According to a recent report by Chainalysis, around 74% of ransomware revenue in 2021 was linked to attacks associated with Russia. The report highlighted that more than $400 million worth of cryptocurrency was paid to ransomware strains that were highly likely to have Russian affiliations. These connections were determined based on criteria such as the involvement of the Russian-based Evil Corp gang, ransomware strains avoiding countries in the Commonwealth of Independent States, and other characteristics indicating Russian origins.
Furthermore, Chainalysis found that a significant portion of extorted funds from ransomware attacks are laundered through services that cater primarily to Russian users. Approximately 13% of funds sent from ransomware addresses to these services were believed to have gone to users located in Russia, more than any other region. The report also analyzed cryptocurrency businesses in Moscow City, revealing that a substantial amount of illicit funds were received by these firms, with scams, darknet markets, and ransomware extortion payments accounting for a significant portion.
The researchers noted that illicit funds make up a considerable percentage of cryptocurrency received by some of these companies, indicating a potential focus on serving cyber-criminal clientele. Interestingly, over half of the cryptocurrency businesses analyzed were found to operate in the same Moscow City skyscraper, Federation Tower. Despite recent arrests of affiliates of the REvil ransomware gang by Russian authorities, Chainalysis emphasized the need to address the issue of Russian cyber-criminal organizations and their involvement in cryptocurrency-based crime.
The report highlighted positive developments in 2021, including the seizure of funds from ransomware organization DarkSide and the sanctioning of cryptocurrency businesses like Suex and Chatex. Chainalysis also noted a significant increase in the average ransomware payment size over the years, from $25,000 in 2019 to $118,000 in 2021. These findings underscore the ongoing challenges posed by ransomware attacks and the role of Russian actors in the cryptocurrency ecosystem.
In conclusion, the report by Chainalysis sheds light on the prevalence of ransomware attacks associated with Russia, the laundering of illicit funds through cryptocurrency businesses, and the need for continued efforts to combat cyber-criminal activities. Stay tuned for further updates on cybersecurity trends and developments in the cryptocurrency landscape.