Sign In

Communications of the ACM

ACM TechNews

Blockchain Transactions Confirm Murky, Interconnected Ransomware Scene


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
A representation of cybercrime groups meeting to cooperate.

Blockchain investigations firm Chainalysis has found that cybercrime groups engaging in ransomware attacks often switch ransomware suppliers in a search for better profits.

Credit: Geralt/Pixabay

A study by blockchain investigations firm Chainalysis verified that cybercrime gangs often switch ransomware-as-a-service suppliers as they seek better profits.

The modern ransomware ecosystem consists of coders who create and rent out ransomware, sometimes to anyone who subscribes, or to verified clients (affiliates) who typically spread the malware or launch attacks on networks; sometimes affiliates are themselves multiple gangs, executing specialized operations.

Chainalysis confirmed this interconnected landscape using cryptographic traces of bitcoin transactions among the ransomware groups.

The researchers found evidence of affiliates waging multiple ransomware attacks, while the operators of several campaigns used the same services to launder the stolen funds.

Chainalysis said this could actually benefit law enforcement, because "the evidence suggests that the ransomware world is smaller than one may initially think, given the number of unique strains currently operating."

From ZDNet
View Full Article

 

Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA


 

No entries found