Skip to main content
  1. Home
  2. Computing
  3. News

Cyber criminals are using illicit virtual currency to fund criminal activity

By

A hand on a laptop in a dark surrounding.
Image used with permission by copyright holder
In the United States in the 1920s, Prohibition was enacted that made the manufacture and distribution of alcohol illegal. Perhaps the most significant impact of Prohibition was the creation of an organized crime infrastructure that was funded by the illegal sale of alcohol but that expanded into many other criminal ventures as well.

Today, the new organized crime syndicates are hacker groups that are responsible for some of the most egregious thefts of personal and business information. According to security company Trend Micro, those hacker groups are being funded by the illegal mining of virtual gaming currency which is then sold to gamers — in a similar fashion to Al Capone and other gangsters who channeled illicit alcohol to thirsty partiers.

The most recent example of virtual gaming currency being generated in massive quantities and then sold for real money involved the popular soccer game FIFA. The FBI is investigating $16 million in FIFA coins that were artificially created and then sold to European and Chinese gamers.

Trend Micro’s assertion is that this money is then used to fund attacks outside of the gaming community. Cyber criminals are therefore enabled in their efforts to go after large businesses that represent valuable targets. Organizations like the Armada Collective, Lizard Squad, and Team Poison are examples of cybercriminal organizations that hacked online games in order to then leapfrog into attacks on enterprises.

trendmicro-security-chart
Trend Micro
Trend Micro

Actions by these cybercriminal groups are more difficult to predict given their efforts do not always have monetary gain as their primary objective. Sometimes they launch attacks merely for publicity and to demonstrate their abilities. Recent distributed denial of service (DDoS) attacks are examples of where these organizations wreak havoc for no reason other than to show off their capabilities.

Trend Micro does not propose any solution to the problem of stolen or counterfeited virtual currency being leveraged for more diverse attacks other than recommending that gaming companies strengthen their security and gamers be more aware of the impact of their purchasing illicit currency.

The company provides a more in-depth discussion of the issue in their paper The Cybercriminal Roots of Selling Online Gaming Currency. It seems the paper should be required reading for anyone responsible for tightening online virtual currency and making sure it is not being used to fund criminal activities.

Topics
Mark Coppock
Mark Coppock
Computing Writer
Mark has been a geek since MS-DOS gave way to Windows and the PalmPilot was a thing. He’s translated his love for…
A dangerous new jailbreak for AI chatbots was just discovered
the side of a Microsoft building

Microsoft has released more details about a troubling new generative AI jailbreak technique it has discovered, called "Skeleton Key." Using this prompt injection method, malicious users can effectively bypass a chatbot's safety guardrails, the security features that keeps ChatGPT from going full Taye.

Skeleton Key is an example of a prompt injection or prompt engineering attack. It's a multi-turn strategy designed to essentially convince an AI model to ignore its ingrained safety guardrails, "[causing] the system to violate its operators’ policies, make decisions unduly influenced by a user, or execute malicious instructions," Mark Russinovich, CTO of Microsoft Azure, wrote in the announcement.

Read more