Chainalysis Concludes Over 60% of Ransomware Attackers Use Crypto Exchanges for Extracting Stolen Funds
- 64% of ransomware attackers launder their proceeds through crypto exchanges
- Attackers are now focusing on larger companies and users
Chainalysis, a blockchain analytics firm, informed that 64% of ransomware attackers cash out their funds through crypto exchanges. The information was released by the company during a webinar a few days ago.
Ransomware Attackers Cash Out Funds Through Exchanges
Ransomware attacks have expanded around the world by infecting a target (it can be an individual investor or a company) and the attackers demand a ransom payment which can be in virtual currencies. The payment would allow the affected users to recover the data these attackers stole.
Chainalysis explains that 64% of these attackers launder their funds through virtual currency exchanges. The company provides blockchain analytics tools that allow governments and other firms to monitor blockchain transactions and detect illicit activities.
At the moment, the company identified 38 different exchanges that are related to illicit activities. Nonetheless, they didn’t reveal the names of these platforms. Chainalysis identified other cash out strategies that included 12% mixing services, 6% peer-to-peer networks and other through merchant services offered by dar web marketplaces. 9% of the funds remain unspent.
As per the analysis released by the company, ransomware attacks require less complex cash-out networks compared with crypto exchange hacks. In general, large attacks move several millions of dollars and there are several accounts, companies and users following the funds from these accounts.
Ransomware campaigns also involve smaller and discrete sums of money that are multiplied in different addresses and less publicized as those attacks to exchanges and other virtual currency firms and platforms. This allows them to avoid intense and immediate scrutiny.
Furthermore, the company identified that there is a shift in the ransomware threat landscape. In the past, attackers were targeting individuals with small amounts of funds rather than larger investors. Now, things are different. Ransomware attackers are searching for passwords, more sensitive data and companies with larger funds to give.
As reported by Coveware’s Q1 2019 Global Ransomware Marketplace, Bitcoin continues to account for 98% of the crypto payments.