South Korea Disrupts $102 Million Money Laundering Operation

The latest roundup from Information Security Media Group highlights significant cybersecurity events impacting digital assets this week. Notably, South Korea has disrupted a $102 million money laundering ring. In other developments, Saga halted its SagaEVM following a $7 million cross-chain exploit, while Makina Finance reported a loss of approximately $5 million due to oracle manipulation. Additionally, a Utah resident received a three-year sentence for fraud and illegal cash conversion, alongside revelations of a software flaw that allowed traders to exploit Ethereum transaction auctions.

See Also: OnDemand | NSM-8 Deadline July 2022: Keys for Quantum-Resistant Algorithms Implementation

South Korean customs officials have successfully dismantled an international network alleged to have laundered nearly $102 million using cryptocurrency and the local banking system. The Korea Customs Service has referred three suspects for prosecution under the Foreign Exchange Transactions Act.

Investigators claim the network operated between September 2021 and June, misrepresenting illicit transactions as legitimate expenses like cosmetic surgery and international education fees. To avoid detection, the suspects reportedly acquired cryptocurrencies in various countries before funneling them through South Korean wallets, converting them to the local currency, and distributing the funds across multiple bank accounts.

This case arises amid increased scrutiny of illicit foreign exchange practices, with customs officials launching inspections and identifying a significant gap of $290 billion between reported customs data and bank trade proceeds last year, indicating potential illegal capital movements.

The Layer 1 blockchain initiative Saga has temporarily paused its SagaEVM platform following a security breach that resulted in nearly $7 million worth of USDC being drained. An unauthorized actor facilitated the withdrawal of funds, which were subsequently bridged out and converted to ether, the organization stated.

In response to detecting suspicious activities, Saga halted operations at block height 6,593,800 and is collaborating with exchanges and bridge operators to blacklist the attacker’s address to prevent further damage while investigations are underway.

Preliminary analyses suggest that the exploit utilized a coordinated sequence of contract deployments, liquidity movements, and cross-chain interactions to efficiently extract funds. Saga noted that this incident was confined to the SagaEVM and did not compromise the SSC mainnet or its consensus layers.

Decentralized finance protocol Makina Finance experienced a significant exploit in its smart contract, leading to the loss of roughly $5 million from a stablecoin liquidity pool, according to blockchain security firm CertiK. The attacker is believed to have employed a substantial flash loan to manipulate the protocol’s pricing oracle for the DUSD/USDC Curve pool.

Reports indicate that the exploiter deployed around $170 million in USDC to manipulate the MachineShareOracle and traded the remaining funds against a pool with approximately $5 million in liquidity, effectively draining its assets. Though CertiK has provided interim loss estimates, discrepancies exist between different security reports, ranging from $4.13 million to $5.1 million.

As of now, Makina Finance has yet to officially confirm the attack but has advised liquidity providers to withdraw their funds from impacted positions.

A federal court in Utah has sentenced Brian Garry Sewell to three years in prison after he pleaded guilty to defrauding investors and operating an unauthorized cryptocurrency money transfer service. This scheme resulted in losses exceeding $2.9 million, along with unauthorized conversions of over $5.4 million from physical cash to cryptocurrency on behalf of third-party clients linked to fraudulent activities.

In addition to the prison term, Sewell faces three years of supervised release and must pay restitution totaling $3.82 million to affected investors and financial institutions, as mandated by U.S. District Court Judge Ann Marie McIff Allen.

Prosecutors elaborated that Sewell misled at least 17 investors about his capabilities from late 2017 until April 2024 and operated Rockwell Capital Management without the necessary federal registrations.

A researcher has disclosed a vulnerability in Ethereum’s transaction auction system that resulted in the potential for traders to execute profitable trades without incurring standard transaction fees. In Ethereum, transactions are aggregated every 12 seconds, and traders must compete for priority inclusion using bidding mechanisms.

During an examination of this auction process, the researcher discovered a timing error that occurred between bid verification and transaction selection. A malicious actor could exploit this gap to substitute a high-payment transaction with one with no cost, effectively winning the auction without any payment, thus retaining the entire profit.

Although this exploit presented low risk if approached cautiously, it was reported in 2023, leading developers to rectify the vulnerability by integrating both processes into a single, seamless step. The researcher was rewarded with a $5,000 bounty for uncovering this security flaw.