Money Launders Look to Online Casinos: Report

Cybercriminals are increasingly looking to online casinos to launder money, according to a new report from McAfee.

With online gambling growing in popularity, the prospect of cybercriminals using online casinos the same way criminals have used casinos in the physical world is getting increased attention. The key to it all is anonymity – as well as the ability to cash out using virtual currencies.

“More games, more access, and more transaction methods are resulting in greater opportunities for would-be criminals to hide their illicit gains from the prying eyes of global law enforcement agencies,” the report notes. “Without a means to cash out, the volume of cybercrime would decrease. However, the anonymous online money laundering marketplace today is growing rapidly with the volume of attacks. Although requiring licenses for gambling operators is an important approach, this step does nothing to halt the tide of unlicensed operators.”

Because the sites are unlicensed, there is no financial oversight, making it difficult to determine the exact scale of the issue, explained Raj Samani, vice president and CTO EMEA for Intel’s McAfee security division.

“With an ecosystem that supports greater methods to obfuscate the true identity of individuals (e.g. TOR sites, BTC laundries, etc) then absolutely [it will increase],” he told SecurityWeek. “Further, the number of unlicensed sites is considerably large so the choice to the would-be launderer is very large.”

In some cases, the report found, sites promote anonymity of their services as an attractive feature for customers. Cryptocurrencies like Bitcoin can also add another layer of anonymity. Still, using these platforms does not guarantee anonymity. For that, more is needed. Some sites have taken to leveraging the TOR network. The report notes however that sites using TOR will not be as widely used as others. Luckily for cybercriminals, TOR is not the only technical solution for increasing anonymity for players.

“One access mechanism is the use of a proxy server, which can make a connection appear as if it comes from another location or country,” according to the report. “Proxy servers could help bypass restrictions that licensed sites have in place to block players from countries where the site owner does not have a proper license.” 

“Another mechanism, which solves both the problems of anonymity and access, is a virtual private network (VPN), which offers the additional benefit of encrypting the traffic from the peering eyes of Internet service providers (ISPs) or law enforcement,” according to the report. “Certain providers give users a multitude of VPN connections—for example, torguard.net advertises 300 servers across 23 countries. A number of VPN providers offer their customers the ability to hide their IP addresses and appear to come from a particular city.”

“The issue of tackling the problem is something that really demands international law enforcement collaboration,” Samani said. “In particular, the Internet affords the player their choice of any jurisdiction at the touch of a button therefore only with global collaboration, and in particular with private sector partners can the issue begin to become addressed.”