Ransomware Attacks – A Full-Fledged Enterprise
Blockchain analysis by Chainalysis presents that the amount paid by victims attacked by ransomware got an increase by 311% in the year 2020. The attackers made a minimum of $350 million worth of cryptocurrency. No other crime based on cryptocurrency experienced such a high surge.
Insights on the report by Chainalysis
Ransomware attacks account for more than 40% of all cybersecurity insurance claims. Also, the ransom received from ransomware attacks accounts for almost 7% of all criminal cryptocurrencies.
In the year 2020, the top earnings were made by Maze, Ryuk, NetwalkerDoppelpaymer, Revil, and Contil. In addition to these, others that made high profits include Dharma, Snatch, and Defray777 (RansomExx).
Multiple strains remain active which gives the wrong impression that there is a various distinct batch of attackers. The report suggests that these strains function according to the RaaS or (ransomware-as-a-service) model.
- The fund was laundered through Bitcoin services. Then it was sent to high-risk but legitimate exchange gateways to get it converted into real currency.
- Other methods of payment included exploiting sellers, providers that gave access to bulletproof hosting, and penetration testing services i.e, initial access brokers, as suppliers are involved in ransomware operations.
Money laundering of ransomware attacks focuses majorly on the deposit address level.
- In the year 2020, around 80% of the entire fund was received by 199 deposit addresses. A small group consisting of 25 addresses accounts for 46%.
- Surprisingly this money was used for various other operations other than ransomware attacks.