A recent survey of Chainalysis, revealed that 74% of all money obtained through ransomware attacks in 2021 ended up with hackers with connections to Russia, which represented 400 million dollars, obtained in ransom requests for information hijacked in this type of attacks.
According to the report, these economic values ended up in groups with “highly probable” links to Russia, and where the same investigations indicate that a good part of money laundering schemes with cryptocurrencies are carried out through companies based in Russia.
Chainalysis further ensures that these connections are not difficult to prove, following the trail of money in the digital wallets of known hacking groups, as well as through public records of transactions provided by the blockchain. According to the consultant, it underlines some characteristics that facilitate the identification of groups of Russian hackers, or with connections to Russia.
BUT: Consulate General of Angola in Lisbon suffers cyberattack, with great loss of documents
One of them is the fact that the ransomware code developed by these groups is designed in such a way as not to cause damage, if it is detected that the victims' computers are in Russia, or in any country of the Commonwealth of Independent States, connected to the country.
In the same investigation, it was also noted that Russian groups stand out for operating through forums in that language, or for their links to Evil Corp, which is believed to be one of the largest cybercrime organizations in the world.
The report proved that, for example, it is estimated that 9,9% of all known Ransomware revenue ends up in the hands of Evil Corp.
The BBC, which shared the results of the study, claims that the exercise done by Chainalysis sought to trace the money back to organizations with obvious links to Russia. As such, it leaves a whole universe of affiliated operations outside this radius, because they rent to these groups the tools used to carry out the attacks, even if they later carry them out independently.
