For signs of cryptocurrency laundering, look closely at Moscow firms, report says

Moscow-based businesses appear to be handling much of the money laundering of cryptocurrency payments that come from global ransomware activity and other forms of cybercrime, according to a report from crypto-tracking company Chainalysis. The analysts focused on several dozen companies with a presence in Moscow City, the Russian capital’s skyscraper-packed business district. In any given quarter, “illicit and risky” blockchain addresses account for between 29% and 48% of all funds received by those cryptocurrency businesses, the report says. That traffic, including legitimate crypto transactions, can sometimes be more than $1 billion in a quarter, Chainalysis says. “A huge amount of cryptocurrency-based money laundering, not just of ransomware funds but of funds associated with other forms of cybercrime as well, goes through services with substantial operations in Russia,” Chainalysis says in the Monday blog post, which is based on its upcoming “2022 Crypto Crime Report.” The company defines “risky or illicit” […]

The post For signs of cryptocurrency laundering, look closely at Moscow firms, report says appeared first on CyberScoop.

Continue reading For signs of cryptocurrency laundering, look closely at Moscow firms, report says

Hackers stole more than $320 million in cryptocurrency from DeFi platform Wormhole

A hacker stole $320 million worth of Ethereum cryptocurrency from a decentralized finance platform Wormhole on Wednesday. The attack is the largest against the cryptocurrency industry so far in 2022 and one of the top hacks of the industry to date. As of Thursday morning, all of the stolen funds were “restored,” the trading platform was back up, and an incident report was coming soon, according to tweets by the company. The vulnerability used by the attacker had been fixed, Wormhole said late Wednesday. The platform allows users to send Ethereum and Solana cryptocurrencies across two different blockchains. A preliminary analysis of the attack by blockchain security firm CertiK shared with CyberScoop found that the hacker was able to exploit a vulnerability that allowed it to create a fake Solana transfer that it used to claim real Ethereum. “We seem to be at an awkward point where the demand for […]

The post Hackers stole more than $320 million in cryptocurrency from DeFi platform Wormhole appeared first on CyberScoop.

Continue reading Hackers stole more than $320 million in cryptocurrency from DeFi platform Wormhole

Deposits to illicit crypto addresses nearly doubled in 2021, Chainalysis finds

Cryptocurrency-based crime hit a new all-time high in 2021, researchers at Chainalysis said in a report published Thursday. According to the report, illicit addresses tracked by Chainalysis received $14 billion in deposits over the course of 2021, almost double the amount they collected in 2020. Rather than digital extortion, though, Chainalysis found it was actually cryptocurrency-related scams, namely investment-related fraud, and straight theft that saw the biggest jumps in 2021. Illicit revenue from scams rose by 82% in 2021 to $7.8 billion worth of cryptocurrency. Researchers attribute a large part of the growth to a boom in so-called “rug pulls,” a fraud scheme in which developers set up seemingly legitimate cryptocurrency projects with the intent to steal investors’ money and disappear. Of the over $2.8 billion lost to rug pull scams, roughly 90% can be attributed to an Istanbul-based exchange Thodex, whose CEO disappeared with users’ funds. But there are […]

The post Deposits to illicit crypto addresses nearly doubled in 2021, Chainalysis finds appeared first on CyberScoop.

Continue reading Deposits to illicit crypto addresses nearly doubled in 2021, Chainalysis finds

How Hydra, a Russian dark net market, made more than $1 billion in 2020

Russian-speaking dark web bazaar Hydra has dominated the illicit marketplace since 2018, thanks in part to the demise of a rival business as well as its imposition of restrictive policies on sellers, according to research published Tuesday. Hydra administrators have made transactions on the site more difficult to track by forcing users to transact in difficult-to-track Russian currencies, along with regional financial operators and service providers, according to the research. Dark web markets have typically relied on a variety of methods for withdrawing funds, from ATMs to escrow services. It adds up to a headache for law enforcement, potential competitors and other entities with an interest in disrupting Hydra, concludes the joint report by dark web intelligence firm Flashpoint and cryptocurrency-watching software company Chainalysis. Hydra specializes in narcotics sales. “Money laundering trails to Hydra are difficult, near impossible, to trace,” the companies said. “While the illicit trade of narcotics is problematic […]

The post How Hydra, a Russian dark net market, made more than $1 billion in 2020 appeared first on CyberScoop.

Continue reading How Hydra, a Russian dark net market, made more than $1 billion in 2020

Lawmakers say Colonial Pipeline’s refusal to discuss ransom undermines US efforts

U.S. lawmakers are demanding to know whether Colonial Pipeline paid a ransom to hackers who forced the company to shut down operations for days. Following a Monday briefing with Colonial Pipeline, the heads of the House Homeland Security and Oversight and Reform committees said the company’s refusal to share information on any ransom payment hindered their ability to craft legislation to address the ransomware problem. Bloomberg News reported that Colonial Pipeline, which says it supplies 45% of the fuel consumed on the East Coast, paid cybercriminals nearly $5 million to recover their computer systems. “We’re disappointed that the company refused to share any specific information regarding the reported payment of ransom during today’s briefing,” Democratic Reps. Bennie Thompson of Mississippi and Carolyn Maloney of New York said in a statement. “In order for Congress to legislate effectively on ransomware, we need this information.” When contacted by CyberScoop on Tuesday, a […]

The post Lawmakers say Colonial Pipeline’s refusal to discuss ransom undermines US efforts appeared first on CyberScoop.

Continue reading Lawmakers say Colonial Pipeline’s refusal to discuss ransom undermines US efforts

Researchers find financial ties between notorious ransomware gangs

The number of ransomware strains that lock up systems throughout the global internet might suggest an immeasureable number of independent hackers are plundering victims’ data. In fact, new research suggests that digital extortion specialists are more closely connected than they may appear. Researchers at Chainalysis, a software firm that works with law enfocement agencies, on Thursday said they have found connections that suggest collaboration between hackers who have used the Maze, Egregor, SunCrypt and DoppelPaymer hacking tools. Each of these groups operate as ransomware-as-a-service, meaning they lease access to their malware to affiliates who then run ransomware attacks, which can make attribution trickier. When tracking some recent ransom payments to the Maze gang through a series of intermediaries, researchers determined that Maze was sharing some of the payout with a suspected SunCrypt cutout, according to a blog on the research, which was published Thursday. Maze has been tied to attacks […]

The post Researchers find financial ties between notorious ransomware gangs appeared first on CyberScoop.

Continue reading Researchers find financial ties between notorious ransomware gangs

Arrest, Seizures Tied to Netwalker Ransomware

U.S. and Bulgarian authorities this week seized the darkweb site used by the NetWalker ransomware cybercrime group to publish data stolen from its victims. In connection with the seizure, a Canadian national suspected of extorting more than $27 million through the spreading of NetWalker was charged in a Florida court. Continue reading Arrest, Seizures Tied to Netwalker Ransomware

REvil Ransomware Gang Starts Auctioning Victim Data

The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software. The move marks an escalation in tactics aimed at coercing victims to pay up — and publicly shaming those don’t. But it may also signal that ransomware purveyors are searching for new ways to profit from their crimes as victim businesses struggle just to keep the lights on during the unprecedented economic slowdown caused by the COVID-19 pandemic. Continue reading REvil Ransomware Gang Starts Auctioning Victim Data

Police bust alleged operator of Bitcoin mixing service Helix

The Ohio man is charged with running a Bitcoin mixer to launder over $300m—now worth $3.6b—on behalf of Dark Net crooks trying to hide out. Continue reading Police bust alleged operator of Bitcoin mixing service Helix

Here’s another sign that criminals are breaking away from bitcoin

Bitcoin, the granddaddy of cryptocurrency, has moved beyond the criminal underground that has dominated its economy, according to new research from the cryptocurrency surveillance and analysis firm Chainalysis. While bitcoin has since exploded in price and popularity, the share of bitcoin transactions sent to dark net markets dropped to less than 1 percent in 2017. In 2012, a total of 30 percent of bitcoin transactions were sent to dark net markets, according to Chainalysis, signifying that criminal activity was an enormous part of the cryptocurrency economy. However, the total value of dark web market transactions in 2017 increased to $660 million. Dark web markets are online marketplaces operating on anonymizing networks like Tor or I2P. Operating like a combination of eBay and Amazon, the markets offer an array of illegal contraband, like drugs, guns or malware. The biggest drops in bitcoin-related transactions occurred when law enforcement was able to shut down popular dark web marketplaces. In 2013, […]

The post Here’s another sign that criminals are breaking away from bitcoin appeared first on Cyberscoop.

Continue reading Here’s another sign that criminals are breaking away from bitcoin