Rappers, Social Media and money laundering. This story has it all and is a great expose into the new world of cyber fraud and bitcoin to facilitate money laundering.
It’s also a glimpse into the a fraud network that spanned many countries and utilized hundreds of people to hack into victims bank accounts and then launder the funds through a vast network.
The Fraudsters Narcissistic Dilemma
Fraudsters often can’t help themselves, often boasting of their crimes on Instagram by flashing large wads of cash. In October 2020, the Department of Justice brought down an international money laundering group called The QQAAZZ Group.
The QQAAZZ members, acting in concert with cybercriminals across the world, were accused of conspiring to launder money stolen from victims of computer fraud in the United States and elsewhere. And one of the members, an aspiring rapper just couldn’t stay off Instagram and it gave the FBI all they needed to bring down the fraudulent operation.
A Sophisticated And Global Operation
Comprised of several layers of members from Latvia, Georgia, Bulgaria, Romania, and Belgium, among other countries, the QQAAZZ network opened and maintained hundreds of corporate and personal bank accounts at financial institutions throughout the world to receive money from cybercriminals who stole it from bank accounts of victims. The funds were then transferred to other QQAAZZ-controlled bank accounts and sometimes converted to cryptocurrency using “tumbling” services designed to hide the original source of the funds. After taking a fee of up to 40 to 50 percent, QQAAZZ returned the balance of the stolen funds to their cybercriminal clientele.
The QQAAZZ members secured these bank accounts by using both legitimate and fraudulent Polish and Bulgarian identification documents to create and register dozens of shell companies which conducted no legitimate business activity. Using these registration documents, the QQAAZZ members then opened corporate bank accounts in the names of the shell companies at numerous financial institutions around the world, thereby generating hundreds of QQAAZZ-controlled bank accounts available to receive stolen funds from cyber thieves.
QQAAZZ advertised its services as a “global, complicit bank drops service” on Russian-speaking online cybercriminal forums where cybercriminals gather to offer or seek specialized skills or services needed to engage in a variety of cybercriminal activities. The criminal gangs behind some of the world’s most harmful malware families (e.g.: Dridex, Trickbot, GozNym, etc.) are among those cyber criminal groups that benefited from the services provided by QQAAZZ.
He Loved Rapping and Instagram and It Would Lead to His Downfall
His name is Maksim Boiko from Siberia , and he was a 29-year-old Russian rapper, known as Plinofficial, who was accused of cybercrimes related to the QQAAZZ Group. He once dreamt of becoming the biggest rap artist on the planet.
He was once voted the 74th best rapper in Russia. He drove a white Mercedes, sported an expensive Hublot wristwatch and drank Moët champagne and wanted to live the American rapper lifestyle.
But late last year, he was apprehended in Miami airport carrying over $20,000 in cash. The FBI complaint unsealed in March charges that Maksim Boiko, 29, was a “significant cybercriminal” who converted stolen money into cryptocurrency for the QQAAZZ group.
The FBI claims that for years, he provided the QQAAZZ cybercrime gang with access to criminally controlled bank accounts, which they could use to move funds stolen in prior cybercrimes. The effort worked as a kind of “global, complicit bank drops service”.
According to prosecutors, hackers who breached victims’ bank accounts would contact QQAAZZ seeking an account to wire stolen funds as part of a kind of “global, complicit bank drops service.”
Check Out This Tutorial on The QQAAZZ
This is a great video by SumSub, one of my favorite Youtubers on how it all went down.