Now that authorities in Spain, Costa Rica and the U.S. have taken down online money transfer service Liberty Reserve, the cyber underground is facing a serious liquidity crunch, as criminal gangs, botmasters, spammers and malicious hackers look for a safe platform on which to transact business.
But finding a ready substitute may not be easy, with Liberty Reserve’s close competitors showing less tolerance of its “no questions asked” account creation policy, and less scrupulous outlets wary of the long arm of the U.S. Justice Department.
Liberty Reserve (libertyreserve.com) went offline on Friday along with dozens of other domains operated by its founder, Arthur Budovsky – a.k.a. “Arthur Belanchuk” a.k.a “Eric Paltz.” Budovsky was arrested in Spain on May 24th. Spanish authorities acted at the request of authorities in Costa Rica, where Budovsky had set up shop, and the U.S. A three-count criminal complaint filed there by the U.S. Attorney for the Southern District of New York charged him and former colleagues with conspiracy to commit money laundering and operating an unlicensed money transmitting business.
In addition to arresting Budovsky, authorities also seized libertyreserve.com, which on Wednesday displayed a prominent notice that the domain name had been seized, and displaying the logos of the U.S. Department of Justice, Department of The Treasury and United States Secret Service. The federal government also seized dozens of other Web domains operated by Budovsky and used for money transfers. They include sites like exchangezone.com, asiangold.com and swiftexchanger.com.
In all, Budovsky’s various online operations are alleged to have processed around $6 billion in online commerce. The impact of those arrests was felt around the world. Brian Krebs of Krebsonsecurity.com reported that the shutdown of libertyreserve.com prompted immediate chatter in underground forums, where suspected cyber criminals fretted about money left on deposit at Liberty Reserve. When added up, those funds may total millions of dollars, according to the Costa Rican daily Tico Times.
That’s a drop in the bucket for the billion dollar industry that is global cybercrime, and it was common practice in underground circles not to keep large deposits in any of the online exchanges, given previous take downs at firms like e-gold.
The bigger problem facing cyber criminals is finding a reliable alternative to Libertyreserve.com and the network of other, similar sites Mr. Budovsky operated.
Within hours of the shutdown, Liberty Reserve users flocked to its main rival, Perfect Money (perfectmoney.com). That prompted the Panama-based company to conduct an emergency server upgrade, and a policy change on Monday to prohibit new registrations from U.S. citizens.
Perfectmoney.com’s decision not to accept new registrations “from individuals or companies based in the United States of America” suggests that many existing exchanges may be wary of the long arm of U.S. law enforcement. Other firms, such as Moscow-based Webmoney (wmtransfer.com) and goldmoney.com, which operates from the British Channel Islands, have stricter requirements for setting up individual and merchant accounts, and require actual bank- or credit card accounts to manage transfers. That kind of paper trail makes them unpalatable to many cyber criminal outfits.
Still, its likely that other exchanges will spring up to fill the void left by Liberty Reserve, just as Liberty Reserve rose from the ashes of early currency exchanges like e-gold.
“(Liberty Reserve) wasn’t the first take down of an e-currency widely used by fraudsters. e-gold suffered a similar fate back in 2007 and there weren’t any notable take downs of e-currency platforms since,” said Idan Aharoni, the head of cyber intelligence at the security firm RSA. “Fraudsters are most likely to migrate to a new e-currency, such as PerfectMoney or Bitcoin. It currently seems that the majority of fraudsters are moving to PerfectMoney, but as the migration is currently taking place it is hard to say where all the chips may fall.”
A bigger problem for online criminals may be follow-on prosecutions that stem from assets and information seized in the takedown of Liberty Reserve. “Liberty Reserve acted as the financial infrastructure of most trading that took place in the underground economy. As such, it contains vital information on many transactions that took place in cybercriminal circles,” Aharoni said in an e-mail.”Naturally, this information is of high-value to law enforcement agents…Assuming that Law Enforcement has this information…it can help Law Enforcement map the various connections within the underground economy and associate multiple identities to specific actors,” he said.