News

FinCEN Tied $ 5.2 Billion Transactions to Ransomware Operations

The Financial Crimes Investigation Unit under the US Treasury Department, also known as FinCEN, reported about $ 5.2 billion in ransomware transactions in cryptocurrency.

FinCEN representatives write that this number was obtained after analyzing 2,184 suspicious activity reports filed by US financial institutions over the past decade (from January 1, 2011 to June 30, 2021). While the reports initially identified $ 1.56 billion in suspicious activity, a subsequent study of the ten most common ransomware programs found additional transactions worth about $ 5.2 billion, attributable exclusively to these hack groups.

In total, FinCEN experts identified 177 CVC (“Convertible Virtual Currency”) wallet addresses that were used for payments related to encryptors.

Although the FinCEN report also contains data on fairly old attacks, most of the investigation focused on the first half of 2021 and analysis of the latest trends. The results of this analysis are the following:

  1. in the first half of 2021, financial institutions filed 635 reports of strange activity related to suspected ransomware activities;
  2. reports mention 458 suspicious transactions worth $ 590 million;
  3. the indicators for the first half of 2021 exceed the indicators for the entire 2020 as a whole, which clearly indicates an increase in the activity of ransomware;
  4. average monthly ransomware transactions in 2021 totalled $ 102.3 million, as
    FinCEN detected 68 different variants of such malware active in the first half of 2021;
  5. in the first half of 2021, the most common malware samples were REvil / Sodinokibi, Conti, DarkSide, Avaddon, and Phobos.

Also, FinCEN analysts note several trends in the field of money laundering operations using ransomware. Among them:

  1. using anonymous cryptocurrencies such as Monero;
  2. refusal to reuse wallets so that information security companies cannot identify and track transactions;
  3. using the chain hopping technique to exchange funds for other cryptocurrencies;
  4. cashing out funds on centralized exchanges;
  5. use of mixing services and decentralized exchanges to convert revenue.
The FinCEN report was released shortly after the US Treasury Department announced that it would impose sanctions on any entity that assists ransomware operators in laundering their proceeds. In addition, earlier this week in the United States ended a two-day meeting of representatives of 30 countries, which discussed the fight against ransomware. In particular, the meeting participants agreed that it is necessary to fight against cryptocurrency exchangers, which turn a blind eye to the illegality of what is happening and help criminals to launder and cash out profits.

Let me remind you that we also talked about the fact that The US government has warned agencies about cybersecurity risks for years.

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)
Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Recent Posts

Remove Pbmsoultions pop-up ads (Virus Removal Guide)

Pbmsoultions.com is a domain that tries to trick you into clik to its browser notifications…

1 day ago

Remove Prizestash pop-up ads (Virus Removal Guide)

Prizestash.com is a site that tries to trick you into subscribing to its browser notifications…

1 day ago

Remove Verifiedbreaking pop-up ads (Virus Removal Guide)

Verifiedbreaking.com is a domain that tries to force you into subscribing to its browser notifications…

1 day ago

Remove Themoneyminutes pop-up ads (Virus Removal Guide)

Themoneyminutes.com is a domain that tries to force you into subscribing to its browser notifications…

1 day ago

Remove News-xcidizi pop-up ads (Virus Removal Guide)

News-xcidizi.com is a domain that tries to trick you into clik to its browser notifications…

1 day ago

Remove Everytraffic-flow pop-up ads (Virus Removal Guide)

Everytraffic-flow.com is a domain that tries to trick you into subscribing to its browser notifications…

1 day ago