interaction with exchanges. 3️⃣ $146K USDT Laundered: Chirkinyan's wallet revealed simpler patterns but direct CEX deposits. 4️⃣ CEX Funnels: Regulated and sanctioned exchanges, including Garantex, were used for direct deposits. 5️⃣ Partial KYC Gaps: Minimal verification requirements enabled laundering. 6️⃣ Cyprus Gambling Links: Crypto deposits tied to gambling platforms traced to Chirkinyan. These insights emphasize the need for collaboration and transparency to safeguard the crypto space. Dive deeper into our findings 👇 https://lnkd.in/dUTX5PAF #CryptoSecurity #AML #BlockchainTechnology #CryptoCompliance #FraudPrevention #DeFi #DigitalAssets #FinancialCrime #CyberCrime

The European Commission has adopted a new Delegated Regulation to enhance the regulation of asset-referenced tokens (ART) and e-money tokens under the Markets in Crypto-Assets (MiCA) framework. This regulation introduces Regulatory Technical Standards (RTS) for issuers of significant tokens, detailing: 1️⃣ The procedures to adjust own funds to meet required levels. 2️⃣ Timeframes for compliance, ensuring financial stability. 3️⃣ Steps for competent authorities to monitor and enforce these adjustments. Issuers now have up to 6 months to align their own funds with MiCA requirements, supported by detailed implementation plans and ongoing oversight. Read the full report below 👇 #CryptoRegulation #MiCA #Blockchain

Crypto Crime Alert 🚨 Nigeria’s anti-corruption agency has arrested 792 people in Lagos during a raid on a suspected scam operation. Among those arrested were 148 Chinese and 40 Filipino nationals. The group allegedly ran scams targeting victims in Europe and the Americas, using platforms like WhatsApp and Instagram to build trust through fake relationships or investment offers. Once victims were convinced, they were pressured to send money for fraudulent cryptocurrency schemes. Authorities seized phones, computers, and vehicles during the operation and are now investigating further with international partners. Read more here 🔗 https://lnkd.in/dkEuRub6 #FinancialCrime #FraudPrevention #CyberCrime #CryptoScams #GlobalSecurity #Nigeria