Who needs VC funding? How cybercriminals spread their ill-gotten gains to everyday business ventures | CyberScoop<\/title> <meta name=\"description\" content=\"The benefits of cybercrime aren't all flashy cars and watches. Sophos X-Ops researchers discovered it also fuels a far-reaching mix of ordinary, sometimes unremarkable businesses.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/what-cybercriminals-do-with-their-money-sophos\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Who needs VC funding? How cybercriminals spread their ill-gotten gains to everyday business ventures\"> <meta property=\"og:description\" content=\"The benefits of cybercrime aren't all flashy cars and watches. Sophos X-Ops researchers discovered it also fuels a far-reaching mix of ordinary, sometimes unremarkable businesses.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/what-cybercriminals-do-with-their-money-sophos\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/cyberscoop\/\"> <meta property=\"article:published_time\" content=\"2025-05-15T12:00:00+00:00\"> <meta name=\"author\" content=\"Matt Kapko\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/who-needs-vc-funding-how-cybercriminals-spread-their-ill-gotten-gains-to-everyday-business-ventures-2.jpg\"> <meta name=\"twitter:creator\" content=\"@CyberScoopNews\"> <meta name=\"twitter:site\" content=\"@CyberScoopNews\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1746040294g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1747157649g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1747161863g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=13897d660a0ac2c9c7d1\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/84519\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.8.1\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=84519\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fwhat-cybercriminals-do-with-their-money-sophos%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fwhat-cybercriminals-do-with-their-money-sophos%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"wp-singular post-template-default single single-post postid-84519 single-format-standard wp-theme-scoopnewsgroup wp-child-theme-cyberscoop\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/what-cybercriminals-do-with-their-money-sophos\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--event js-stickybar\">\n<div class=\"stickybar__details\" readability=\"4.9180327868852\">\n<div class=\"stickybar__info js-sticky-bar-content\" readability=\"32\">\n<p>Voting is open for the 2025 CyberScoop 50 awards!<\/p>\n<\/div>\n<p> <a class=\"stickybar__link button button-tertiary\" href=\"https:\/\/cyberscoop.com\/cyberscoop50\/\">Click here!<\/a> <\/div>\n<p> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"25.594520547945\">\n<div class=\"single-article__header-content\" readability=\"31.96214511041\">\n<p> The benefits of cybercrime aren’t all flashy cars and watches. Sophos X-Ops researchers discovered it also fuels a far-reaching mix of ordinary, sometimes unremarkable businesses. <\/p>\n<p>   <\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"426\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/who-needs-vc-funding-how-cybercriminals-spread-their-ill-gotten-gains-to-everyday-business-ventures.jpg?resize=640%2C426&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt=\"Briefcase full of U.S. currency.\" decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/who-needs-vc-funding-how-cybercriminals-spread-their-ill-gotten-gains-to-everyday-business-ventures-2.jpg 4368w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/who-needs-vc-funding-how-cybercriminals-spread-their-ill-gotten-gains-to-everyday-business-ventures-2.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/who-needs-vc-funding-how-cybercriminals-spread-their-ill-gotten-gains-to-everyday-business-ventures-2.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/who-needs-vc-funding-how-cybercriminals-spread-their-ill-gotten-gains-to-everyday-business-ventures-2.jpg?resize=1024,683 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/who-needs-vc-funding-how-cybercriminals-spread-their-ill-gotten-gains-to-everyday-business-ventures-2.jpg?resize=1536,1024 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/who-needs-vc-funding-how-cybercriminals-spread-their-ill-gotten-gains-to-everyday-business-ventures-2.jpg?resize=2048,1365 2048w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/who-needs-vc-funding-how-cybercriminals-spread-their-ill-gotten-gains-to-everyday-business-ventures-2.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/who-needs-vc-funding-how-cybercriminals-spread-their-ill-gotten-gains-to-everyday-business-ventures-2.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/who-needs-vc-funding-how-cybercriminals-spread-their-ill-gotten-gains-to-everyday-business-ventures-2.jpg?resize=506,337 506w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/who-needs-vc-funding-how-cybercriminals-spread-their-ill-gotten-gains-to-everyday-business-ventures-2.jpg?resize=1013,675 1013w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/who-needs-vc-funding-how-cybercriminals-spread-their-ill-gotten-gains-to-everyday-business-ventures-2.jpg?resize=1265,843 1265w\" sizes=\"(max-width: 1013px) 100vw, 1013px\"><figcaption> Briefcase full of U.S. currency. (Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"83.924866348794\"><body readability=\"170.31109725686\"><\/p>\n<p>Cybercriminals aren\u2019t so different from the rest of us \u2014 they live in the real world, and their spending and investment habits, though funded through crime, can look surprisingly ordinary. Luxury cars and lavish vacations may still grab headlines, but those perks are reserved for the most elite cybercriminals.<\/p>\n<p>In reality, everyday businesses \u2014 like pizza delivery, construction supplies, or tattoo parlors \u2014 are supported by the fruits of the labor that comes from a life of cybercrime.<\/p>\n<p>An <a href=\"https:\/\/news.sophos.com\/en-us\/2025-05-15\/beyond-the-kill-chain-what-cybercriminals-do-with-their-money-part-1\">extensive investigation by Sophos X-Ops<\/a>, pulled from thousands of posts on two Russian-language and three English-language cybercrime forums, uncovered the dark underbelly of illegal schemes cybercriminals use to reinvest their money. Yet, researchers also discovered a vast community of chatty cybercriminals seeking to help each other launder their money with more common business pursuits.<\/p>\n<p>According to John Shier, field chief information security officer of threat intelligence at Sophos, alleged cybercriminals on these forums are pursuing an immense range of businesses, investment proposals and startup ideas.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cA lot of this cybercrime is fueled by crypto, and it\u2019s kind of useless in the real world,\u201d Shier told CyberScoop. \u201cSo, they need to be able to move that cryptocurrency into some sort of fiat, some sort of valuable something that they can actually spend in the real world.\u201d<\/p>\n<p>The discussion of legitimate businesses as a vehicle for laundering money is brazen, he said. Some guides and detailed instructions shared on these forums also reveal how extensively cybercriminals collaborate to diversify and develop specialized ways to funnel their money. <\/p>\n<h5 class=\"wp-block-heading\" id=\"h-sticking-to-what-they-know\">Sticking to what they know<\/h5>\n<p>Businesses that cybercriminals prop up with their ill-gotten gains include everything from drive-thru coffee shops to real estate, education, pharmaceuticals, construction, software development and \u2014 wait for it \u2014 cybersecurity companies and services. <\/p>\n<p>Users on these forums proposed selling spyware to pentesters and corporations, developing exploits or finding vulnerabilities in local businesses\u2019 networks to then turn that into an opportunity to sell protective services. \u201cI accidentally found myself in this situation, raised a lot of money and got a regular client,\u201d an unnamed user wrote, according to Sophos.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Researchers also observed proposals for security startups specializing in vulnerability research and a hash decryption service using a commercial cloud provider. One user recommended an investment in a prominent cybersecurity vendor.<\/p>\n<p>\u201cIrony aside, this raises the concerning possibility that threat actors could become shareholders of a company that tracks and disrupts threat actors,\u201d Sophos X-Ops researchers said in the <a href=\"https:\/\/news.sophos.com\/en-us\/2025-05-15\/beyond-the-kill-chain-what-cybercriminals-do-with-their-money-part-2\">report<\/a>. <\/p>\n<p>\u201cIt is concerning that you\u2019d have people with motivations that are criminal, that are investing in businesses that are supposed to be helping organizations withstand cybercrime,\u201d Shier said.<\/p>\n<p>While it\u2019s a positive when someone leaves a life of cybercrime behind, Shier said he doubts that\u2019s the case for individuals communicating within the criminal underground. The potential for insider-type activity is real, where \u201cthe protectors are actually the ones that are in the ski masks and pointing a gun at you,\u201d he said.<\/p>\n<h5 class=\"wp-block-heading\" id=\"h-crime-begets-more-crime\">Crime begets more crime<\/h5>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Some of the guides Sophos found covered step-by-step methods for investing in gold or diamonds, establishing shell companies, money laundering, and importing and exporting.<\/p>\n<p>Researchers described some business interests as \u201cgray,\u201d including pornography and gambling. <\/p>\n<p>Outright <a href=\"https:\/\/news.sophos.com\/en-us\/2025-05-15\/beyond-the-kill-chain-what-cybercriminals-do-with-their-money-part-4\">illegal activities<\/a> were abundant on these forums as well. This includes bots, pyramid schemes, sex work, drugs, tax evasion, insider trading and reinvesting in cybercrime. <\/p>\n<p>\u201cInvest it in the business that brought you this income. It\u2019s obvious,\u201d one user said in a forum, according to Sophos. <\/p>\n<p>Researchers observed multiple investment opportunities for malware and campaigns already in progress or development, including botnets, infostealers, phishing tools, SIM-swapping and a year-old DDoS-related project.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>In one especially striking post, an alleged cybercriminal shared how they bought properties solely for the purpose of burying large sums of cash underground. <\/p>\n<p>A screenshot of the post Sophos shared with CyberScoop included detailed instructions for preparing the cash and selecting site locations. It was recommended that bank notes should be dry and free of any sign of mildew, arranged in piles, vacuum sealed into plastic bags, and then placed into large airtight bags with silica gel packets, before being sealed into a PVC drum and buried at least five feet deep, away from roots and on higher ground.<\/p>\n<p>\u201cCover the hole when you\u2019re done and write down the GPS coordinates so you or your descendants can easily find the location in the future,\u201d the post explained. <\/p>\n<p>\u201cIf you\u2019ve got so much money that you just need to start burying it like that, that, to me, is a pretty big red flag,\u201d Shier said. \u201cAre they building generational wealth here? Like, how much money are we talking about?\u201d<\/p>\n<h5 class=\"wp-block-heading\" id=\"h-follow-the-money-to-what-end\">Follow the money to what end?<\/h5>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Threat intelligence spans both physical and digital realms to help organizations detect and prevent malicious activity. While most of this research focuses on identifying new attacks, and post-compromise activities, far less attention is placed on tracking the money once cybercriminals acquire it.<\/p>\n<p>\u201cWe know that money enters the system very often through fraud or through things like ransomware, computer crime, but how it exits the system helps us maybe have a better idea of how we can monitor those different avenues,\u201d Shier said.<\/p>\n<p>\u201cIf we can just shine lights on absolutely everything, then it becomes a lot more difficult for them to hide,\u201d he said. <\/p>\n<p>The legitimate businesses and gray-area pursuits that cybercriminals squeeze for additional profit ultimately implicate innocent people, creating more downstream victims, according to Shier.<\/p>\n<p>\u201cCybercriminals are no different than the mafia, than other organized criminals. They\u2019re going to use every avenue at their disposal,\u201d he said. \u201cWe need to be able to shine as many lights on that as possible, so that then law enforcement and the judicial system can do what they need to do to prosecute these people.\u201d<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"3.5714285714286\">\n<div class=\"author-card\" readability=\"14\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/who-needs-vc-funding-how-cybercriminals-spread-their-ill-gotten-gains-to-everyday-business-ventures-1.jpg?w=640&ssl=1\" alt=\"Matt Kapko\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Matt Kapko<\/h4>\n<p> Matt Kapko is a reporter at CyberScoop. His beat includes cybercrime, ransomware, software defects and vulnerability (mis)management. The lifelong Californian started his journalism career in 2001 with previous stops at Cybersecurity Dive, CIO, SDxCentral and RCR Wireless News. Matt has a degree in journalism and history from Humboldt State University. <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/what-cybercriminals-do-with-their-money-sophos\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Who needs VC funding? How cybercriminals spread their ill-gotten gains<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[2701,337,282,78,1807,679,4199,1514,4263,1365,707,2927,288],"tags":[2704,340,286,86,1810,680,4201,1520,4264,1366,709,2928,294],"class_list":["post-7641","post","type-post","status-publish","format-standard","hentry","category-crypto","category-cryptocurrency","category-cybercrime","category-cybersecurity","category-exclusive","category-financial","category-financial-fraud","category-investigation","category-investment","category-money","category-money-laundering","category-sophos","category-threats","tag-crypto","tag-cryptocurrency","tag-cybercrime","tag-cybersecurity","tag-exclusive","tag-financial","tag-financial-fraud","tag-investigation","tag-investment","tag-money","tag-money-laundering","tag-sophos","tag-threats"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/crypto\/\" rel=\"category tag\">crypto<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cryptocurrency\/\" rel=\"category tag\">cryptocurrency<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybercrime\/\" rel=\"category tag\">cybercrime<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/exclusive\/\" rel=\"category tag\">Exclusive<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/financial\/\" rel=\"category tag\">Financial<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/financial-fraud\/\" rel=\"category tag\">financial fraud<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/investigation\/\" rel=\"category tag\">Investigation<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/investment\/\" rel=\"category tag\">investment<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/money\/\" rel=\"category tag\">Money<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/money-laundering\/\" rel=\"category tag\">money laundering<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/sophos\/\" rel=\"category tag\">Sophos<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/threats\/\" rel=\"category tag\">Threats<\/a>","tag_info":"Threats","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/7641","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=7641"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/7641\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=7641"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=7641"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=7641"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":7641,"date":"2025-05-15T07:00:00","date_gmt":"2025-05-15T12:00:00","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=84519"},"modified":"2025-05-15T07:00:00","modified_gmt":"2025-05-15T12:00:00","slug":"who-needs-vc-funding-how-cybercriminals-spread-their-ill-gotten-gains-to-everyday-business-ventures","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2025\/05\/15\/who-needs-vc-funding-how-cybercriminals-spread-their-ill-gotten-gains-to-everyday-business-ventures\/","title":{"rendered":"Who needs VC funding? How cybercriminals spread their ill-gotten gains to everyday business ventures"},"content":{"rendered":"