Latest news with #Elliptic
Yahoo
2 days ago
- Business
- Yahoo
U.S. Sanctions Funnull for Role in Pig Butchering Scam, Huione-Linked Crypto Wallets
The U.S. Department of the Treasury Office of Foreign Assets Control (OFAC) imposed sanctions on Funnull Technology, a provider of technology for websites allegedly involved in so-called pig butchering scams, and two cryptocurrency wallets said to be linked to Huione Group. Philippines-based Funnull also directly facilitated a scam involving virtual currencies resulting in over $200 million in victim losses, OFAC said in a Thursday press release. In addition, the company is alleged to have acquired several IP addresses from mainstream cloud service providers to sell to cybercriminals. The sanctions also cover a Funnull administrator, Liu Lizhi. The majority of cryptocurrency investment scam websites reported to the FBI are linked to Funnull," Blockchain security firm Elliptic said in a blog post, which also identified the sanctioned wallets as being linked to Huione. The wallets on Ethereum and Tron received funds directly from Huione Pay, part of Huione Group, Elliptic said. Huione was labeled as a "primary money laundering concern" by FinCEN earlier this month. The two addresses received more than $4 million in total, according to Elliptic.
CNA
15-05-2025
- Business
- CNA
2 massive black market services blocked by Telegram, messaging app says
WASHINGTON :Two sprawling digital black markets operating on the communications platform Telegram have been removed, the service said on Thursday. Xinbi Guarantee and Huione Guarantee - Chinese-language markets known for serving cybercriminals and scammers - appeared to be inactive on Thursday. Telegram provided little further detail in a message to Reuters except to say that "criminal activities like scamming or money laundering are forbidden by Telegram's terms of service and are always removed whenever discovered." Blockchain research firm Elliptic said the two markets had collectively facilitated more than $35 billion in transactions since 2021, many multiples higher than other black markets such as the drug-focused Silk Road, which drew international notoriety for distributing drugs over the dark web. "This is a big blow for online fraudsters, who relied on these markets for stolen data, money laundering services and telecoms infrastructure," Elliptic said in a statement. In a brief English-language statement posted to its website, Huione Guarantee - which at one point rebranded as "Haowang Guarantee" - confirmed that it had been blocked by Telegram starting Tuesday and would "cease operations from now on." The firm did not immediately return an email seeking comment. Reuters could not immediately locate contact information for Xinbi. Huione Guarantee is a subsidiary of Cambodia-based Huione Group, which also owns Huione Pay and Huione Crypto, U.S. officials have alleged. Last year, Reuters revealed that Huione Pay had received cryptocurrency then worth more than $150,000 from a digital wallet used by North Korean hacking outfit Lazarus. The report was followed earlier this month by a U.S. move to bar the Huione Group from the U.S. financial system. In a statement, Treasury Secretary Scott Bessent said the Huione Group was the "marketplace of choice for malicious cyber actors."
Yahoo
15-05-2025
- Business
- Yahoo
Telegram Shuts Down 'Largest Illicit Online Marketplace' After Elliptic's Insights
Telegram has shut down the illicit marketplace Haowang Guarantee, formerly Huione Guarantee, which has facilitated transactions totaling over $27 billion in stablecoins since 2021. Haowang was shut down based on insights provided by blockchain analytics firm Elliptic on Tuesday. The closure took place amidst a crackdown on thousands of suspected Chinese crypto-crime channels operating on Telegram, following Elliptic's report into marketplace Xinbi Guarantee. Telegram has now shut down both Huione and Xinbi, which processed a combined $35 billion of illicit transactions in stablecoins, Elliptic wrote in a web post on Wednesday. "Our analysis indicates that Huione Guarantee has facilitated transactions totalling more than $27 billion since launching in 2021, making it the largest illicit online marketplace to have ever operated," Elliptic wrote. Xinbi was the second largest, having processed transactions worth $8.4 billion since 2022, Elliptic added. For perspective, notable "dark web" marketplaces such as the Silk Road and Alphabay processed $216 million and $639 million respectively. Such marketplaces historically operated through anonymous browser Tor, but have more recently shifted their operations to Telegram, the messaging app with over a billion users. Huione and Xinbi are referred to as "guarantee" marketplaces, a term designated for platforms that do not sell goods and services themselves, but provide a venue for merchants to sell to customers.
Yahoo
14-05-2025
- Business
- Yahoo
Telegram Cracks Down on Suspected $8B Chinese Crypto Crime Marketplace Set Up in Colorado
Messaging app Telegram has closed thousands of channels belonging to suspected Chinese crypto-crime marketplaces after new research shed light on the situation, according to Elliptic. The closure follows a report published by the blockchain analytics firm on Tuesday into the fast-growing Telegram-based marketplace called Xinbi Guarantee. The Colorado-incorporated marketplace has processed over $8.4 billion worth of transactions using Tether's USDT stablecoin since 2022. It facilitates services relating to money laundering, operating crypto scam compounds and other illicit services, such as intimidation and sex trafficking, according to Elliptic. 'Elliptic is tracking around thirty other such marketplaces, all leveraging Telegram and stablecoin payments,' the report said. Telegram did not immediately respond to a request for comment. Such marketplaces are a key part of the Southeast Asia-based global cyberscam epidemic by providing scammers with the tools needed to conduct fraud on an industrial scale. One of the biggest such marketplaces is Huione Guarantee, according to Chainalysis, facilitates similar services to Xinbi. The firm behind it, Huione Group, has ties to Cambodia's ruling family. Xinbi and Huione, the two largest Telegram-based marketplaces, are responsible for a combined $35 billion in illicit transactions, Elliptic said. On May 1, the U.S. Treasury's Financial Crimes Enforcement Network (FinCEN) designated Huione Group a 'primary money laundering concern,' saying it helped launder at least $4 billion worth of illicit proceeds between August 2021 and January 2025. Services offered on marketplaces like Xinbi and Huione are infamous for enabling industrial-scale scam compounds across Southeast Asia. These compounds attract victims with the promise of well-paid IT work. When they arrive they are trafficked, imprisoned and forced to carry out online pig butchering scams to pay off phony debts. Xinbi vendors offer Starlink satellite internet equipment, which is often used by scam compounds, fake IDs and databases of stolen personal information used to target potential fraud victims, Elliptic said. Another big driver of business is money laundering services, according to the report. Such services are mostly used to launder the proceeds of pig butchering scams, but funds from North Korean crypto heists are also in the mix. Elliptic found about $220,000 in USDT originating from the $230 million WazirX theft in July was sent to Xinbi, indicating that vendors operating on the marketplace were employed to help launder proceeds of the heist. It's not clear whether North Korean IT workers are interacting with Xinbi vendors directly, though. 'Our hypothesis is that the funds are under the control of Chinese money laundering groups by the time they enter marketplaces such as Xinbi,' Tom Robinson, chief scientist and co-founder at Elliptic, told CoinDesk over email. What sets Xinbi apart from other similar marketplaces, however, is its connection to the U.S. On its website, Xinbi describes itself as an 'investment and capital guarantee group company' operating as a Colorado-based corporation, Elliptic said. The Colorado corporate register shows a company called 'Xinbi Co., Ltd' was incorporated in August 2022, with an office in Aurora, Colorado even though the Chinese-language marketplace is primarily used by fraudsters in Asia. 'These marketplaces depend on trust,' Robinson said. 'A U.S. incorporation does bring some level of legitimacy.' Robinson also noted that similar marketplaces have previously conducted exit scams, where a business stops shipping orders while still receiving payments, eventually walking away with the money. 'Anything that inspires confidence will help attract customers,' he said. In January 2025, the company's status was updated to delinquent for failing to file a periodic report.
Yahoo
14-05-2025
- Business
- Yahoo
Colorado Has a Massive Home-Grown Crypto Crime Problem
A Chinese crypto service called Xinbi Guarantee, an online marketplace for laundering money, for-hire harassment, hacking rings, and sex trafficking, was hiding in plain sight in Colorado — until crypto-tracking group Elliptic caught wind of the operation. According to the firm's latest report, Xinbi's business was mostly conducted through the freewheeling messaging site Telegram, where criminal operatives based mostly in Southeast Asia sold illicit services and orchestrated movements of stolen cash and data. According to Elliptic, around $8.4 billion has been funneled through the crypto operation, primarily by way of Tether stablecoins. Now, though, Xinbi might be in trouble: when Wired — which first reported on Elliptic's findings — reached out to Telegram to inquire about the marketplace, the social media site responded by removing several accounts connected to Xinbi and its administrators. Per Wired, the bulk of Xinbi Guarantee's transactions are related to "pig butchering" schemes — online scams that involve a fraudster spending weeks or months developing a close (usually romantic) relationship with a target, before tricking them into investing in phony financial opportunities — and other financial scams. The service was also used to hawk Starlink internet devices, which have been used to power criminal groups around the world. Large sums of stolen crypto funds connected to North Korean hacking sprees also appear to have moved through the service. Other business dealings were even darker. Some criminals offered physical harassment campaigns, while others appeared to be using the site to sell people, including girls as young as 14, for sex. So what does all of this have to do with Colorado? According to Wired, state records show that Xinbi was registered in an Aurora office park in 2022 by someone named "Mohd Shahrulnizam Bin Abd Manap," but has since become "delinquent." Jacob Sims, a visiting fellow at Harvard's Asia Center, told Wired that incorporating a business in the US offers an air of legitimacy and possible routes to hiring staff and making inroads with US entities. However, given the delinquency, Sims added, that might not have worked out. What happens next remains to be seen. Last year, Elliptic unmasked a similar platform, Huione Guarantee, which researchers found had moved around $24 billion in illicit funds. Telegram shut down related channels — but, per Wired, they quickly started cropping back up. The marketplaces are "remarkable for both the scale at which they're operating," Sims told Wired, "and also the brazenness." In response to Elliptic and Wired's new reporting, Telegram says it's once again shut down accounts related to both black markets. "Criminal activities like scamming or money laundering are forbidden by Telegram's terms of service and are always removed whenever discovered," Telegram told Wired in a statement. "Communities previously reported to us by WIRED or included in reports published by Elliptic have all been taken down." More on crypto darknets: Pardoned by Trump, Founder of Silk Road Now Appears to Be Squandering Donations on Stupid Meme Coins
