Last week reports emerged that digital currency service Liberty Reserve, based in Costa Rica, had been found guilty of laundering $6 billion. The digital currency service operated as the largest platform for all illegal e-money transactions worldwide.
According to the U.S. Department of Justice (DOJ) who has now seized the website, the undercover money transmitting business was connected to credit card fraud, identity theft, investment fraud, computer hacking, child pornography and narcotics trafficking.
In May 2013, the DOJ branded it as the largest money laundering prosecution in history, when it was indicted for white-washing the earnings. Incorporated in 2006, Liberty Reserve catered to one million users at the time it was indicted, 200,000 of which were based in the U.S.
Interestingly enough, there was a similar crackdown by the DOJ around the same time. A network of eight men based in the U.S. were accused of infiltrating the IT domains of the Bank of Muscat, and National Bank of Ras Al Khaimah (RAKBANK) and raising the limits of prepaid debit cards of both banks. The theft was carried out in two coordinated incidents, the first of which took place in December 2012 when $5 million was stolen from RAKBANK; authorities from India had reported a break-in of RAKBANK’s credit card processing machines.
In February 2013, a similar break-in was reported from New York and Bank of Muscat was the victim. Following the report, fake prepaid debit cards with raised withdrawal limits were distributed to ‘cashers’ from around the world; few days after, 2904 withdrawals were made in New York from a single Bank of Muscat account number for $2.4 million. With other perpetrators from around the world engaged in the same activity, 36,000 withdrawals were made from ATMs in 27 countries, cashing out $40 million within a few hours. Both the events led to a combined theft of over $45 million.
What is worth noting is how both of these Middle Eastern banks were specifically targeted all the way from New York City. This reflects the scale of the Liberty Reserve operation and shows that banks in the region are far from immune from international assault. The U.S. Attorney for the Eastern District of New York, Loretta Lynch, said, “Moving as swiftly as data over the Internet, the organisation worked its way from the computer systems of international corporations to the streets of New York City.”
Further investigations revealed that the masterminds behind the Middle Eastern bank heist were based outside the U.S., but the platform used to transfer money was Liberty Reserve. All the criminals had to do was open an account with the digital service using an email address – which could be fake – and transfer funds to and from money exchangers for a five percent transaction charge. The undercover money exchangers involved within this fiasco were operating in Malaysia, Russia, Nigeria and Vietnam – ideal strongholds given their weak infrastructure.
Interestingly, the same group of hackers who had cracked the processors of both the banks and were using Liberty Reserve for fund transfer had attempted to pull a similar stunt on the machines of Liberty Reserve itself. Had their attempt been successful, it could have led to escalating episodes of related cybercrime. Although it is difficult to guess which of the two preceded the other, the indictment of Liberty Reserve did verify which platform was being used to transfer money stolen from the two Middle East banks.
Such cases of cyber-fraud expose another challenge – that of holding to account those liable in an increasingly complex international cyberspace. Any claim filed is subject to industry security standards, but is it a mere coincidence that both banks attacked were based out of the Middle East?
The fact stands that the theft did take place through a global network of thieves and hackers that managed to successfully crack into the IT infrastructure of Middle Eastern banks and escape with the cash.
Had it not been for a crackdown on Liberty Reserve, the culprits would still be at large. Questions remain unanswered, however the revelations of the Liberty Reserve case shed a degree of light on the inner workings of financial cyber criminals.