Ransomware Attacks Most Of The Money Looted To Russian Hackers
JAKARTA - A recent analysis shows that Russian hackers were the recipients of money from a ransomware attack in 2021, which has claimed victims from various countries.
Overall, 74 percent of all the money, according to the researchers, was paid in cryptocurrencies worth more than $400 million, and went to ransomware groups most likely to work with Russia.
But of course, Russia denies accusations that they harbor cybercriminals in their country. Researchers also claim a significant amount of cryptocurrency-based money laundering is carried out through Russian crypto companies.
Chainalysis, which carried out this research, was able to follow the flow of money to and from the digital wallets of known hacker groups using public blockchain transaction records.
The software company also said it knew which group of hackers were from Russia because they displayed a variety of characteristics. For example, the hacker gang's ransomware code was written to prevent damaging files if it detects the victim's computer is in Russia or the Commonwealth of Independent States (CIS), an intergovernmental organization of Russian-speaking ex-Soviet countries.
Launching BBC International, Tuesday, February 15, the gang is known to operate on a Russian forum and use the same language. This gang was found to be linked to Evil Corp, a cybercrime group allegedly wanted by the United States (US). This research is further evidence that many cybercriminal groups operate either in Russia or around the CIS.
However, the report could only look at the flow of money to cybercriminal gang leaders, and many who run affiliate operations with other countries. It's like renting out the tools needed to launch attacks to other people, so it's not known where or from where each of the hackers who work for the big gang are.
In a Chainalysis report, that 9.9 percent of all known ransomware revenue goes to Evil Corp. A BBC International investigation in November last year found that Igor Turashev, one of the alleged leaders of Evil Corp, operated several businesses outside the Moscow City Federation Tower.
The tower is one of Russia's most prestigious addresses, home to leading businesses and with multi-million dollar apartments.
Chainalysis claims several cryptocurrency companies based in the tower were used by hackers to launder illicit funds, turning cryptocurrency from digital wallet addresses into mainstream money.
In any given quarter, illicit and risky addresses accounted for between 29 percent and 48 percent of all funds received by Moscow City cryptocurrency businesses.