How do Criminals Finance their Activities in the Metaverse?

Due to being a space that generates risks, challenges, and cybercrime, the metaverse fosters criminal innovation against security and stability, namely its decentralized composition and its maintenance of anonymity and discretion, as well as several other characteristics. These potentials, when exploited, assist criminals in engaging in innovative activities not only to carry out cybercriminal activities but also to finance their illegal operations. Through this chapter, we explore the modalities and methods used by criminals to generate and launder funds, as well as take a look at the regulatory gaps exploited in this process of cybercrime.

1. Ransoware attack and extortion process

The Ransomware in traditional definition, is a well-established and widely used by criminals to target online objectives and hold sensitive personal or public data hostages. This type of attack, according to our observations, transcends into the metaverse by targeting valuable virtual assets, such as NFTs, real estate in the metaverse, and user accounts by taking them hostage through the encryption of their entry and access data and demanding cryptocurrency sums as ransom to return the encrypted data to their original owners. (Katterbauer et al., 2022). The metaverse provides cybercriminals with fertile ground to develop their activities, and the potentials offered by this emerging technology risk constituting a considerable advantage to evade regulations and deterrent procedures. The examples that show us how these attacks proliferate in the metaverse are numerous, including Decentraland Bug Bounties, the Axie Infinity Attack, and the NFT and Crypto Game Hack, which are the most recent and dangerous examples during the year 2022, effectively targeting virtual assets (Alawadhi, 2023).

Criminals in the metaverse also resort to other cunning criminal activities to achieve their criminal goals and interests. Extortion is one of those activities prevalent in the metaverse and can threaten the integrity of users, regardless of their nature. Private individuals and businesses are the most well-known targets of extortion, and they are threatened with the disclosure of their sensitive information if they do not pay the demanded ransoms. The metaverse facilitates the spread of these illicit activities and operations, whose criminals’ identities are still protected by the virtual principles of anonymity and decentralization, making efforts to deter and secure this space a distant mission. (Wu et al., 2022). As Masjedi (2023) confirm, the examples of extortion are numerous and very multiple, yet we want to highlight the recent, pertinent and significant events and activities, such as the attack on Discord servers by extortionists to steal valuable assets, as well.

2. Fraud and the conversion of virtual assets forms

A range of cyberattacks spreading in the metaverse, taking on fraudulent and scamming forms. Cybercriminals in the metaverse focus their objectives after penetrating servers and databases, stealing access credentials to log in as the owners and commit fraud and scamming activities in their names or even stealing their virtual assets. These criminals can also cause major upheavals in virtual economies by causing serious disruptions and damages, using online products that support the creation of fake profiles and counterfeit data to carry out fraudulent investments (Wu et al., 2022).

These fake profiles and information diverted for reasons of fraud and scamming can be used to serve more complicated objectives. The conversion of virtual assets is one of those discussed forms where criminals can convert illicitly collected funds or even stolen from unknown sources into legal assets in the metaverse by purchasing virtual land or legally developing or investing in NFTs (Lin et al., 2023). Criminals, taking advantage of the potentials already discussed, can hide and conceal the origins of their funds by creating criminal expertise for other criminals wanting to exploit the metaverse for their criminal interests and avoid financial surveillance and control. Security agencies are unable to deter these activities and intercept them all when the metaverse supports the development of these activities by providing specific potentials that help money laundering grow in unexpected and dangerous ways (Team, 2023).

3. Wash trading, social medias and cryptocurrenies facilitations

Money laundering is one of the most significant forms in the metaverse that criminals use to transform dirty money into legal and regular funds. However, this method has not had its chance in studies and research. Money laundering in the Metaverse is a financial crime where criminals fraudulently inflate the values of virtual assets in the metaverse through specific methods. The inflated buy and sell orders of certain products or assets in the virtual world, generating unreal demands far from the actual value of these products, allow criminals to find black holes for their illegal cash and controlled portfolios (Dupire, 2024). Trading in the metaverse is currently a predominant activity whose control and surveillance mechanisms, including regulatory frameworks, are not yet capable of addressing criminal uses that transcend real and virtual borders.  This virtual trading activity facilitates money laundering when most transfer and exchange platforms do not comply with the legality of resources or the imposition of questions regarding the origins of funds, including income (Crypto Actu, 2022).

Social media, as networks for the circulation of informational flows with little control and surveillance, constitute ideal platforms for criminals to conduct peer-to-peer transactions by buying or selling virtual assets. Social networks, through certain products they provide to users and also to potential users, in terms of fund transfers and money, cryptocurrency purchases, investments in the virtual world, etc., allow criminals to use these capabilities offered by social media to conceal illicit funds and disguise the origins of these transactions, rendering the interventions of intergovernmental or even internal organizations, which seek to enforce law and security in the virtual world, ineffective (Lin et al., 2023). It should be noted that in these criminal processes within social networks, cryptocurrencies remain the most predominant means for the execution of criminal activities. Although the latter presents unlimited benefits for users, it still remains the ultimate means of harm (Barrett & Lynch, 2020).

For the diversification of financing methods for criminal activities in the metaverse, criminals also use cryptocurrencies to facilitate payments and transfers, as cryptocurrency transactions evade the control and surveillance mechanisms applied by certain security agencies. In addition to the discretion regarding the origins and sources of transactions, cryptocurrencies also offer criminals efficiency and speed in evading border checkpoints and surveillance issued by global instruments to organize the global financial order. However, despite the advantages of cryptocurrencies for criminal activities, there is still an Achilles’ heel in their circulation and transaction activities, which investigators and cybersecurity experts can track if the international institutions put more effort and resources into developing investigative and surveillance tools (Wu et al., 2022).

REFERENCES

Katterbauer, K., Syed, H., & Cleenewerck, L. (2022). Financial cybercrime in the Islamic Finance Metaverse. Journal of Metaverse, 2(2), 56–61. https://doi.org/10.57019/jmv.1108783

Alawadhi, I. M. (2023). Future Cybercrimes in the Metaverse. In Advances in digital crime, forensics, and cyber terrorism book series (pp. 24–32). https://doi.org/10.4018/979-8-3693-0220-0.ch002

Lin, K., Wu, J., Lin, D., & Zheng, Z. (2023). A survey on metaverse: Applications, crimes and governance. In 2023 IEEE 1st International Conference on Metaverse Communications and Networking (MetaCom) (pp. 541-549). IEEE. https://doi.org/10.1109/MetaCom57706.2023.00097

Lin, K., Wu, J., Lin, D., & Zheng, Z. (2023). A survey on metaverse: Applications, crimes and governance. In 2023 IEEE 1st International Conference on Metaverse Communications and Networking (MetaCom) (pp. 541-549). IEEE. https://doi.org/10.1109/MetaCom57706.2023.00097

Masjedi, Y. (2023, July 6). These 11 New Discord Scams Can (and Will) Steal Your Data. Retrieved from https://www.aura.com/learn/discord-scams

Team, C. (2023, August 17). Bitfinex Hack Money Launderers Plead Guilty. Retrieved from https://www.chainalysis.com/blog/bitfinex-hack-plea-july-2023/