Liberty Reserve arrests are causing ‘pain’ to criminals
The takedown of the Liberty Reserve digital cash exchange has caused “pain” to criminals who used the facility, according to a leading security expert.
Brian Krebs said he had seen comments on crime-linked restricted access forums suggesting many had suffered “steep losses”.
US prosecutors published an indictment against the site’s staff on Tuesday.
It says they deliberately helped users “distribute, store and launder the proceeds of their illegal activity”.
He added that about $25m had been seized following the arrest of Liberty Reserve’s founder Arthur Budovsky in Madrid, Spain.
Four others have also been arrested and at least a further two men are being sought. In addition, computer servers used by the firm in Costa Rica and Switzerland are being examined.
According to the indictment, Liberty Reserve was estimated to have had “more than one million users worldwide”, a fifth of whom were in the US.
However, since the site is accused of failing to verify its members’ identities, it is unknown how many accounts were registered to identical individuals.
“Short-term it will cause quite a bit of pain,” Mr Krebs told the BBC.
“If you’re running a cybercrime operation and you lose half or three-quarters of your capital that can hurt and put a dent in your overall ability to perpetuate your business or whatever you are doing.
“The medium to long-term impact is going to hinge largely on what law enforcement is able to glean from the data it has taken from Liberty Reserve.
“It may lead them to be able to identify people who are ringleaders in cybercriminal activity. That said, it’s very likely that information is heavily encrypted, and [based on the experience of other cases] the government is going to need the co-operation of the people they’ve arrested.”
Child abuse
Troels Oerting, head of Europol’s European Cybercrime Centre, added that EU police forces had also long been aware that criminals were making use of Liberty Reserve.
“It created an infrastructure that was popular with criminals because they provided financial transactions without any trace, which could be done anonymously. Then they took their cut,” he said.
“We’ve known about Liberty Reserve for a long time. It’s served a lot of cybercriminals involved in activities such as online credit card fraud, identity theft and hacking but also child sexual exploitation and the drugs trade.
“This [takedown] will be a stiff blow, but unfortunately the criminals will adapt and there be other services like this that require law enforcement to continuously do operations like this.”
He added that the EU law enforcement agency had been informed of the case but it was not involved in the US’s current investigation.
Wider crackdown?
This is not the first time the US has targeted services offering users an opportunity to carry out transactions via the internet while preserving their anonymity.
The operators of E-Gold, the Shadowcrew message board and the Western Express International Currency Exchange have all faced prosecution over the past decade for violating money-laundering regulations.
However, some believe the latest move could be part of renewed efforts to tackle the problem.
On 18 March the US Treasury issued guidance making it clear its anti-money-laundering rules applied to administrators and exchanges offering any type of virtual cash which acted “as a substitute for real currency”.
Newspaper reports focused on how this might be applied to Bitcoin.
However, Mr Krebs noted that the fact Bitcoin was not pegged to another currency would have scared many criminals away.
“Currency stability is really important for these guys,” he said.
“With Liberty Reserve one dollar equals one Liberty Reserve dollar.
“That’s not the case with bitcoins. A lot of people have said, ‘What happens if I pay this guy and he waits until the next day to cash out and the deposit is worth 50% less?'”
Mr Krebs noted that one of Liberty Reserve’s main competitors – Webmoney – no longer accepts new sign-ups by US citizens.
The Russian company offers currencies pegged to dollars, euros, roubles and gold among other options.
A spokesman for the firm told the BBC that the ban dated back to March 2012 when it first received notification of changes to the US payment systems legislation, and followed “long correspondence with officials in Washington”.
Yegor Kuzin added: “There never [has] been a possibility to register in Webmoney Transfer anonymously and make transactions without verified personal information.”
Another electronic currency provider, Panama-based Perfect Money, introduced a similar policy last weekend. A spokesperson could not be reached for comment.
Bank accounts
Mr Budovsky and the other men facing charges have yet to appear in court.
In the meantime US prosecutors have begun releasing some of the evidence they may use if the case goes to trial.
It includes screenshots showing how an undercover agent was able to sign up to the service calling himself Joe Bogus and using “tostealeverything” as his account name without apparently setting off a red flag.
In addition they revealed a Barclays Bank personal account registered to Mr Budovsky’s name was one of several that had been seized. The British firm confirmed to the BBC it had been co-operating with investigators since last week.
Warrants have also been issued for funds deposited with Cyprus’s Hellenic Bank, Australia’s Westpac and Russia’s Sovetsky Bank among others.
For more on this story go to:
http://www.bbc.co.uk/news/technology-22699871