Fraud Defense Sees Terraform Labs Pursue Access to FTX Wallets

Beosin Report: Crypto Rug Pulls Surpass DeFi Exploits in MayAccording to a recent report by blockchain security firm Beosin, losses from “rug pulls” or “exit scams” in the cryptocurrency space exceeded the amount stolen from decentralized finance (DeFi) projects during the month of May.The report, published on June 1 by Beosin Blockchain Security, revealed that rug pulls and scams resulted in losses of over $45 million across six incidents during the month. Beosin is headquartered in Chengdu, in China’s Sichuan province. The firm uses formal verification methods to secure smart contracts.In general there were 22 security incidents in the digital assets space over the course of the month. That overall figure accounts for losses totaling $20 million, and represents a vast improvement on the previous month.Three of the incidents were accounted for by security issues related to hardware wallets such as the Trezor and imKey wallets. Six were rug pulls/crypto scams, two were crypto crime incidents while another implicated a critical vulnerability relative to zero-knowledge proof technology.Photo by Tara Winstead on PexelsDeFi protocol attacksIn contrast, there were 10 attacks on DeFi protocols, amounting to $19.7 million in stolen funds. This figure represents a significant decrease of nearly 80% compared to April, and the losses from these types of exploits had been declining for two consecutive months, as per Beosin’s findings.The largest rug pull incident in May involved the alleged disappearance of $32 million associated with the crypto project Fintoch on May 24. Meanwhile, the largest attack on a DeFi platform was a $7.5 million breach targeting Jimbos protocol, according to Beosin’s report.Shifting hacker strategyBeosin noted a shift in the targeting strategy of hackers and scammers, who are now increasingly focusing their attacks on ordinary users rather than various project parties. To mitigate risks, the report recommended that crypto users enhance their anti-fraud awareness, conduct thorough due diligence before investing in projects, and learn how to improve the security of their digital assets.The report also issued a warning against using shared or public charging devices for mobile phones. Beosin highlighted the potential risks associated with these devices, as they could be manipulated to inject malicious programs that compromise private keys. This caution aligns with a similar advisory issued by the United States Federal Bureau of Investigation (FBI) in April.The FBI’s Denver office cautioned against using public USB ports, including those found at airports, due to the potential introduction of malware and monitoring software onto devices. Instead, they suggested carrying a personal charger and USB cord for use with electrical outlets.As the cryptocurrency landscape continues to evolve, it is crucial for users to remain vigilant and proactive in safeguarding their investments. With the rise of rug pulls and the ongoing threats in the DeFi space, staying informed, exercising caution, and adopting robust security measures are essential for protecting one’s digital assets in this rapidly changing industry.

A Korean Lawmaker’s Crypto Holdings Worth $4.5M Spark ControversySouth Korean lawmaker Kim Nam-kuk, a member of the opposition party Democratic Party of Korea (DPK), has recently come under scrutiny due to his reported possession of 800,000 WEMIX tokens from January to February last year, as reported by the Maeil Business Newspaper. These tokens were worth approximately 6 billion KRW or $4.5 million at the time. While Korean lawmakers are obligated to disclose their wealth, virtual assets are an exception. The disclosure of Kim’s ownership of these tokens has ignited controversy, as it unveiled a wealth magnitude significantly greater than previously understood.Photo by Karolina Grabowska on PexelsTravel Rule regulationA central issue in the unfolding dispute is the source of Kim’s investment in the WEMIX tokens. It has been reported that he purchased a significant amount of these tokens between January and February last year and withdrew the entire sum between February and March before the crypto exchange implemented measures to comply with the Travel Rule regulation. This rule requires that financial authorities be informed of transactions over 10 million KRW ($7,500). After the crypto exchange reported the transactions to the Financial Intelligence Unit of the Financial Services Commission, the government agency requested a warrant to search Kim’s account due to the transactions’ abnormality. However, the court dismissed the request.Jeonse deposit to LG Display sharesIn response to the controversy, Kim took to a YouTube channel on Tuesday to explain his WEMIX token investments. He stated that he had retrieved 600 million KRW ($450,000) after his jeonse contract expired and used the money to purchase LG Display shares. Jeonse a housing rental system in Korea where tenants put up a lump-sum refundable deposit on a rental space for a two-year stay. Kim claims that these LG Display shares later rose in value to 985.7 million KRW ($744,000) in January 2021 and that he used this sum to purchase the tokens.Account balance and WEMIX tokensDespite his explanation, there are still questions surrounding Kim’s sudden increase in his bank account balance. His account balance reportedly increased from 100 million KRW ($76,000) at the end of 2020 to 1.12 billion KRW ($850,000) by the end of 2021, which raised suspicions. If Kim had directed all the money withdrawn from the LG Display shares to WEMIX tokens, it is unclear where the additional $774,000 in his account came from. Kim has reportedly explained to his party’s leadership that he retrieved the principal amount of his investment due to the increase in the WEMIX token price. However, this explanation has not satisfied some critics.Insufficient explanationIn an attempt to address these concerns, Kim shared part of his bank transaction records on Monday. However, this disclosure has fallen short of addressing all the questions that have been raised, such as the precise amount invested in the tokens and their purchase prices. There is still significant public scrutiny and skepticism surrounding Kim’s explanation for his crypto holdings, and it remains to be seen if further disclosures will be made.Kim apologized to the Korean public via Facebook for any disappointment caused, especially amid challenging economic conditions. However, he denied accusations of using undisclosed information or unlawfully acquiring wealth. Kim maintained that all transactions were transparently made using only his own wallets through his real-name bank accounts.Potential insider trading and conflict of interestNevertheless, the public’s acceptance of his explanation is yet to be seen, as questions about his $4.5 million virtual assets persist, particularly given his reported total wealth of around $1.1 million. There are concerns surrounding the possibility of insider trading. Furthermore, Kim’s participation in proposing a bill to defer tax implementation on digital assets has triggered suspicions of a potential conflict of interest.Call for an impartial third partyRecent updates indicate that the prosecution is considering requesting a warrant against Kim in relation to the controversy surrounding his crypto holdings. The Anti-Corruption and Civil Rights Commission is also examining if his participation in proposing the bill constitutes a conflict of interest. It is evident that an impartial third party will need to investigate and analyze all relevant information to resolve this dispute. Until a thorough and unbiased investigation takes place, the public’s concerns and questions are likely to continue.

Strengthened KYC Spurs More Suspicious Transaction Reports from Korean Crypto ExchangesIn South Korea this year, there has been a significant surge in the number of suspicious transaction reports (STRs) related to cryptocurrencies, according to local news agency Yonhap.This increase is primarily attributed to cryptocurrency exchanges fortifying their Know Your Customer (KYC) procedures. This proactive response follows the controversy surrounding lawmaker Kim Nam-kuk’s significant virtual asset holdings, which were unveiled in May. His scandal came to light when a substantial amount of WEMIX tokens, valued in billions of Korean won, were transferred from the Bithumb exchange to the Upbit exchange. Upbit, deeming it a suspicious transaction, promptly reported the matter to the Financial Intelligence Unit (FIU) of the Financial Services Commission (FSC).Photo by ron dyar on UnsplashGrowing number of suspicious transaction reportsAs the scandal continued to gain traction, the political realm reached a consensus to conduct investigations into the cryptocurrency holdings of all lawmakers. Additionally, the National Human Rights Commission of Korea initiated the tracking of all lawmakers’ cryptocurrency holdings last month, a process set to span 90 days.Data received by lawmaker Yoon Young-deok on October 30 from the FIU reveals that the number of STRs originating from virtual asset service providers (VASPs) has reached 11,646 in the first nine months of this year. This figure has already exceeded last year’s total of 10,797 STRs.Under the current Act on Reporting and Using Specified Financial Transaction Information, commonly referred to as the Financial Transaction Reporting Act, VASPs are mandated to report to the FIU if they have reasonable grounds to suspect that a customer’s financial transactions are connected to illicit property, money laundering, or terrorist financing. The Act has been in full effect since October 2021.In 2021, a total of 199 reports were submitted under this Act. The number of reports surged to over 10,000 the following year, and in the current year, it continues to grow at an even faster rate. The FIU reviews and analyzes these STRs in accordance with Article 10 of the Financial Transaction Reporting Act. It forwards the relevant information to law enforcement agencies only when it is deemed necessary for the investigation of a specific criminal case.Enhanced but varied approaches by exchangesCrypto exchanges have bolstered their customer verification requirements, especially for customers deemed to have a high risk of involvement in money laundering, in accordance with the Financial Transaction Reporting Act. This entails the need for additional scrutiny of the source of funds and the purpose behind transactions. Notably, if customer verification appears suspicious, exchanges are mandated to confirm the authenticity of the information using reliable documents.However, it’s important to note that the enforcement decree accompanying this Act grants exchanges the flexibility to verify documents based on their own business guidelines. This autonomy has been provided to assist exchanges in effectively mitigating money laundering risks by taking into account their individual business rights and characteristics.For instance, Upbit, South Korea’s largest cryptocurrency exchange, has implemented a fraud detection system (FDS) powered by artificial intelligence to continuously monitor and identify fraudulent transactions. This initiative has earned Upbit recognition from the FIU as an outstanding organization for reporting suspicious transactions during the first half of this year.On the contrary, Bithumb has devised and applies internal guidelines dedicated to anti-money laundering (AML) measures. The exchange has instituted a streamlined customer verification process for customers who are assessed as having a low likelihood of being engaged in money laundering activities. However, this simplified process is not extended to individuals from countries that have not adopted the recommendations of the Financial Action Task Force (FATF).Korbit monitors information related to customer verification through a dedicated department. It declines transactions for customers who have not undergone sufficient verification and validation procedures.Coinone’s AML department examines customer transactions comprehensively. It maintains ongoing reviews of customer information, business operations, risk assessments, and the source of funds. If any of these aspects are found to be suspicious or inadequate, the AML department proceeds with additional customer verification, including the disclosure of the source of funds.Some raise concerns about the inconsistency in customer verification standards for AML and STRs across different exchanges. When one exchange flags a transaction as suspicious, another might see it as routine. Such discrepancies highlight the need for uniform guidelines. Addressing this, the Digital Asset eXchange Association (DAXA), consisting of Korea’s five leading currency exchanges — Upbit, Bithumb, Coinone, Korbit, and Gopax — has set up an AML division to devise standardized rules for STRs.