DPP SEEKS FORFEITURE OF FOREIGN JET, FAKE GOLD & $5.6 MILLION

By Staff Writer | October 16, 2023, Zambian Observer

The Director of Public Prosecutions has applied before the Lusaka High Court, Economic and Financial Crimes registry for a private jet used in the gold scam case to be forfeited to the State.

Drug Enforcement Commission Assistant Commissioner, Martin Chitamba says that on 13th August, 2023, information was received to the effect that a T7-WSS Global Express (GLEX) Jet from Cairo, Egypt suspected to be carrying prohibited articles landed around 17:15 hours at the Kenneth Kaunda International Airport (KKIA).

Mr. Chitamba says when the airspace application form completed by IBIS Air for the plane to land was viewed, it was discovered that the applicants had falsely declared that the aircraft was not carrying anything.

He says it took five hours for the five Egyptian nationals to allow the investigative team on the plane to inspect the aircraft.

Mr. Chitamba has also revealed that when the investigative team was finally allowed onto the plane, they found cargo such as, 602 pieces of brass pellets (a combination of copper and zinc metals) weighing a total of 127.28 Kilograms purported to have been gold valued at about $7, 636, 800, five (5) pistols with 126 rounds of ammunition and eleven (11) pistol magazines, a drilling machine and over $5.7 million dollars.

By Paul Ogemba, 18 November 2023: The Standard

A former senior manager at Kenya Rural Roads Authority (KeRRA) has lost property worth Sh500 million acquired through corruption.

Justice Esther Maina ordered Margaret Wanja Muthui and her associates to forfeit the property to the state after finding that she enriched herself through proceeds of crime and used proxies to register them.

“She cannot be allowed to benefit from property she acquired through corruption. If indeed she was capable of purchasing the property, why then did she look for mama mbogas (vegetable sellers) from Githurai to pose as the purchasers?” said Justice Maina.

Among the property Muthui was ordered to forfeit to the state are 11 apartments in Kileleshwa, a townhouse at Collingham Gardens in Nairobi, 24 apartments in Ruaka, a piece of land in Ruaka, a plot in Dagoretti and Sh94 million in her accounts.

Justice Maina ruled that the Asset Recovery Agency (ARA) had proved beyond reasonable doubt that Muthui corruptly acquired millions of shillings when she served as deputy director of supply chain management at the road’s authority.

The judge found that ARA had proved that Muthui had stashed old Sh1,000 notes in her house and when the government declared a phase-out of the currency in 2019, she had nowhere to hide them and embarked on massive buying of property to clear the money.

In order to conceal her identity, the former Kura manager recruited Esther Wagio Njunge, Grace Ndiritu, Mercy Nyambura and Cynthia Nyambura as her proxies and named them as beneficiaries and registered owners of the property.

“It was worth noting that some of the listed beneficiaries disowned being owners of the property since they were mere small scale traders who were asked to pose as buyers but knew nothing about the source of the funds,” ruled Maina.

The Judge further declared that any rental income, benefit and profit accruing from the 11 Signature Apartments in Kileleshwa owned by Muthui and the 24 Taraji Residence apartments in Ruaka are proceeds of crime that should be remitted to the state.

ARA in its suit accused the former KeRRA manager of being the architect of the corruption scandal where she bought the property and registered them in the names of her associates to conceal her identity.

According to ARA, investigations established that Muthui paid Sh264 million in cash for 11 apartments in Kileleshwa within a period of three months during the demonetisation of the old Sh1,000 notes in 2019 so as to launder the illegitimately obtained cash.

The agency said they started investigating Muthui and her associates when they received information that she had acquired massive wealth within a short period of time through a scheme of money laundering and corruption.

According to ARA, Muthui had been collecting monthly rent ranging from Sh116,000 to Sh200,000 from each of the 11 apartments in Kileleshwa which the court said must be forfeited to the state.

The agency claimed that even after giving the named persons a chance to explain the source of their wealth, they did not give a satisfactory explanation which left no doubt that the cash in the accounts and the assets are proceeds of crime.

After analysing Muthui’s accounts, the court was convinced that she received suspicious funds through a scheme of money laundering which are believed to be proceeds of crime and liable for forfeiture to the state.  

THE European Public Prosecutor’s Office (EPPO) and Tracfin, France’s financial intelligence unit (FIU) have signed a Working Arrangement, establishing a structured framework for their cooperation.

31 October 2023 | By Staff Repoter

The arrangement aims to facilitate and foster the exchange of information on
suspicious financial transactions relating to facts and offences falling within the remit of the EPPO.

“It also underlines the efforts of both parties to make the fight against
money laundering, and the underlying offences that damage the financial interests of the European Union, as effective as possible,” Tracfin said in a statement.

The Working Arrangement was signed on 26 October in Luxembourg by Laura Codruța Kövesi, European Chief Prosecutor, and Guillaume Valette-Valla, Director of Tracfin.

Laura Codruța Kövesi, European Chief Prosecutor: “The EPPO needs information from financial intelligence units in order to combat fraud against the financial interests of the EU efficiently. Tracfin is a very important partner for the EPPO in this respect. This working arrangement opens the way for deepening our cooperation, and will facilitate the transmission of crime reports as well as the exchange of criminal analysis.”

Guillaume Valette-Valla, Director of Tracfin: “Tracfin’s first operational exchanges with the European Public Prosecutor’s Office began during 2022. This Working Arrangement will allow us to amplify them, in order to more effectively fight against the fraudsters and criminal networks that are undermining the foundations of the European project.”

Source: https://www.amlintelligence.com/2023/10/news-eppo-and-frances-fiu-sign-agreement-to-share-information-to-fight-money-laundering/

2022 Biggest Year Ever For Crypto Hacking with $3.8 Billion Stolen, Primarily from DeFi Protocols and by North Korea-linked Attackers

February 1, 2023 | By Chainalysis Team

2022 was the biggest year ever for crypto hacking, with $3.8 billion stolen from cryptocurrency businesses.

Hacking activity ebbed and flowed throughout the year, with huge spikes in March and October, the latter of which became the biggest single month ever for cryptocurrency hacking, as $775.7 million was stolen in 32 separate attacks.

Below, we’ll dive into what kinds of platforms were most affected by hacks, and take a look at the role of North Korea-linked hackers, who drove much of 2022’s crypto hacking activity and shattered their own yearly record for most cryptocurrency stolen. 

 

DeFi protocols by far the biggest victims of cryptocurrency hacks

In last year’s Crypto Crime Report, we wrote about how decentralized finance (DeFi) protocols in 2021 became the primary target of crypto hackers. That trend intensified in 2022.

DeFi protocols as victims accounted for 82.1% of all cryptocurrency stolen by hackers — a total of $3.1 billion — up from 73.3% in 2021. And of that $3.1 billion, 64% came from cross-chain bridge protocols specifically. Cross-chain bridges are protocols that let users port their cryptocurrency from one blockchain to another, usually by locking the user’s assets into a smart contract on the original chain, and then minting equivalent assets on the second chain. Bridges are an attractive target for hackers because the smart contracts in effect become huge, centralized repositories of funds backing the assets that have been bridged to the new chain — a more desirable honeypot could scarcely be imagined. If a bridge gets big enough, any error in its underlying smart contract code or other potential weak spot is almost sure to eventually be found and exploited by bad actors. 

How do we make DeFi safer?

DeFi is one of the fastest-growing, most compelling areas of the cryptocurrency ecosystem, largely due to its transparency. All transactions happen on-chain, and the smart contract code governing DeFi protocols is publicly viewable by default, so users can know exactly what will happen to their funds when they use them. That’s especially attractive now in 2023, as many of the crypto market blowups of the past year were due to a lack of transparency into the actions and risk profiles of centralized cryptocurrency businesses. But that same transparency is also what makes DeFi so vulnerable — hackers can scan DeFi code for vulnerabilities and strike at the perfect time to maximize their theft.

DeFi code auditing conducted by third-party providers is one possible remedy to this. Blockchain cybersecurity firm Halborn is one such provider, and is notable for its clean track record — no DeFi protocol to pass a Halborn audit has subsequently been hacked. We spoke with Halborn COO David Schwed, whose background includes stints in risk and security at large banks like BNY Mellon, about how DeFi protocols can better protect themselves. He emphasized that many of the issues in DeFi come down to a lack of investment in security. “A big protocol should have 10 to 15 people on the security team, each with a specific area of expertise,” he told us. He indicated that the core issue is that DeFi developers prioritize growth over all else, and direct funds that could fund security measures to rewards in order to attract users. “The DeFi community generally isn’t demanding better security — they want to go to protocols with high yields. But those incentives lead to trouble down the road.” 

Schwed told us that DeFi developers should look to traditional financial institutions for examples of how to make their platforms more secure. “You don’t need to move as slow as a bank, but you can borrow from what banks do.” Some measures he recommends include:

• Test protocols with simulated attacks. DeFi developers can simulate different hacking scenarios on testnets in order to test how their protocol stands up to the most common attack vectors.

• Take advantage of crypto’s transparency. One huge advantage of a blockchain like Ethereum is that transactions are visible in the mempool before they’re confirmed on the blockchain. Schwed recommended that DeFi developers monitor the mempool closely for suspicious activity on their smart contracts to detect possible attacks as early as possible.
• Circuit breakers. DeFi protocols should build out automated processes to pause their protocols and halt transactions if suspicious activity is detected. “It’s better to briefly inconvenience users than to have the entire protocol get drained,” said Schwed. 

Schwed also told us that regulators have a role to play here, and can help make DeFi safer by setting minimum security standards that protocol developers must follow. The data on DeFi hacks makes one thing clear: Whether achieved through regulation or voluntary adoption, DeFi protocols will greatly benefit from adopting better security in order for the ecosystem to grow, thrive, and eventually penetrate the mainstream. 

North Korea-linked hackers break theft records yet again: $1.7 billion stolen

North Korea-linked hackers such as those in cybercriminal syndicate Lazarus Group have been by far the most prolific cryptocurrency hackers over the last few years. In 2022, they shattered their own records for theft, stealing an estimated $1.7 billion worth of cryptocurrency across several hacks we’ve attributed to them. For context, North Korea’s total exports in 2020 totalled $142 million worth of goods, so it isn’t a stretch to say that cryptocurrency hacking is a sizable chunk of the nation’s economy. Most experts agree the North Korean government is using these stolen to fund its nuclear weapons programs. 

$1.1 billion of that total was stolen in hacks of DeFi protocols, making North Korea one of the driving forces behind the DeFi hacking trend that intensified in 2022. North Korea-linked hackers tend to send much of what they steal to other DeFi protocols, not because these protocols are effective for money laundering — they’re actually quite bad for money laundering given their increased transparency compared to centralized services — but rather because DeFi hacks often result in cybercriminals acquiring large quantities of illiquid tokens that aren’t listed at centralized exchanges. The hackers therefore must turn to other DeFi protocols, usually DEXes, to swap for more liquid assets.

 

Besides DeFi protocols, North Korea-linked hackers also tend to send large sums to mixers, which have typically been the cornerstone of their money laundering process. In fact, funds from hacks carried out by North Korea-linked hackers move to mixers at a much higher rate than funds stolen by other individuals or groups. But which mixers do they use? We’ll dig in below.

Meet the new mixer North Korean hackers have turned to following Tornado Cash’s OFAC designation

For much of 2021 and 2022, North Korea-linked hackers almost exclusively used Tornado Cash to launder cryptocurrency stolen in hacks. It’s not hard to see why — Tornado Cash was for a time the biggest mixer operating, and its unique technical attributes made the funds it mixed relatively difficult to trace.

However, the hackers adapted when Tornado Cash was sanctioned in August 2022. While North Korea-linked hackers have still sent some funds to Tornado Cash since then, we can see above that they diversified their mixer usage in Q4 2022, soon after the mixer’s designation. This may be due to the fact that, while still operational, Tornado Cash’s overall transaction volume has fallen since its designations, and mixers generally become less effective when fewer people are using them. Since then, the hackers have turned to another mixer, Sinbad, which we’ll look at in more detail below.

Sinbad

Sinbad is a relatively new custodial Bitcoin mixer that began advertising its services on the BitcoinTalk forum in October 2022. Chainalysis investigators first observed wallets belonging to North Korea-linked hackers sending funds to the service in December 2022, which we can see on the Chainalysis Reactor graph below.

As we’ve seen in many North Korea-directed hacks, the hackers bridge the stolen funds from the Ethereum blockchain — including a portion of the funds stolen in the Axie Infinity hack — to Bitcoin, then sending that Bitcoin to Sinbad. During December 2022 and January 2023, North Korea-linked hackers have sent a total of 1,429.6 Bitcoin worth approximately $24.2 million to the mixer. 

While North Korea-linked hackers are undoubtedly sophisticated and represent a significant threat to the cryptocurrency ecosystem, law enforcement and national security agencies’ ability to fight back is growing. Last year, for example, we saw the first ever seizure of funds stolen by North Korea-linked hackers, when agents recovered $30 million worth of cryptocurrency stolen in the Axie Infinity Ronin Bridge hack. We expect more such stories in the coming years, largely due to the transparency of the blockchain. When every transaction is recorded in a public ledger, it means that law enforcement always has a trail to follow, even years after the fact, which is invaluable as investigative techniques improve over time. Their growing capabilities, combined with the efforts of agencies like OFAC to cut off hackers’ preferred money laundering services from the rest of the crypto ecosystem, means that these hacks will get harder and less fruitful with each passing year.

 

https://blog.chainalysis.com/reports/2022-biggest-year-ever-for-crypto-hacking/

Wadyajena bought 25 trucks in US$5m Cottco scam, court hears

Former Mozambican president takes the stand

But for two days, more than a week ago, Guebuza was treated like an ordinary citizen and subjected to gruelling questioning in a courtroom in Maputo. He was forced to explain his role in the $2.2-billion “hidden debt” scandal that plunged the country into a severe financial crisis — and took place under his watch.

Although his appearance may, for some, have dented the former president’s re**tion, it was also an opportunity for him to address the Mozambican public — and to attack his successor, Filipe Nyusi.

And as Frelimo gears up for a congress in September to choose Nyusi’s successor, this battle between the party’s two biggest beasts has a significance beyond the corruption trial itself.

A fishy business

Guebuza was the last of 67 witnesses called by the attorney general’s office to testify at the televised hearings. For the past six months, the court — sitting in a tent in the courtyard of a maximum-security prison outside the capital, Maputo — has heard evidence that has implicated his inner circle in serious financial irregularities.

Although the former president has not himself been prosecuted, the accused include his private secretary and his chief political advisor, as well as his son, Ndambi. The defendants have been charged with assorted crimes including money-laundering, forgery, embezzlement, blackmail, criminal association and influence peddling.

The accusations centre around $2.2-billion that was borrowed by companies set up by the Mozambican intelligence service, backed by state guarantees. Infamously, some of this money was used to purchase tuna fishing boats that were allegedly vastly overpriced and unfit for purpose, and are currently rusting — unused — in Maputo’s harbour.

Under Mozambican law, debts of that size should never have been taken on without the approval of parliament and the administrative court. But parliament was never consulted, until after the scandal broke when it retroactively approved the loans.

In 2019, under pressure from civil society, the Constitutional Council ended up declaring the debts null and void. Mozambique has refused to honour two of the loans, but is slowly repaying one of them, which was worth $850-million, but will cost the country as much as $2.4-billion by the time it is paid off.

The man who signed the guarantees, the then finance minister Manuel Chang, has been languishing in a South African prison since December 2018, stuck in an extradition tug-of-war between Mozambique and the US.

Credit Suisse, the bank that financed part of the fraudulent deal, was fined $547-million by regulators in the US and UK. But no one has yet been brought to justice in Mozambique. And Guebuza, in his testimony, did his best to convince prosecutors – and the Mozambican public – that his hands are clean.

Passing the buck

Although Guebuza accepted responsibility for creating the companies in question, he pointed the finger of blame for the fraudulent activity at none other than Nyusi, who was his minister of defence at the time, and who chaired a group of senior officials that Guebuza set up and, he says, put in charge of the project.

“I trusted them. I delegated because I trusted the people I was working with,” Guebuza told the court.

But Nyusi has denied any involvement. Nyusi’s testimony, given to state prosecutors in 2018 and read aloud by the judge in court on Friday, said that he knew nothing about the dodgy companies at the heart of the scandal — and found out about their existence only when the scandal broke in 2016. Video footage currently doing the rounds in Mozambique casts doubt on this account, because it shows Nyusi discussing them in 2014 and 2015.

The two presidents’ contradictory accounts will make it difficult for prosecutors and judges to get to the bottom of what happened. But they may not be the final arbiters. Instead, all eyes turn now to the Frelimo party congress in September, at which Nyusi and Guebuza are vying to have the final say on who will be the candidate to succeed as president. They will each be hoping that their favoured candidate wins the nomination — and can keep them out of jail.

This article first appeared in The Continent, the award-winning pan-African weekly newspaper designed to be read and shared on WhatsApp. Download your free copy here

Read More: https://mg.co.za/africa/2022-02-28-former-mozambican-president-takes-the-stand/

South Africa's North West Province: The pathology of a corrupt province

through our project "Countering Illicit Financial Flows by Strengthening Law Enforcement for Asset Recovery Inter-Agency Network for Southern Africa (ARINSA)". A regional approach has been taken with various e-learnings and online webinars .

Experts will be invited to do the live online interactive sessions where the knowledge and skills obtained from the self-paced modules are further strengthened and enhanced. Participants have an opportunity to clarify and ask questions during the live sessions and through discussion forums. In order to facilitate as many participants as possible, the online sessions are recorded and accessible until the module is closed.

UNODC kindly requests all contact points, heads of departments and colleagues to spread this invitation as widely as possible to all relevant stakeholder institutions involved in asset forfeiture, the investigation and prosecution of  money laundering and other financial crimes  space and all other institutions that are linked to money laundering and financial crimes to avail themselves to take these courses. and instructions to follow ).

) Please Note that: Yahoo email addresses are blocking emails from our system therefore use alternative email addresses. 

,  for authentication and validation. Kindly note that all fields marked in RED on the ARINSA new account creation form are mandatory and the system will not accept your registration unless you complete them.  

 Enrolment on the Courses

The deadlines for the online the AAMLC and JAMLC will be 30 July 2021 and 06 August 2021 for the AMLC and FISZC. No participants can be enrolled after this date.

Please note that participants can start registering and enrolling themselves for all e-courses as of today Monday, July 12^th, 2021.

We hope that you will find this to be worthwhile and enriching to your careers as well as of those of the others.

REMEMBER LET US LEAVE THE CRIMINALS WITH NOWHERE TO HIDE!!

All the best and let us keep safe.