Under increased pressure from regulators across the globe, digital currency asset providers have enhanced automated verification capabilities and increased adoption of Know Your Customer (KYC) practices while developing sophisticated compliance programs.
Review of the most popular Russian speaking cybercriminal forums identified a significant uptrend in the requests to obtain “fullz” for digital currency accounts. Across multiple top tier forums, individuals are claiming not only to sell verified accounts, but also have access to accounts at multiple exchanges.
The below screenshots are from a Russian speaking cybercriminal forum that claims to sell Verified accounts at digital currency exchanges. A year ago I wrote about how this trend is likely coming to the digital currency industry and will mimic traditional “fullz” type services targeting the credit card industry.
An increased attention in identifying flaws in the verification process is also trending across multiple cybercriminal forums. From testing fraud calculation scores with various login tactics, to altering meta data of KYC photos, cybercriminals are becoming more creative in efforts to obtain the coveted verification to launder proceeds of crimes.
“KYC documents only involve a small portion of fraud score”
“As for the fraud calculator — all right, I confirm. ********shoots on browser prints with threatmetrix service, and also knows how many parameters from behavior in the acre, ending with the DNS mismatch on socks.”
The increase in interest to buy Bitcoin without KYC is not limited to cybercriminal forums accessed via the Tor Browser. The below screenshots are results from searching DuckDuckGo, Darksearch.IO, and Google.