Russian-Linked Ransomware Attacks Net $400M

A recent analysis of Bitcoin transfers for the year 2021 shows conclusively how Russia is still the ransomware capital of the world. A blockchain analysis business “Chainalysis”, predicts that in 2021, ransomware earnings will account for 74% of all ransom income, including over $0.4 billion in cryptocurrencies going to outbreaks that are very likely to be associated with Russia. People can also conclude that even after a ransomware, many coerced assets were laundered via companies that predominantly serve Russian customers.

What determines a Russian origin?

Chainalysis claims to have found the ransomware attacks involving Russian ties through looking at:

Ransomware outbreaks utilized by Evil Corp, which is a Russian cybercrime organization, accounted for 10% of all recorded ransomware earnings during last year.

Ransomware activities with alleged collusion with Russia were responsible for 36percent of all traffic, according to a report.

Roughly a quarter of all traffic was linked to ransomware that has been deliberately made to not affect the systems in Russia or the Commonwealth of the Independent States, which was founded in 1999 after the collapse of the Soviet Union.

More than 95% of all digital currency transactions are legal. According to experts, Russia is rated18th in the globe in terms of handling bitcoin currency.

According to Russia’s leading cryptocurrency specialists, the country regards a disproportionately high amount of cryptocurrencies as being linked to criminal activity. It appears that many of the assets were sent through Moscow-based enterprises recognized for handling dangerous funds such as Cashbank, Eggchange, Suex, and other companies as well.

Russia has previously been accused of harboring cybercriminals that use ransomware, financial Trojans, as well as other cyberattack techniques on international targets. Additionally, the nation does have a leader who is frequently rumoured to provide resources to the local cybercrime industry, notably Russian-language newsgroups and deep web marketplaces, such as Hydra.

Fraudsters frequently rely on cryptocurrencies and try to conceal the illegal allocation of capital and make it even harder for detectives to track criminal records back to them. Additional data on cryptocurrencies transfers is bound to emerge over time.

Evidence

Chainalysis, a service that measures the transfer of illegal transactions on an annual basis, also has to revise its total amount of illegal cryptocurrencies which transfer during the year. Ransomware organizers have received over $692 million in illegal profits from victims throughout 2020, roughly about double the number the organization had predicted just 12 months previously. Yet in 2021, ransomware organizations had collected $602 million, but then that number is expected to rise significantly in the next few months.

As a result of the closure of cybercriminal platforms like AlphaBay in 2017 and the use of cryptocurrency exchanges, authorities were able to grab documents and began studying them to establish or strengthen prosecutions, additional information was uncovered which helped the analysts to know much about them. An individual’s personality can be uncovered by analyzing details of deep web market activity, as well as mixing server records. It’s all a big aid for detectives to follow the trail.

Anti-money trafficking rules and Know Your Customer (KYC) procedures have traditionally been used by cybercriminals for laundering cryptocurrencies. Nevertheless, penalties imposed by the US Office of Foreign Assets Control and other specialized measures have made it much harder for non-compliant exchangers to function. Moreover, OFAC currently targets not only marketplaces, but particular dealers, especially brokers, and cryptocurrency exchange credentials, such as those utilized in Evil Corp. OFAC routinely exposes such credentials that enable blockchain research companies to better their knowledge of unlawful virtual currency transfers.

Source — Financial Times

Troubles

It becomes much more challenging for those who seek to utilize cryptocurrencies for illegal reasons because of the rise in knowledge. The accusations that U.S. authorities brought last week against wedded New Yorkers Ilya “Dutch” Lichtenstein and Heather Morgan exemplify it. $3.6 billion of Bitcoin was seized from Bitfinex in 2016, and these two have already been accused of making the transfers.

According to cryptocurrency consultancy firm Elliptic, 119,756 Bitcoins were stolen via Bitfinex and moved to only one wallet wherein 79% of them remained. Although AlphaBay and Hydra paid out about 21% of the total, the remaining 80% had not yet been turned into cash, most probably since whoever held command decided it’d be too hazardous to do it anyway.

Authorities in the United States have pursued the issue against Americans and American citizens alike. This has yet to be seen how Russian officials will effectively combat local cybercriminals. Russian officials have detained 14 alleged members of a REvil, alias Sodinokibi, ransomware organization and closed down a number of some well carding and cybercriminals marketplaces.

To what extent this is just another ruse by the Russian government to claim that it is cracking down on cybercrime, especially in light of President Vladimir Putin’s recent threats to invade Ukraine, remains to be seen.

Aftermath

Interestingly, zero big sharks have been apprehended as a result of the investigations. However, this may not come as a shock. As far as there have been cybersecurity professionals, they’ve recognized that the most successful Russian cybercriminals obey two principles: don’t ever target Russians and occasionally do a favor for the administration.