The report by BAE Systems and SWIFT describes the “layering technique” used by the North Korean hacking group – Lazarus
British multinational security company BAE Systems Applied Intelligence has collaborated with Society for Worldwide Interbank Financial Telecommunication, or SWIFT, to publish a new report into the methods used to launder stolen funds, such as through the use of cryptocurrencies.
According to a press release, the report, called “Follow the money”, is aimed at highlighting the money laundering tactics such as front companies and cryptocurrencies used to obtain liquid financial assets and avoid any subsequent tracing of the fund.
Cybercriminals target unsuspecting job seekers to serve as money mules, the report explained. They place “legitimate sounding job advertisements, complete with references to the organisation’s diversity and inclusion commitments,” to attract recruits, it added.
Insiders at financial institutions serve as a mechanism to evade the scrutiny of compliance teams carrying out know-your-customer (KYC) and due diligence checks on new account openings, the report outlined. According to the study, money laundering cases via crypto are still relatively small compared to the huge volumes of cash laundered through traditional methods, such as wire transfers.
The report also outlines the laundering methods employed by crypto-based hacking gang, Lazarus Group, which is allegedly sponsored by North Korea.
Lazarus uses the “layering method” to pass stolen crypto funds through transactions in multiple exchanges. Hackers employ East Asian facilitators who transfer crypto across numerous addresses they own to “obfuscate the origin of the funds”.
The joint press release by BAE and SWIFT explained that two organisations were committed to strengthening cyber security for the financial sector. Although the methods used by cybercriminals in attacks have been thoroughly investigated, research into laundering techniques have not been prioritised.
Thus, the report aims to illuminate the techniques used by cybercriminals to ‘cash out’, the organisations stated.
Brett Lancaster, Head of the Customer Security Programme at SWIFT, said, “Attackers are well-resourced, constantly evolving their modus operandi and using untraceable money laundering techniques.”
“The report highlights how the growth in cyber-attacks is increasing the need for the convergence of anti-money laundering, fraud, and cybersecurity processes in financial institutions. It calls for them to increase information sharing, tighten due diligence requirements and smartly invest in maintaining systems to strengthen their defenses,” he added.
Written by Harshini Nag