US Indicts Money Launderers to Cyber-criminal Elite

The United States has indicted alleged members of a transnational gang that laundered millions of dollars for the cyber-criminal elite.

Fourteen alleged members of the criminal organization QQAAZZ were charged by a federal grand jury in the Western District of Pennsylvania in an indictment unsealed today. 

The QQAAZZ members are accused of conspiring with cyber-criminals all over the world to launder money stolen from victims of computer fraud in the United States and elsewhere. 

The indictment alleges that, since 2016, the gang has laundered, or attempted to launder, tens of millions of dollars’ worth of stolen funds. A related indictment unsealed in October 2019 charged five members of QQAAZZ.

Drawing from a network of members located in Latvia, Georgia, Bulgaria, Romania, and Belgium, among other countries, QQAAZZ opened and maintained hundreds of corporate and personal bank accounts at financial institutions in multiple countries to receive money stolen by cyber-criminals from bank accounts of victims.  

"The funds were then transferred to other QQAAZZ-controlled bank accounts and sometimes converted to cryptocurrency using 'tumbling' services designed to hide the original source of the funds," stated the Department of Justice.

"After taking a fee of up to 40 to 50 percent, QQAAZZ returned the balance of the stolen funds to their cybercriminal clientele."  

QQAAZZ advertised its services as a “global, complicit bank drops service” on Russian-speaking online cyber-criminal forums. Among the threat actors that used QQAAZZ's services are the creators of Dridex, Trickbot, and GozNym.

In a closely coordinated international operation, more than 40 house searches were carried out in Latvia, Bulgaria, the United Kingdom, Spain, and Italy, with criminal prosecutions initiated in the United States, Portugal, Spain, and the United Kingdom.  

More searches and arrests were carried out in Latvia by the Latvian State Police than in any other country. Police in Bulgaria, conducting searches as part of the international operation, uncovered an extensive Bitcoin-mining operation associated with QQAAZZ.

American victims impacted by QQAAZZ include a Jewish Orthodox Synagogue in Brooklyn, New York, a technology company in Windsor, Connecticut, a medical device manufacturer in York, Pennsylvania, and an automotive parts manufacturer in Livonia, Michigan.

What’s Hot on Infosecurity Magazine?