Russia-Linked Hackers Pocket Majority of Ransomware Revenue

It’s been suggested that 74% of all revenue from ransomware attacks in 2021 was received by Russia-linked hackers, according to new research conducted by Chainalysis.

That figure equates to in excess of $400 million worth of cryptocurrency payments, which researchers stated was collected by groups “highly likely to be affiliated with Russia.”

It was also claimed that a “huge amount of cryptocurrency-based money laundering” makes its way through Russian crypto firms.

Chainalysis reported that it was able to track the money flow to and from the digital wallets of known hacking groups by utilizing public blockchain transaction records.

They were able to identify the hacking groups as Russian due to the various characteristics displayed.

For instance, how the gang operates in Russian/Russian-speaking forums; links to the notorious cyber crime group, Evil Corp; and how its ransomware code is specifically written to not damage Russian/CIS-located devices.

The researchers’ findings show how a multitude of malicious cyber groups operate from within Russia or the surrounding CIS (Commonwealth of Independent States), an intergovernmental organization of former Soviet countries.

Since the report only examines the money flow to malicious cyber group leaders, however, it’s still not known where the individual hackers (who utilize the groups’ tools as part of affiliate schemes) reside.

A massive international operation launched in 2021 to stop ransomware hackers – following several high-profile attacks – lead to the arrests of alleged hackers in Ukraine, Romania, Kuwait and South Korea.

Additionally, the US has retrieved millions of dollars from a multitude of ransomware orchestrators’ digital wallets.

Chainalysis reported that Evil Corp – an alleged Russian cyber crime group with US-issued sanctions and indictments – takes around 10% of all known ransomware revenue.

In November 2021, a BBC investigation discovered that one of the accused leaders of Evil Corp, Igor Turashev, was operating several businesses from Moscow City’s Federation Tower.

Featuring prominent businesses and multi-million dollar apartments, the tower is one of Russia’s most prestigious buildings.

According to Chainalysis’ findings, it was claimed that several tower-based crypto firms were used by hackers to launder funds from digital wallet addresses – cleaning cryptocurrency into mainstream money.

“In any given quarter, the illicit and risky addresses account for between 29% and 48% of all funds received by Moscow City cryptocurrency businesses,” the researchers stated.

Russia has denied accusations of harbouring cyber criminals for many years, and continues to do so.


Google Warns its Chrome Users after Browser Faces 'High Threat' Attack

03/05/2022 Billions of Chrome users are being warned after the successful attack has revealed 30 new security flaws, including seven that pose a ‘high threat’ to users. Attackers have managed to access Chrome's unused memory. This is typically used to help the browser run smoother, however by exploiting this finding it has given hackers access to the inner workings...

Cyber Attack Recovery Bill Concerns for Gloucester City Council

21/03/2022 But with the final recovery bill expected to cost hundreds of thousands of pounds, members of the council have understandably been expressing their concerns. In order to restore several of its affected online services, a £380,000 reserve was created; the Government and Local Government Association also provided the council with a collective £250,000. Despite...

What Are Internet Trackers & How to Stop Them

21/03/2022 But what exactly are trackers? And how do you go about stopping them to create a more secure, worry-free internet experience? What are Internet Trackers? Tracking technologies – usually owned/developed by advertising and marketing firms and government agencies, among other authorities – are utilized to monitor visitor-based data for the purpose of establishing...

Ukraine’s Digital Minister Waging Cyber Warfare from Secret Bunker

21/03/2022 From a secret Kiev-based underground bunker, Fedorov has been urging high-ranking social media executives to sever Russia from their multinational services. Digital minister Fedorov has also set up an “IT Army of Ukraine” campaign in the hopes of recruiting volunteers willing to fight the country’s “enemy” with cyber attacks. The 31-year-old Fedorov,...


Share this article