Latest news with #TRMLabs
Coin Geek
29-07-2025
- Business
- Coin Geek
Russia looks to Kyrgyzstan's crypto industry to evade sanctions
Getting your Trinity Audio player ready... A new report has indicated that Russian actors are using Kyrgyzstan's digital asset ecosystem to evade international sanctions and purchase dual-use goods for its ongoing war in Ukraine. According to research from U.K.-based blockchain intelligence firm TRM Labs, published in a July 21 blog post, Kyrgyzstan-registered exchanges have 'repeatedly facilitated transactions linked to sanctioned Russian entities.' It noted that 'many of these virtual asset service providers (VASPs) show indicators of being shell companies — including the reuse of identical residential addresses, founders, and contact information across multiple entities.' The report also found that several of these Kyrgyz exchanges exhibited similar on-chain heuristics to Garantex, a Russian digital asset exchange that was the subject of an international operation to disrupt its operations due to facilitating terrorist financing and sanctions violations. 'The high-risk exchange Grinex—likely a rebranded successor to Garantex—was also registered in Kyrgyzstan,' said the report. 'On-chain analysis suggests that Grinex and other Kyrgyz-based exchanges may have played a role in moving funds after the takedown, underscoring Kyrgyzstan's growing importance as a conduit for post-sanctions Russian financial activity.' TRM Labs observed increasing instances of Russia-linked actors exploiting Kyrgyz-registered exchanges to circumvent international sanctions and move funds. Some of these exchanges, said the report, 'display behavioral heuristics similar to the sanctioned Russian exchange Garantex and appear to have served as conduits for funds following law enforcement action against Garantex in 2025.' This pattern was found in several other entities as well, according to the report. Russia's route out of its sanctions hole Russia has been the subject of massive and unprecedented international sanctions since its illegal invasion of Ukraine in February 2022, making it the most sanctioned nation on Earth. With an ailing economy—some suggesting it is on the brink of collapse—and in the face of such severe restrictions as being shut out from the international financial messaging system, Society for Worldwide Interbank Financial Telecommunication (SWIFT), Russia has increasingly turned to the digital asset space for a reprieve. The appeal to a heavily sanctioned nation of being able to exchange and transfer funds instantaneously via an anonymous (or pseudonymous) and decentralized peer-to-peer network, not controlled by any antagonistic nation, is obvious. However, the ability to track and trace funds on the blockchain and the increasing legitimization of the digital asset space have made this route to international monetary freedom more difficult. Many popular exchanges and crypto-companies, such as and LocalBitcoins, and Kraken, have felt the need to comply with international sanctions against Russia, including European Union-mandated bans on all digital asset wallets, accounts, or custody services to Russian entities and accounts. Suspiciously booming Kyrgyzstan industry The TRM report noted that, since Russia invaded Ukraine, its economic ties with Kyrgyzstan have deepened significantly. While Russia-linked activity accounted for almost all of Kyrgyzstan's digital asset industry after the invasion, before February 2022, it was 'virtually nonexistent.' In January 2022, Kyrgyzstan passed digital currency-friendly legislation which, amongst other measures, recognized digital assets as property and established a registration regime for virtual asset service providers (VASP). Since then, the Central Asian Republic, formerly part of the USSR, has rapidly emerged as a crypto hub. According to TRM Labs, 'by October 2024, Kyrgyzstan had issued 126 VASP licenses, fueling a sharp rise in digital asset activity. Transaction volume by licensed VASPs surged from USD 59 million in 2022 to USD 4.2 billion in just the first seven months of 2024.' This booming industry would not be a problem, were it not for the fact that VASPs registered in Kyrgyzstan shared 'suspicious' on- and off-chain overlap with Russian entities, including identical registration addresses at private residences, phone numbers and emails tied to freight companies or other VASPs, named founders linked to multiple other providers, no discernible background in business or digital currency, and/or no functional user registration processes. As well as the example of Garantex and Grinex, the report pointed to the Kyrgyz exchange Envoys Vision Digital Exchange (EVDE), which registered a digital currency wallet address tied to the Rusich Group, a Russian paramilitary organization sanctioned by the U.S. Treasury's Office of Foreign Assets Control (OFAC) in 2022 for its involvement in the war in Ukraine. 'Beyond its on-chain exposure, the exchange also shows several off-chain links to cross-border logistics firms and a Chinese financial institution, suggesting a wider support infrastructure that warrants further scrutiny,' said TRM Labs. Plugging the hole? In terms of what can be done about this sanction loophole that Russia appears to have found, TRM Labs recommended several measures. If Kyrgyzstan is being exploited rather than complicit, the report suggested implementing stronger ownership requirements, such as mandating the physical presence or local residency of company principals, which would raise barriers for foreign bad actors. Similarly, increasing transparency around funding sources would reduce the appeal of Kyrgyzstan as a destination for shell entities.' However, if Kyrgyzstan is an equal partner in facilitating Russia's sanctions evasion, 'governments and law enforcement agencies seeking to counter Russia's sanctions evasion toolkit need to urgently engage directly with Kyrgyz authorities on compliance.' Without proactive intervention, argued the report, the model Russia has implemented in Kyrgyzstan can be easily exported: 'If left unchecked, Russia could replicate these same playbooks in neighboring jurisdictions — further weakening the global sanctions regime and enabling the continued flow of funds to fuel aggression, procurement, and destabilization.' Watch | Tech of Tomorrow: Diving into the impact of tech in shaping the future title="YouTube video player" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen=""> Garantex Kyrgyzstan Russia Sanctions SWIFT TRM Labs Ukraine
Gizmodo
28-07-2025
- Business
- Gizmodo
Sam Altman Is Right: AI-Powered Crypto Scams Are Exploding
Finally, a profession that has managed to successfully integrate artificial intelligence into its workflow: Crypto scammers. According to a report from blockchain intelligence firm TRM Labs, crypto scams are up 456% over the last year, due in large part to the ability to produce deepfake audio and video clips with artificial intelligence tools—making good on OpenAI CEO Sam Altman's recent prediction/warning that a fraud crisis is just around the corner. There's no doubt the fraud situation is getting bad. The FBI said it received about 150,000 fraud complaints related to cryptocurrency scams in 2024, with people reporting having lost over $3.9 billion in total. Globally, that figure skyrockets to $10.7 billion according to TRM Labs data. You can go ahead and round those figures way up, too. Speaking to the New York Post, Ari Redbord, the Global Head of Policy at TRM Labs, said that only about 15% of victims actually report these crimes. These scams are a leveling up of the so-called pig butchering attacks that have become popular in recent years because they don't just take advantage of people via text. AI now allows scammers to create realistic-looking and sounding audio and video that can trick a person into thinking they are talking to someone real—potentially even a loved one or familiar face. TRM Labs warned that as AI models gain agentic abilities that allow them to interface with things like email and other apps, the process of scamming is going to get automated and a lot more prevalent. Last week, Sam Altman started ringing the alarm bells on the same problem—though he's not just worried about scammers taking advantage, but rather the entirety of our existing security apparatus getting defeated. While speaking at a banking regulatory conference, Altman said that AI has already 'fully defeated' most authentication services that humans rely on to verify their identity and access their sensitive accounts. 'Society has to deal with this problem more generally,' Altman said, presumably while dressed in a hot dog suit and shouting, 'We're all trying to find the guy who did this.' To that end, Altman's own company announced earlier this month that it was releasing a ChatGPT Agent that could effectively interact with a computer the same way a human can, switching between apps and completing multi-step tasks that require doing things like logging into different accounts and making decisions. Altman's warning of a scam apocalypse seems to have shades of the general warnings that AI execs have been offering about the potential risk of artificial general intelligence, ie, 'This could be really bad, but we are absolutely not going to stop.'
Yahoo
16-07-2025
- Business
- Yahoo
How Generative AI's 'Deepfake Economy' Is Hobbling Small Businesses
Over the past few years, the potential uses of generative AI, both positive and negative, have been talked to death. However, there's one application of the technology that small business owners are saying is often overlooked: the deepfake economy. Several small business owners told Business Insider that since ChatCPT's debut three years ago, the deepfake economy has blown up. Now, scammers are using these deepfakes to pose as employees of a company, running cons that are wreaking havoc on the brands' reputations and bottom lines. Don't Miss: Named a TIME Best Invention and Backed by 5,000+ Users, Kara's Air-to-Water Pod Cuts Plastic and Costs — $100k+ in investable assets? – no cost, no obligation. An unnamed finance clerk at engineering firm Arup told the outlet about a time he joined a video call with his AI versions of colleagues. One of these "colleagues," supposedly the company's chief financial officer, asked him to approve a series of overseas transfers worth more than $25 million. Believing that the request came from his boss, the finance clerk approved the transactions. Only after the money had been sent did he learn that the colleagues were actually deepfake recreations of his real coworkers. The finance clerk isn't the only one being deceived by these impressionists. According to data from Chinabuse, TRM Labs' open-source fraud reporting platform, generative AI-enabled scams rose by 456% between May 2024 and April, when compared with the same period the year before. Another survey from Nationwide Insurance released in September found that 12% of small business owners had faced at least one deepfake scam within the previous year. Small businesses, the survey said, are more likely to fall victim to these types of scams because they lack the cybersecurity infrastructure of larger companies. Trending: This AI-Powered Trading Platform Has 5,000+ Users, 27 Pending Patents, and a $43.97M Valuation — Rob Duncan, vice president of strategy at Netcraft, told Business Insider that he isn't surprised at the increase in highly personalized attacks against small businesses. Generative AI has made it much easier for inexperienced scammers to pose as brands and launch these scams. As AI continues to improve, "attackers can more easily spoof employees, fool customers, or impersonate partners across multiple channels," he said. Many of the platforms used by small businesses, like Teams and Zoom, are getting better at detecting AI and weeding out accounts that don't have real people behind them. However, many experts worry that improved detection tools are making the AI problem worse. Beyond Identity CEO Jasson Casey told Business Insider that the data collected by platforms like Zoom and Teams is not only used to suss out deepfakes but to train sophisticated AI models. This creates a vicious cycle that becomes "an arms race defenders cannot win.'Casey and Robin Pugh, the executive director of non-profit Intelligence for Good, say that small businesses can best protect themselves from deepfake scams by focusing on confirming identities rather than disproving AI use. They also warn that these generative AI-based scams will not be going away anytime soon. Nina Etemadi, cofounder of a Philadelphia-based small business named Cake Life Bake Shop, agrees, telling Business Insider, 'Doing business online gets more necessary and high risk every year. AI is just part of that." Read Next: Many are using retirement income calculators to check if they're on pace — Image: Shutterstock UNLOCKED: 5 NEW TRADES EVERY WEEK. Click now to get top trade ideas daily, plus unlimited access to cutting-edge tools and strategies to gain an edge in the markets. Get the latest stock analysis from Benzinga? APPLE (AAPL): Free Stock Analysis Report TESLA (TSLA): Free Stock Analysis Report This article How Generative AI's 'Deepfake Economy' Is Hobbling Small Businesses originally appeared on © 2025 Benzinga does not provide investment advice. All rights reserved.
Business Insider
28-06-2025
- Business
- Business Insider
BTC, ETH, XRP: Crypto Thefts Hit Record $2.1 Billion in Year's First Half
Cryptocurrency investors have lost $2.1 billion to hacks, thefts and scams in this year's first half, the worst six-month period on record for the security of digital assets such as Bitcoin (BTC), Ethereum (ETH), and XRP (XRP). Confident Investing Starts Here: Easily unpack a company's performance with TipRanks' new KPI Data for smart investment decisions Receive undervalued, market resilient stocks right to your inbox with TipRanks' Smart Value Newsletter A new report from TRM Labs found that there have been 75 major incidents related to cryptocurrencies in the first six months of 2025. That topped the previous first half record set in 2022 by about 10% and nearly matched the amount of crypto assets stolen in all of 2024. TRM Labs blames the rise in crypto thefts on North Korea intensifying its cyber attacks in the crypto space. Researchers say North Korean-linked groups are responsible for $1.6 billion, or 70% of all the stolen funds from digital assets this year. State Actors The biggest hack that occurred in this year's first half was the $1.5 billion Bybit hack that took place in February. The Bybit attack is widely viewed as the largest crypto theft in history and is believed to have been perpetrated by North Korea. TRM Labs says that crypto hacks and cyber attacks by nation states are evolving and pose the biggest threat to investments related to digital assets. Additionally, more than 80% of the crypto funds stolen in this year's first half stemmed from infrastructure-level breaches, including private key thefts and front-end hijacks. Bitcoin, the largest crypto by market capitalization, has risen 15% this year. Is BTC a Buy?
Yahoo
28-06-2025
- Business
- Yahoo
Crypto's Worst Six Months Yet? North Korea Hacks Lead to $2.1B in Thefts
Crypto investors lost over $2.1 billion to hacks and exploits in the first half of 2025, marking the worst six-month period on record for crypto security and an indication of some nation-states intensifying their cyber campaigns in the crypto space. The 75 recorded incidents crossed the previous H1 high from 2022 by roughly 10% and nearly match the entire 2024 total, a TRM Labs report released Friday said. But raising alarms is who is doing a major part of the stealing. Researchers say North Korean-linked groups are responsible for $1.6 billion, or 70% of all stolen funds this year. At the center of the surge is the $1.5 billion Bybit hack in February, now believed to have been carried out by North Korea, marking the largest crypto theft in history and skewing the year's average hack size to $30 million — or double last year's levels. The threat isn't limited to Pyongyang. On June 18, a group believed to be linked to Israel, Gonjeshke Darande (Predatory Sparrow), stole $90 million from Iranian exchange Nobitex, reportedly in retaliation for the platform's alleged role in sanction evasion. The stolen funds were sent to vanity addresses (which are un-spendable by design and sent tokens are deemed burnt), suggesting a political motive over profit. Attack vectors are evolving fast. Over 80% of stolen funds stemmed from infrastructure-level breaches, including private key thefts and front-end hijacks. These attacks, often involving social engineering or insider access, are proving to be ten times more lucrative than traditional smart contract exploits. DeFi vulnerabilities, including flash loan and reentrancy attacks, which were prevalent in 2021-22, accounted for a relatively small 12% of the losses.
