Along with phishing campaigns, ransomware remains one of hackers’ favorite money-making techniques. According to blockchain research firm Chainalysis, hackers linked to Russia pocketed no less than 74% of the revenue generated by ransomware attacks in 2021.
Ransomware has become over the years one of hackers’ favorite techniques to make a quick buck. It’s simple, phishing cyberattacks increased in France by 32% in 2021. This year, moreover, ransomware attacks have taken on an unprecedented scale. We remember, for example, the one that targeted one of the main American oil pipelines, prompting the Biden administration to trigger a state of emergency.
More recently, it was the turn of the French Ministry of Justice to be the target of ransomware. The hackers behind the attack have also confirmed that they are in possession of thousands of confidential data. However, and according to a new study by the firm specializing in blockchain Chainalysis and relayed by our colleagues from the BBC on February 15, 2022, 3/4 of the revenue generated by ransomware in 2021 went into the pocket of hackers linked directly to Russia.
$400 million in cryptocurrencies stolen
According to the researchers, no less than $400 million worth of cryptocurrencies were stolen by groups “most likely affiliated with Russia.” These experts say they have been able to track the flow of money to and from the digital wallets of known hacker groups using public blockchain transaction records. To determine whether a particular group is actually affiliated with Russia, the researchers relied on three specific criteria:
- Their ransomware code is written in such a way as to avoid damaging or targeting files contained in computers located in Russia or CIS countries, the Commonwealth of Independent States. It is an intergovernmental organization made up of former countries of the USSR such as Belarus, Armenia or Kazakhstan, a country which concentrates a significant part of the world’s mining.
- The gang operates in Russian on Russian-speaking forums
- The gang is linked to Evil Corp, a Russian cybercriminal organization believed to have ties to Vladimir Putin’s government and whose members are currently wanted by the United States.
According to data collected by Chainalysis, 13% of extorted funds (out of 74%) funded services for Russian users. In addition, the firm assures that several cryptocurrency companies installed in the Federation Tower in Moscow (a prestigious address in Russia) have been used by hackers to launder illicit funds.
“Altogether, these companies receive hundreds of millions of dollars worth of cryptocurrencies each quarter, peaking at nearly $1.2 billion in Q2 2021. Over a quarter, illicit items make up between 29-48% of all funds received by Moscow cryptocurrency companies”, explain the researchers.
Source: BBC
