Full-Time
Confirmed live in the last 24 hours
Blockchain intelligence for financial crime detection
No salary listed
Senior, Expert
Remote in USA
TRM Labs focuses on blockchain intelligence to assist financial institutions, cryptocurrency businesses, and government agencies in identifying and investigating financial crimes and fraud related to cryptocurrencies. The company utilizes advanced data engineering, data science, and threat intelligence to create tools that enhance the safety of the financial system. TRM Labs serves a wide range of clients, including banks and regulatory bodies, by providing them with analytics and investigative resources to address illicit activities in the crypto sector. Unlike many competitors, TRM Labs offers subscription-based services and customized solutions that cater to the unique requirements of each client. The primary goal of TRM Labs is to improve the security and integrity of the global financial system.
Company Size
201-500
Company Stage
Series B
Total Funding
$146M
Headquarters
San Francisco, California
Founded
2018
Help us improve and share your feedback! Did you find this helpful?
Remote Work Options
Annual Company Offsite
Professional Development Budget
The U.S. Office of Foreign Assets Control has sanctioned Nemesis operator Behrouz Parsarad, an Iranian national who allegedly had full control over the darknet marketplace and its cryptocurrency wallets.U.S., German and Lithuanian officials seized Nemesis’s servers in March 2024, but OFAC reports that the Iran-based Parsarad had since discussed establishing a replacement for the marketplace with some of its former vendors.According to OFAC, Parsarad took a percentage of every transaction on Nemesis, which enabled the sale of almost $30 million in narcotics between 2021 and its closure in March 2024.It reportedly had more than 30,000 active users and 1,000 vendors, and sold internationally, including to individuals in the United States.“As the administrator of the Nemesis darknet marketplace, Parsarad sought to build—and continues to try to re-establish—a safe haven to facilitate the production, sale, and shipment of illegal narcotics like fentanyl and other synthetic opioids,” said Acting Under Secretary for Terrorism and Financial Intelligence Bradley T. Smith.The sanctioning of Parsarad includes the designation of 44 Bitcoin addresses and 5 Monero addresses, with research from Chainalysis revealing that the BTC wallets identified by OFAC received around $850,000.Yet the value of his Bitcoin rose to $1.6 million by the time the Nemesis operator sent it elsewhere, including to three centralized exchanges he used to cash out his Bitcoin and Monero.Nemesis was “a major darknet marketplace” said Ari Redbord, the global head of policy at blockchain intelligence platform TRM Labs. He told Decrypt that it was used to sell more than fentanyl.“Nemesis also facilitated the sale of false identification documents and hacking tools, enabling cybercriminals to hijack victims' online accounts and communications,” he said. “Importantly, TRM was able to uncover directly on chain-links between Nemesis and Chinese drug precursor manufacturers with funds being sent directly from Nemesis vendors to Chinese DPMs.”While Nemesis was a significant darknet marketplace internationally, it wasn’t quite as big as some of its Russia-based counterparts.“There were way bigger players: In comparison, Hydra Market, a Russian-language darknet marketplace operational from 2015 until its shutdown in April 2022, had 17 million users and 19,000 sellers, with an estimated lifetime revenue of $5 billion,” Redboard said.According to him, a former senior advisor to the Deputy Secretary and the Under Secretary for Terrorism and Financial Intelligence at the US Treasury, the designation of Behrouz Parsarad comes at a time when OFAC and other government agencies internationally have been ramping up their policing of crypto-related crime.“Europol, Germany’s BKA, and the UK’s NCA have also stepped up enforcement, coordinating takedowns of Hydra Market in 2022, Monopoly Market in 2023, and Nemesis in 2024,” he said.The past fortnight has also seen the EU join the UK and US in placing sanctions on Russian exchange Garantex, which has helped Russians evade the sanctions imposed following the beginning of the Russia-Ukraine war in February 2022.And part of the reason why actions have seemingly increased in the past one or two years is that enforcement agencies have become more adept at using blockchain technology to their advantage.As Redboard says, “Enhanced blockchain intelligence, international cooperation, and aggressive sanctioning have made these agencies more effective in detecting, disrupting, and dismantling illicit cryptocurrency-fueled ecosystems.”Despite progress, it’s also clear that more work needs to be done when it comes to darknet marketplaces, which actually saw an increase in revenue in 2024, from $1.6 billion to $1.7 billion.Edited by Stacy Elliott.Daily Debrief NewsletterStart every day with the top news stories right now, plus original features, a podcast, videos and more
Thai police have raided the offices of five unlicensed cryptocurrency firms, arresting 11 employees as part of a wider crackdown on illicit crypto-related activities within Thailand.Officers from the Economic Crime Suppression Division (ECD) had received warrants to search the premises of five companies operating in the provinces of Nakhon Pathom, Samut Sakhon and Bangkok.ECD commander Thatphum Jaruprat said that the 11 arrested individuals included a mix of executives and less senior employees, with police also seizing six computers and other evidence.An investigation by the ECD had determined that the arrested individuals had been illegally operating e-money firms with a combined annual turnover of approximately one billion baht, or $29.3 million.The raided firms had allegedly acted as intermediaries for local investors wishing to buy investment products sold overseas, requiring customers to transfer money into e-wallets in order to complete the cross-border purchases.Thailand strictly regulates forex-based e-money businesses, with its 2017 Payment System Act requiring all such enterprises to register and secure licensing.Yet according to the ECD, the firms’ failure to register created a money laundering risk, while it also damaged the economy by enabling capital flight.The police have charged the 11 suspects with providing unlicensed electronic money services, and it’s not the first time this year that authorities have cracked down on illegal crypto activity.Thailand's crypto crackdownJanuary saw Thailand's Cyber Crime Investigation Bureau propose a ban on Polymarket, arguing that the crypto-based prediction marketplace creates “economic and social risks.”Last month, Thai and Chinese police froze cryptocurrencies worth around $2.5 million after arresting two Chinese individuals later charged with fraud and human trafficking.And only today, Binance TH reported that Thailand has seen one of the biggest increases worldwide in investment complaints and damage, with the exchange receiving over 1,000 data requests from police over the past three years.Such actions may invite the suspicion that Thailand is cracking down on crypto, yet Singapore-based intergovernmental blockchain advisor Anndy Lian argues that Thai authorities are focused mostly on bad actors."You’ve got the Cyber Crime Investigation Bureau (CCIB) working with folks like Binance to bust pig butchering scams—those nasty romance-investment hybrids that have ripped off millions,” he told Decrypt.Lian noted that one particular operation, named Trust No One, resulted in numerous high-profile arrests and the seizure of substantial sums, while subsequent operation The Purge did something similar last year.“Then there’s the raids on illegal mining ops in places like Chachoengsao and Surat Thani, where they caught people stealing electricity to power their rigs,” Lian added. “That’s another sign they’re keeping an eye on shady crypto activities.”Lian reiterated that Thai police are zeroing in on fraudsters, extortionists and thieves much more than the crypto space more generally, although it also has a zero-tolerance policy for platforms that do not register with the Thai Securities and Exchange Commission.“The SEC’s been pushing to block unlicensed exchanges too, like they did with Bybit and others last year, but that’s more about regulating the space than shutting it down,” he explained.Thailand and cryptoBut in general, the cryptocurrency industry in Thailand is growing healthily: the Southeast Asian nation ranked 16th in Chainalysis’ 2024 Global Crypto Adoption Index, while it saw just over $50 billion in cryptocurrency value received between July 2023 and July 2024.Thailand’s SEC has also been busy updating its rules surrounding cryptocurrency investment for mutual and private funds, in a bid to attract more legitimate investment in the space.“Plus, with the SEC now eyeballing spot Bitcoin ETFs and stablecoins, it seems like they’re trying to figure out how to manage it, not kill it,” says Lian, referring to the SEC’s January announcement that it may begin permitting local Bitcoin exchange-traded funds.Such moves mean that Thailand sits somewhere in the middle of Southeast Asian jurisdictions when it comes to crypto regulations, not quite as liberal as Singapore but “not a total lockdown like China,” according to Lian.Daily Debrief NewsletterStart every day with the top news stories right now, plus original features, a podcast, videos and more
TRM Labs Inc. has introduced two new cluster types to help investigators identify commonly controlled addresses with greater confidence:
Los hackers norcoreanos están cerca de las etapas finales de lavado de los 499,000 ETH robados de Bybit, con un valor aproximado de 1,5 mil millones de dólares. Al ritmo actual, podrían completar este proceso en los próximos tres días.Mientras tanto, esto ocurre en medio de críticas al emisor de la stablecoin USDC, Circle, por aparentemente retrasar la acción de incluir en la lista negra los monederos vinculados al ataque.Hackers norcoreanos intensifican esfuerzos de lavado en BybitEl 1 de marzo, los hackers norcoreanos movieron otros 62,200 ETH, valorados en alrededor de 138 millones de dólares, reduciendo el saldo restante no lavado a 156,500 ETH.Según el investigador cripto EmberCN, quien ha estado monitoreando las transacciones, el rápido movimiento de fondos sugiere que el proceso de lavado podría completarse en cuestión de días. “Desde que el hacker reanudó el lavado de dinero ayer a las 3 PM, han lavado 62,200 ETH (valorados en 138 millones de dólares). De los 499,000 ETH robados de Bybit, solo quedan 156,000 ETH (valorados en 346 millones de dólares) sin lavar. En unos tres días más, todo debería estar completamente lavado”, escribió EmberCN en X. Holdings de Ethereum del hacker de Bybit
The North Korean Bybit hackers are nearing the final stages of laundering the stolen 499,000 ETH, worth approximately $1.5 billion. At their current pace, they could complete this process within the next three days. Meanwhile, this comes amid criticism of USDC stablecoin issuer Circle for allegedly delaying action on blacklisting wallets linked to the attack.North Korean Hackers Ramp Up Bybit Laundering EffortsOn March 1, the North Korean hackers moved another 62,200 ETH, valued at around $138 million, reducing the remaining unlaundered balance to 156,500 ETH. According to crypto investigator EmberCN, who has been monitoring the transactions, the rapid movement of funds suggests the laundering process could be completed in a matter of days