They say the third time's the charm.
But in the case of this recent effort by the U.S. government, the first, second, and third times were all charms. Because it just managed to disrupt three cyber campaigns that happened to be financing some of the world's most infamous terrorist organizations.
U.S. government disrupts three terrorist cyber scams
According to the U.S. Department of Justice (DOJ), this represents the government's largest seizure of cryptocurrency in the terrorism context.
In a recent announcement, the DOJ revealed a global disruption of three cyber campaigns, all of which used cryptocurrency to fund terrorist organizations.
Exactly how large was the disruption? The data reveals some shocking numbers. Here's what the U.S. government seized from the campaigns.
- Millions of dollars
- Over 300 cryptocurrency accounts
- Four websites
- Four Facebook pages
While we often think of terrorist organizations as physical entities—a symptom of the brutally physical nature of terrorist attacks—these cyber campaigns demonstrate how terrorist strategies have evolved with the digital age. Each scheme used cryptocurrency and social media to garner attention and funding, relying on sophisticated cyber tools to do so.
Secretary of the Treasury Steven Mnuchin explains how he sees it:
"Terrorist networks have adapted to technology, conducting complex financial transactions in the digital world, including through cryptocurrencies. IRS-CI special agents in the DC cybercrimes unit work diligently to unravel these financial networks."
What terrorist organizations did the government disrupt?
Each group used wildly different strategies, but the unifying technique was cryptocurrency.
According to the DOJ, the government took down cyber campaigns from these three terrorist organizations:
1. Al-Qassam Brigades
"In the beginning of 2019, the al-Qassam Brigades posted a call on its social media page for bitcoin donations to fund its campaign of terror. The al-Qassam Brigades then moved this request to its official websites, alqassam.net, alqassam.ps, and qassam.ps.
Working together, IRS, HSI, and FBI agents tracked and seized all 150 cryptocurrency accounts that laundered funds to and from the al-Qassam Brigades' accounts. Simultaneously, law enforcement executed criminal search warrants relating to United States-based subjects who donated to the terrorist campaign."
"These terrorist organizations operated a bitcoin money laundering network using Telegram channels and other social media platforms to solicit cryptocurrency donations to further their terrorist goals. In some instances, they purported to act as charities when, in fact, they were openly and explicitly soliciting funds for violent terrorist attacks."
"The final complaint combines the Department's initiatives of combatting COVID-19 related fraud with combatting terrorism financing. The complaint highlights a scheme by Murat Cakar, an ISIS facilitator who is responsible for managing select ISIS hacking operations, to sell fake personal protective equipment via FaceMaskCenter.com.
The website claimed to sell FDA approved N95 respirator masks, when in fact the items were not FDA approved. Site administrators claimed to have near unlimited supplies of the masks, in spite of such items being officially-designated as scarce.
The unsealed forfeiture complaint seized Cakar's website as well as four related Facebook pages used to facilitate the scheme. With this third action, the United States has averted the further victimization of those seeking COVID-19 protective gear, and disrupted the continued funding of ISIS."
If that last one sounds particularly familiar, it's because ISIS is far from the first group to use COVID-19 in a scam for profit. From false vaccines to contact tracing smishing schemes, manipulating the global pandemic for financial gain is common fodder in the cybercrime world.
It's also an eye-opening reminder: if you fall for fake coronavirus information, you might be doing more than endangering yourself; you might also be funding something dangerous.