How Hackers Cash Out Thousands of Bitcoins Received in Ransomware AttacksDefensive Cyber Security

Begin Learning Cyber Security for FREE Now!

Already a Member Login Here

Home Forums Cyber Security Defensive Cyber Security How Hackers Cash Out Thousands of Bitcoins Received in Ransomware Attacks

This topic contains 1 reply, has 2 voices, and was last updated by  odin00 1 year, 7 months ago.

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
  • #97284

    MD Khurshid Alam

    How Hackers Cash Out Thousands of Bitcoins Received in Ransomware Attacks
    Thursday, July 27, 2017
    3707 1536 15 6178
    Digital currencies have emerged as a favourite tool for hackers and cyber criminals, as digital currency transactions are nearly anonymous, allowing cyber criminals to use it in underground markets for illegal trading, and to receive thousands of dollars in ransomware attacks—WannaCry, Petya, LeakerLocker, Locky and Cerber to name a few.
    Also, every other day we hear about some incidents of hacking of crypto currency exchange or digital wallets, in which hackers stole millions of dollars in Bitcoin or Ethereum.
    The latest back-to-back series of thefts of Ethereum—one of the most popular and increasingly valuable cryptocurrencies—in which around half a billion dollars in total were stolen is the recent example of how much hackers are after crypto currencies.
    It’s obvious that after ripping off hundreds of thousands of cryptocurrencies from exchanges, wallets and ransomware victims, cyber criminals would not hold them in just digital form—the next step is to cash them out into real-world money.
    But how do they cash out without getting caught by law enforcement?
    If you are unaware, there are some crypto currency exchanges involved in money laundering, who are illegally-operating to help hackers and cyber criminals easily cash out their digital currencies without identifying them, i.e. anonymously.
    According to a recent research paper presented by three Google researchers, more than 95% of all Bitcoin payments collected from ransomware victims have been cashed out via a Russian cryptocurrency exchange, called BTC-e, since 2014.
    Interestingly, just two days before Google presentation, one of the founders of BTC-e exchange, Alexander Vinnik, was arrested by Greek police on charges of laundering over $4 Billion in Bitcoin for culprits.
    “We uncover the cash-out points, tracking how the money exits the Bitcoin network, enabling the authorities to pick up the money trail using conventional financial tracing means,” the trio researchers, Luca Invernizzi, Kylie McRoberts and Elie Bursztein said.
    Key Points — Tracking Ransomware Payments
    The researchers followed the step-by-step money trail and got a look at the evolving ecosystem of ransomware families, which already helped make cyber-thieves at least $25 Million in the last two years.
    Most Damaging Ransomware Families: According to the research, two families of ransomware strain helped hackers made most of the money — Locky and Cerber — while other variants are also starting to emerge.
    Criminals looted In Millions: Locky has been the overall biggest earner for hackers at $7.8 Million and was the first ransomware infection to earn above $1 million a month to date, while Cerber has made $6.9 million to date with consistently making more than $200,000 a month.
    Victim’s Favorite Places to Buy Bitcoins: Obviously, victims also need BTC to pay out criminals, and most victims choose LocalBitcoins, Bithumb, and CoinBase to buy BTC, where 90% victims pay in a single transaction.
    How Criminals Cash Out Cryptocurrency: According to the research, more than 95% of all Bitcoin payments for ransomware were cashed out via BTC-e, a service operational since 2011.
    Criminals Renting Out Botnets: Cybercriminal gangs behind Dridex, Locky and Cerber have taken Necurs botnet—army of compromised machines—on rent to distribute their ransomware infections on a massive scale.
    Google conducted the research in collaboration with the researchers from New York University, University of California San Diego and blockchain analyst firm Chainalysis.
    When talking about BTC-e, the cryptocurrency exchange is believed to have been involved in cashing out Bitcoins stolen from the once-very popular Japanese bitcoin exchange Mt. Gox, which was shut down in 2014 following a massive series of mysterious robberies.



    Nice post , very interesting topic

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge


We recommend always using caution when following any link

Are you sure you want to continue?