Telegram Tuesdays: Laundering and Washbots
In this week’s 'Telegram Tuesdays,' we explore how washbots are revolutionizing digital crime. By simplifying laundering with user-friendly interfaces, these tools lower the entry barrier for novice threat actors, complicating efforts to trace illicit activities.
Bots like washbot make it harder to trace known scammers and illicit activities by anonymizing a payment through splitting up transactions and moving through other wallets.
Notably the seller in this case flagged that both a hired investigator and Anti-Money Laundering (AML) scanner can’t pick them up.
Background on Mixers
Money laundering and “cleaning” illicit funds to clean cash unlinked to crime isn’t new. There’s a long history in both physical and crypto currency criminal activities.
Since the 1981 Chaum paper on “Untraceable electronic mail, return addresses, and digital pseudonyms” mixnets have been discussed and used to enable privacy. From usage in Tor and now in cryptocurrency mixnets enable privacy by techniques like splitting up transactions, aggregating transactions across multiple users, re-routing them and using a different output. Like TOR itself, these privacy preserving tools serve a similar purpose, in the positive case to prevent censorship, in the criminal case to avoid getting caught. While other techniques, like TOR, and VPNs enable privacy of network traffic, crypto transaction mixnets enable anonymity of the transaction itself.
For example, regardless of all the network anonymity in the world, if I, “Alice”, decide to send “Bob” a payment of 1B USD$ / 15762.11 for any reason (pay a ransomware payment, fund a construction project, or buy a company), the knowledge of that payment is public and traceable. The transaction amount, and timeframe is so unique, that it is obvious "Alice" sent this payment to "Bob" .
While the above example is extreme :) It demonstrates why threat actors anonymize their transactions.
Notorious mixers include:
- Bitcoin Fog convicted on Mar 12, 2024 [1]
- Tornado Cash Sanctioned by U.S. Treasury in August 2022 [2]
Washers
Washers leverage similar technology as mixer’s, but with a better UX. By leveraging telegram chat bots they are easier to use for new threat actors and frankly harder to mess up.
What this changes
We see that telegram bots or fraud as a service generally serve the purpose of lowering the barriers to entry in the fraud and cyber crime space. In the spread of criminality there are some actors who are extremely organized and stealthy, and on the other extreme those that take scams on TikTok and broadcast their use.
These techniques expand the pool of “moderately” skilled threat actors who build fraud or scam systems via combination of off the shelf tools.