Huione Guarantee exposed as a $11 billion marketplace for cybercrime
The seemingly legitimate online marketplace Huione Guarantee is being used as a platform for laundering money from online scams, especially "pig butchering" investment fraud, researchers say.
In a pig butchering scam, the victim is tricked into gradually investing money on bogus websites that display high investment returns. The fraud becomes apparent when victims try to withdraw funds, by which time they have usually lost a large amount of money.
According to a report from Elliptic blockchain analytics firm, the merchants on Huine Guarantee have made transactions of at least $11 billion of transactions, some of them linked to various types of cybercrime, including creating websites for investment fraud, personal data sales, and money laundering.
Money-laundering 'merchants'
Huione Guarantee is a Chinese-language online marketplace launched in 2021, owned by the Cambodian conglomerate Huione Group.
The platform’s use terms declare that it is not responsible for what is being sold, taking a neutral stance that doesn’t involve cracking down on illicit offerings.
However, the platform still guarantees the safety of the transactions, providing an escrow system to users through Huione Pay, so it has an active role in facilitating the sale of illegal items.
According to Elliptic’s investigation, the lack of moderation combined with a solid payment framework has created a fertile ground for cybercriminals to buy and sell the following items/services:
- Launder sextortion and “pig butchering” proceeds
- Accept victim payments and convert them into cash, stablecoins, and Chinese payment app credits.
- Create cryptocurrency investment scam websites used in “pig butchering” operations.
- AI-powered face-swapping software to be used when communicating with victims.
- Stolen personal data, including contact details, used for targeting potential victims.
- Telecom equipment to facilitate scam operations.
- Torture and control equipment used in scam compounds.
Elliptic says Huino Guarantee essentially operates similarly to darknet markets and even implicates its staff in money laundering operations.
The researchers observed messages in chat groups on the platform where a user requested help laundering $2 million from a scam. A representative of Huione International Payments, part of Huione Pay, responded to the request and agreed to handle the process for a 10.5% cut.
According to Elliptic, Huione Guarantee is one of the key enablers of scam operators in South East Asia and based on the evidence uncovered, the payments system for the merchant platform "is actively involved in laundering the proceeds of scams from around the world."
The blockchain analytics company has collected hundreds of cryptocurrency addresses controlled by Huione companies and merchants on Huino Guarantee.
Crypto exchanges and law enforcement can use them to track payments and block the laundering of illicit funds on the platform.
source: BleepingComputer
Free security scan for your website
Top News:
Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474)
November 18, 2024CWE top 25 most dangerous software weaknesses
November 21, 2024Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor
November 21, 2024Microsoft rolls out Recall to Windows Insiders with Copilot+ PCs
November 23, 2024Download: CIS Critical Security Controls v8.1
August 8, 2024Hackers now use AppDomain Injection to drop CobaltStrike beacons
August 24, 2024