In line with a recent report published, U.S. based blockchain analysis firm named ‘Chainalysis’ revealed that about 64% of the all ransomware attack cash-out plans include the laundering of funds via several cryptocurrency exchanges.
In a ransomware attack, the attacker hacks into the user’s computer system and then demand a ransom payment – mainly in cryptocurrencies. The payment is demanded for the ostensible delivery of a decryptor tool that assist victims recover access to their information.
Chainalysis – that offers ‘blockchain‘ analytics tools that let companies, governments & other law enforcement to monitor blockchain transactions and track suspected illicit activities – claims that around 64% of ransomware attackers launder their dirty funds via cryptocurrency exchanges.
Chainalysis has apparently identified around 38 exchanges – without revealing their names – that directly received funds from an address related to a ransomware attack.
Among several other ransomware cash-out plans analyzed, around 12% use crypto mixing services and 6% use peer-to-peer networks, while others went via merchant services providers or dark-web. About 9% of [ransomware] proceeds reportedly remain un-spend.
The analysis additionally outlined that the ransomware attacks usually involve less advanced cash-out networks as compared with cryptocurrency exchange hacks. Chainalysis added that this is mainly due to the very fact that a hack often involves a major quantity of money, usually attracting high media publicity, and requiring that hackers conceal the flow of funds a lot more robustly.
On the other hand, ransomware campaigns usually involve lesser sums to multiple addresses and are apparently less publicised, thereby avoiding intense, quick scrutiny.
Additionally to cash-out’s, Chainalysis conjointly outlined a shift within the ransomware threat landscape. Previous trends, in line with the firm, had been to conduct wide and shallow attacks – thereby infecting a large number of indeterminate victims and seeking little amounts as a ransom to decrypt files. Recent trends, however, indicate that criminals are shifting to targets with legal and important sensitive information, as well as raising the sum of ransom payment demanded.
As ‘reported‘ earlier, Coveware’s Q1 2019 Global Ransomware Marketplace report outlined that Bitcoin [BTC] continues to account for the lion’s share -around 98% – of total cryptocurrency denominated [ransomware] money. The other report by Chainalysis, found that the avg. sum demanded had hiked by around 89% from a median $6,733 USD in Q4 last year to $12,762 USD in Q1 this year.