Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Chainalysis. Show all posts
Ransomware Threat
2024 cyber crimes Chainalysis Coveware CVE CVE vulnerability Cyber Security Ransomware attack Ransomware Threat

Drop in ransomware payment, 2024 Q1 sees a record low of 28%

 

Ransomware actors have encountered a rocky start in 2024, as indicated by statistics from cybersecurity firm Coveware. Companies are increasingly refusing to acquiesce to extortion demands, resulting in a record low of only 28% of companies paying ransom in the first quarter of the year. This figure marks a notable decrease from the 29% reported in the previous quarter of 2023. Coveware's data underscores a consistent trend since early 2019, showing a diminishing rate of ransom payments. 

The decline in ransom payments can be attributed to several factors. Organizations are implementing more sophisticated protective measures to fortify their defenses against ransomware attacks. Additionally, mounting legal pressure discourages companies from capitulating to cybercriminals' financial demands. Moreover, ransomware operators frequently breach promises not to disclose or sell stolen data even after receiving payment, further eroding trust in the extortion process. 

Despite the decrease in the payment rate, the overall amount paid to ransomware actors has surged to unprecedented levels. According to a report by Chainalysis, ransomware payments reached a staggering $1.1 billion in the previous year. This surge in payments is fueled by ransomware gangs targeting a larger number of organizations and demanding higher ransom amounts to prevent the exposure of stolen data and provide victims with decryption keys. 

In the first quarter of 2024, Coveware reports a significant 32% quarter-over-quarter drop in the average ransom payment, which now stands at $381,980. Conversely, the median ransom payment has seen a 25% quarter-over-quarter increase, reaching $250,000. This simultaneous decrease in the average and rise in the median ransom payments suggest a shift towards more moderate ransom demands, with fewer high-value targets succumbing to extortion. Examining the initial infiltration methods used by ransomware operators reveals a rising number of cases where the method is unknown, accounting for nearly half of all reported cases in the first quarter of 2024. 

Among the identified methods, remote access and vulnerability exploitation play a significant role, with certain CVE flaws being widely exploited by ransomware operators. The recent disruption of the LockBit operation by the FBI has had a profound impact on the ransomware landscape, reflected in Coveware's attack statistics. This law enforcement action has not only disrupted major ransomware gangs but has also led to payment disputes and exit scams, such as those witnessed with BlackCat/ALPHV. 

 Furthermore, these law enforcement operations have eroded the confidence of ransomware affiliates in ransomware-as-a-service (RaaS) operators, prompting many affiliates to operate independently. Some affiliates have even opted to exit cybercrime altogether, fearing the increased risk of legal consequences and the potential loss of income. Amidst these developments, one ransomware strain stands out as particularly active: Akira. 

This strain has remained the most active ransomware in terms of attacks launched in the first quarter of the year, maintaining its position for nine consecutive months. According to the FBI, Akira is responsible for breaches in at least 250 organizations and has amassed $42 million in ransom payments. Implementing robust protective measures, staying informed about emerging threats, and fostering collaboration with law enforcement agencies are essential strategies for mitigating the risks posed by ransomware attacks and safeguarding sensitive data from malicious actors.
Read more »
User Privacy
Bitcoin Chainalysis Critical Data Cyber Security Data Privacy Encryption Financial Institutions Law Enforcement User Privacy

Investigating Chainalysis Data Reliability in Cryptocurrency Cases

 

Chainalysis has been a key player in bitcoin investigations in recent years, giving financial institutions and law enforcement authorities vital information and insights. But as its impact expands, concerns regarding the veracity and reliability of the information it offers have surfaced.

The scrutiny over Chainalysis data was thrust into the spotlight by the recent 'Bitcoin Fog' case, which raised concerns about the reliance on Chainalysis in criminal investigations. Critics argue that the reliance on a single source for such critical information may lead to potential biases or inaccuracies. Bloomberg's report on the case highlights the complexities surrounding the use of Chainalysis in legal proceedings, emphasizing the need for a nuanced understanding of the data it provides.

One of the primary concerns regarding Chainalysis data is its potential impact on privacy and civil liberties. As blockchain analysis becomes more prevalent, there are fears that innocent individuals may be caught in the crossfire of investigations. The delicate balance between effective law enforcement and protecting individual rights remains a key challenge.

Chainalysis, however, defends its practices and emphasizes its commitment to transparency and accuracy. In a recent blog post, the company provided insights into its methodology and highlighted its efforts to continuously improve the quality of the data it delivers. Michael Gronager, CEO of Chainalysis, affirmed, "We understand the weight of responsibility that comes with providing data for legal proceedings, and we take every measure to ensure its reliability."

Experts in the field also weigh in on the matter. Dr. Sarah Hopkins, a leading blockchain analyst, commented, "While Chainalysis has undoubtedly been a game-changer in tracking illicit activities, it's essential to remember that it's just one piece of the puzzle. It should be used in conjunction with other investigative techniques to ensure a comprehensive understanding of the situation."

The controversy about Chainalysis data's dependability serves as a reminder of how bitcoin research is changing. Despite the fact that it has frequently been useful, it is crucial to view its conclusions critically. The techniques and equipment used to research cryptocurrencies must change as technology improves and the market itself develops. In this quickly evolving industry, a multifaceted strategy that balances privacy concerns with the requirement for efficient law enforcement is still crucial.
Read more »
TRM Labs
Chainalysis cryptocurrency Cryptocurrency Breach Cyber Attacks FBI North Korea Hackers Nuclear Programme TRM Labs

North Korean Hackers Steal Crypto to Fund ‘Nuclear Weapon Program’


North Korea based hackers have reportedly carried out another attack, stealing hundreds of millions in crypto in order to fund their regime’s ‘nuclear weapon program.’

According to blockchain intelligence company TRM Labs, almost 20% of all cryptocurrency stolen this year, equivalent to $200 millions in US Dollars, has been taken by hackers connected to North Korea between January and August 18.

The TRM Labs, in a discussion with North Korea experts, in June, stated, “In recent years, there has been a marked rise in the size and scale of cyberattacks against cryptocurrency-related businesses by North Korea. This has coincided with an apparent acceleration in the country’s nuclear and ballistic missile programs,”

In the aforementioned discussion, TRM Labs also emphasized the way there has been a shift away from North Korea's "traditional revenue-generating activities" — a sign that the government may be "increasingly turning to cyber attacks to fund its weapons proliferation activity."

In another comment on the issue, blockchain analytics firm Chainalysis noted in their February issue that “most experts agree the North Korean government is using these stolen assets to fund its nuclear weapons programs.”

On the other hand, CNBC's request for a comment on the matter from the North Korean regime's diplomatic mission to the UN – the Permanent Mission of North Korea in New York – was denied.

The Democratic People's Republic of Korea, or North Korea officially known as the DPRK, has been subject to numerous sanctions by the UN since its first nuclear test in 2006, owing to its development of nuclear and ballistic missile technology.

The goal of these sanctions behind bans on North Korea’s financial services, minerals, metals and artillery is to limit Korea’s access to these sources and funds it will need to execute their nuclear activities. 

The FBI only recently alerted cryptocurrency firms that hackers with ties to North Korea intend to "cash out" $40 million in cryptocurrency.

In January, the federal agency also noted that it continues to “identify and disrupt North Korea’s theft and laundering of virtual currency, which is used to support North Korea’s ballistic missile and Weapons of Mass Destruction programs.”

In regards to the issue, intelligence analyst at blockchain analytics firm TRM Labs Nick Carlsen said, “They are under pretty serious economic stress with international sanctions. They need every dollar they can. And this is just obviously a much more efficient way for North Korea to make money.”

“Even if that dollar stolen in crypto doesn’t directly go towards the purchase of some component for the nuclear program, it frees up another dollar to support the regime and its programs,” he added.  

Read more »
Hackers
Bankrupt Chainalysis Crypto Currency Cyber Attacks Cybersecurity Hackers

The Cryptocurrency Was Stolen by Hackers Last Year to the Tune of $4 Billion.

 

In the past year, a blockchain analytics firm that tracks cybercrime detected a record $3.8 billion worth of cryptocurrency stolen by hackers extensively, primarily from North Korea. As per a report published last week by researchers at Chainalysis, 2022 will be seen as one of the biggest years ever in terms of cryptocurrency hacking. The company reported a $2 billion increase in thefts from the $3.3 billion stated in 2021, according to its report. A confidential United Nations report published on Monday revealed that North Korea had stolen more digital assets in 2016 than it had in any previous year. 

There was a period when U.S. investors poured millions of dollars into Bitcoin, Ether, and Dogecoin. As a result, they were hoping that the Coronavirus pandemic would result in a fortune. It should be noted, however, that some investors on platforms with poor cybersecurity instead lost their digital wallets by being victimized by hackers, which made their investments worthless.  

Cybercriminals in North Korea stole $1.7 billion in cryptocurrency in 2022, shattering their yearly record for the highest number of cryptocurrencies stolen in a given year. This is according to a Chainalysis report published earlier this month. 

North Korea's total exports in 2020 were $142 million. Therefore, it's fair to assume that cryptocurrency hacking is a significant economic component of the country. This is because it represents a notable portion of the economy, the researchers commented. 

Crypto industry regulators have renewed their calls for regulation by calling for more regulation in the wake of more investors losing money in crypto. After FTX Trading, the third largest crypto platform collapsed and declared bankruptcy in November, scrutiny of the industry increased even more due to this unexpected failure. 

As Cryptocurrency Hacking trends tend to ebb and flow, Chainalysis estimates the number of crypto hacks will peak between March and October of 2022. During October, there were 32 attacks totaling $775.7 million due to cryptocurrency hacks. According to the report, this is the biggest single month for cryptocurrency hacking ever.  

As a result of hackers' activities, decentralized finance platforms, or DeFis, were targeted for 82% of all stolen funds across the world last year, Chainalysis reported. Usually, criminals operate in the crypto space when investors and operators are actively transferring funds from a single blockchain to another through a so-called cross-chain bridge.  

A cross-chain bridge owned by Binance was hacked in October, and $586 million in crypto was stolen from it. This was the biggest hack of October in terms of crypto theft. There have been some security issues at the company that led to the hack, but they managed to minimize the damage.  

According to David Schwed, the chief operating officer of Halborn, a blockchain security firm based in New York, some crypto companies do not prioritize security over other aspects of their business, allowing bad actors to exploit DeFi platforms.  


As Schwed stated in Chainalysis' report, for a complicated protocol to be secure, the security team should consist of 10 to 15 people. Each person should have their area of expertise. There is no clear demand for better security among the DeFi community - they often want to switch over to protocols that offer high returns but the incentives are liable to lead to problems down the road.
Read more »
Subscribe to: Posts (Atom)