In 2021, Russian hackers allegedly profited more than $400 million using crypto-ransomware.
According to a new analysis released on Monday by blockchain analytics firm Chainalysis, over 74 percent of ransomware money was channelled through high-risk wallet addresses likely based in Russia last year, totaling over $400 million USD. The analysis looked at ransomware hacks in 2021 and concluded if they were linked to Russia based on three crucial characteristics:
Evil Corp, a Russian cybercriminal gang with purported ties to the Russian government, was suspected of being behind a particular intrusion.
Only non-former-Soviet country victims are targeted by ransomware.
Ransomware strains that distribute Russian-language papers and announcements.
In addition to the selection criteria, web traffic data appears to suggest that Russia is where the vast majority of extorted monies are laundered. Another 13% of cash received from ransomware addresses to services went to users in Russia, which is more than any other country. Typically, ransomware infects a user’s computer through a programme exploit, or by downloading unknown files, etc. They then encrypt the victim’s files and demand payment in Bitcoin (BTC) or Monero (XMR) to a wallet address in order to gain access to the data.
Last year, the Russian hacking group Darkside compromised the computer systems of Colonial Pipeline by using a single leaked password. As a result, the pipeline’s operators were compelled to pay a crypto ransom of more than $4 million (of which $2.3 million was recovered) in order to regain access to their encrypted files, but not before triggering a momentary gasoline shortage.
Disclaimer: These are the writer’s opinions and should not be considered investment advice. Readers should do their own research.