Crypto Analysts Expose HuiOne Guarantee’s $11 Billion Cybercrime Transactions

Avatar
Cryptocurrency analysts have shed light on an online marketplace called HuiOne Guarantee that’s widely used by cybercriminals in Southeast Asia, particularly those linked to pig butchering scams. “Merchants on the platform offer technology, data, and money laundering services, and have engaged in transactions totaling at least $11 billion,” Elliptic said in a report shared with The Hacker News.

Cryptocurrency analysts have shed light on an online marketplace called HuiOne Guarantee that’s widely used by cybercriminals in Southeast Asia, particularly those linked to pig butchering scams.

“Merchants on the platform offer technology, data, and money laundering services, and have engaged in transactions totaling at least $11 billion,” Elliptic said in a report shared with The Hacker News.

The British blockchain analytics firm said that the marketplace is part of HuiOne Group, a Cambodian conglomerate with links to Cambodia’s ruling Hun family and that another HuiOne business, HuiOne International Payments, is actively involved in laundering scam proceeds globally.

According to its website, HuiOne’s financial services arm is said to have 500,000 registered users. It also touts Alipay, Huawei, PayGo Wallet, UnionPay, and Yes Seatel as its customers.

Southeast Asian countries like Burma, Cambodia, Laos, Malaysia, Myanmar, and the Philippines have become a breeding ground for pig butchering scams in recent years.

In these schemes, unwitting people from Asia and Africa are enticed with high-paying jobs in the region, only for them to be trapped inside “scam compounds” run by transnational organized crime groups originating from China and coerced into participating in fraudulent activities.

These entail creating fake accounts on social media and dating platforms, and using them to develop romantic relationships with victims and eventually persuade them to invest in non-existent crypto businesses with an aim to siphon their funds.

HuiOne Guarantee, established in 2021, comprises a network of thousands of instant messaging app channels on Telegram that are run by different merchants. While it claims to serve as a marketplace for real estate and cars, Elliptic said that a majority of the goods and services offered are aimed at cyber scam operators.

“The largest category of merchants operating on HuiOne Guarantee are those offering to move and exchange money,” the company explained.

“Many of the merchants explicitly offer money laundering services, including accepting payments from victims around the world, transferring it across borders and converting it to other assets including cash, stablecoins, and to Chinese payment apps.”

Merchants have also been found advertising software and web development services that facilitate the creation of scam crypto investment websites used in pig butchering scams, as well as marketing tear gas, electric batons and electronic shackles for use by scam compound operators to imprison and torture their workers.

According to data shared by SlowMist earlier this January, merchants associated with HuiOne Guarantee – which is also referred to as Huiwang Guarantee – are said to have further engaged in cryptocurrency transactions with a wallet that received more than 4.6 million USDT from another wallet linked to the Myanmar Alliance Army.

“The value of cryptocurrency received by HuiOne Guarantee and its merchants, and the type of goods and services offered, suggest that it is a key enabler of cyber scam operators in Southeast Asia,” Elliptic said.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

 The Hacker News 

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

ViperSoftX Malware Disguises as eBooks on Torrents to Spread Stealthy Attacks

Next Post

Smash-and-Grab Extortion

Related Posts

A SaaS Security Challenge: Getting Permissions All in One Place 

Permissions in SaaS platforms like Salesforce, Workday, and Microsoft 365 are remarkably precise. They spell out exactly which users have access to which data sets. The terminology differs between apps, but each user’s base permission is determined by their role, while additional permissions may be granted based on tasks or projects they are involved with. Layered on top of
Avatar
Read More