Wednesday, September 22, 2021

The place do all these cybercrime funds go? – Bare Safety

Here on Naked Security, we’ve regularly asked the question, or at least implied it: “Where do you think all those cybercrime payments go?

When a ransomware victim hands over a largely anonymous, mostly untraceable quantity of Bitcoin, for example, to pay off a multi-million dollar blackmail demand in the hope of recovering their unusable files…

…what happens to that money?

The question, as posed above, is a rhetorical one, given that we can all hazard our own guesses about what the criminals do with the money.

But we have confronted that question quite literally on various occasions before, as we did when several suspects were arrested in Ukraine, allegedly in connection with ransomware attacks attributed to a gang known as “Clop”.

In that case, it seems as though at least some of the money went on fancy cars.

Police videos of those busts show impressive collections of car keyfobs being gathered up in evidence, and numerous flash-looking cars being loaded onto recovery vehicles and confiscated.