When ransomware gangs get paid, it still needs to be converted to cash. That’s a problem, especially when the average ransomware payment is now just over $36,000. You can’t exactly walk into your bank and up to the Crypto ATM and withdraw tens of thousands of dollars. You need someone to launder that cryptocurrency for you.
That’s what 3 men in the Ukraine did for over two years running over 20 cryptocurrency exchanges. It wasn’t until June of this year, as part of an operation targeting launderers, that Ukrainian authorities identified the cyber gang members and arrested them. This was accomplished with assistance from the Binance cryptocurrency exchange whose “Bulletproof Exchanger” project helped authorities identify large transactions and trace them back to individuals in the real world.
Binance intends to continue this project, working with local authorities to continue to find and arrest cyber-launderers.
Processing $42 million over two years means lots of organizations worldwide were separated from their hard-earned money. Ransomware attacks traditionally use phishing as the initial attack vector, putting organizations at risk if sufficient security is not in place. This should include Security Awareness Training as part of your layered security strategy to thwart attacks that reach the Inbox, propping up a well-trained vigilant user as another impactful layer.