14 DAY TRIAL // Researchers have uncovered a cybercriminal ring that uses an interesting method to launder their criminal proceeds.
The fraudsters monitored by Trend Micro sometimes rely on the classic method of sending money to unwitting mules and instructing them to wire it via services such as Western Union.
However, the second method is the more interesting one. The cybercrooks purchase various expensive items using stolen payment card information.
The list includes iPads, high-end hard drives from Intel, rifle scopes from Aimpoint, GPS rescue devices for sailors, Samsung Galaxy phones, Surface tablets, video cards, Beats by Dr. Dre headphones, Lenovo computers and other items that are worth over $300 (€230).
These items are shipped to the money mules from the US, who are instructed to send them to another mule in the US, who in turn ships the stolen goods to Russia or Ukraine.
The mules are instructed to ship the first 10 items on their own expense. They’re promised that after the first 10 shipments, they will be reimbursed and that they’ll get a bonus on top of their base salary.
However, experts believe that the mules never see any of the promised money. Internal documents obtained from the cybercriminals show that they only use each mule, which they dub “drops,” for 20 days.
Researchers say that the mules from both the US and Russia are regularly renewed. The websites used to recruit the mules are hosted on an extensive network of reverse proxies to make them more difficult to trace.
It’s also worth noting that the GPS units and the rifle accessories appear to be part of special orders. Trend Micro believes that the crooks might be selling them at high prices in Russia, considering that there are export restrictions for some of these items.