Key Ransomware Money Laundering Operation Taken Down and Owner Arrested in Greece

Alexander Vinnik, a 38 year old Russian accused of laundering bitcoinMore than 4 Billion Dollars May Have Been Laundered

If you’ve been the victim of a ransomware attack you know cybercrooks almost always demand payment in Bitcoin.

Now we know that the US government believes some of those ransomware payments are alleged to have been laundered through the Bitcoin Exchange BTC-e by Alexander Vinnik (left in picture).

On July 26, a grand jury in the Northern District of California indicted a Russian national, Alexander Vinnik, for allegedly operating an unlicensed money service business, money laundering, and related crimes. The defendant was arrested on July 25th, in a small sea side village in Northern Greece in what was described as multi-national law enforcement effort.

The indictment stated: “Through Vinnik’s efforts, BTC-e emerged as one of the principal means by which cyber criminals around the world laundered the proceeds of their illegal activity. BTC-e facilitated crimes, including computer hacking and ransomware, fraud, identity theft, tax refund schemes public corruption and drug trafficking. Vinnik is also alleged to have received a substantial portion of the criminal proceeds from one of the largest ransomware schemes, CrytoWall."

He now faces charges in the United States. FinCEN, the US department of the Treasury Financial Crimes Enforcement Network assessed BTC-e with a $110 million civil money penalty for willfully violating U.S. anti-money laundering laws. Vinnik was assessed $12 million for his role in the violations.

The Bitcoin Exchange BTC-e, is alleged to have received deposits valued at over $4 Billion. The BTC-e site operations are currently suspended. The indictment further states that BTC-e managing shell corporation, Canton Business Corporation was based in the Seychelles but affiliated with a Russian telephone number and web domains were registered to shell companies in countries including Singapore, The British Virgin Islands, France and New Zealand.

It goes on to say that “numerous withdrawals from BTC-e administrator accounts went directly to Vinnik’s personal bank accounts and further alleges that proceeds from well-known hacks and thefts from bitcoin exchanges were funded through a BTC-e administrator account associated with Vinnik.

“We will hold accountable foreign-located money transmitters, including virtual currency exchangers, that do business in the United States when they willfully violate U.S. AML laws,” said Acting FinCEN Director Jamal El-Hindi. “Today’s action should be a strong deterrent to anyone who thinks that they can facilitate ransomware, dark net drug sales, or conduct other illicit activity using encrypted virtual currency.

Will this stop ransomware dead in its tracks? Doubtful. Organized cybercrime continues to be resourceful, innovative and resolved in their willingness to take huge risks, expecting huge rewards. We will update you as more of the details become known. Full indictment PDF

Does *Your* Antivirus block the latest Ransomware Strains? 

How vulnerable is your network against ransomware attacks??

KnowBe4 has been working hard on something brand new! Bad guys are constantly coming out with new versions of ransomware strains to evade detection. Is your network effective in blocking ransomware when employees fall for social engineering attacks?

KnowBe4’s Ransomware Simulator "RanSim" gives you a quick look at the effectiveness of your existing network protection.
RanSimFalPos.pngHere's how RanSim works:

checkmark 100% harmless simulation of a real ransomware infection

checkmark Does not use any of your own files

checkmark Tests 10 types of infection scenarios

checkmark Just download the install and run it  

checkmark Results in a few minutes! 

RanSim has been downloaded thousands of times and run against dozens of AV products
. The results have been an eye opening experience for many IT pros. 
 NOTE: RanSim was created for Windows-based workstations running Windows 7 or higher.  

Download RanSim Now

Learn More

Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Topics: Ransomware

Subscribe To Our Blog

Phishing Security Test

Recent Posts

Get the latest about social engineering

Subscribe to CyberheistNews