June 15, 2023Ravi LakshmananCryptocurrency/ransomware

Ransomware attackers and cryptocurrency scammers have joined nation-state actors abusing cloud mining services to launder digital assets, new research reveals.

“Cryptocurrency mining is an important part of our industry, but it has a special appeal to bad actors as it provides a way to obtain funds from a completely clean on-chain original source,” says Blockchain Analysis. The company Chainalysis said Said In a report shared with The Hacker News.

Earlier this March, Google Mandiant reported that North Korea-based APT43 was using hash rental and cloud mining services to hide forensic tracks and launder stolen cryptocurrencies “clean.” clarified.

cyber security

cloud mining service It allows users to rent computer systems and use their hashing power to mine cryptocurrencies without having to manage their own mining hardware.

However, state-state hacking groups aren’t the only real users of such services, according to Chainalysis.

In one instance the company highlighted, mining pools and wallets associated with ransomware attackers were used to transfer funds to “highly active deposit addresses” on anonymous mainstream cryptocurrency exchanges.

This includes $19.1 million from four ransomware wallet addresses and $14.1 million from three mining pools, with the majority of the funds channeled through a network of intermediary wallets and pools.

Cloud mining for cryptocurrency laundering

“In this scenario, mining pools work similarly to mixers in that they obfuscate the origin of the funds and create the illusion that the funds are mining revenue rather than ransomware,” Chainalysis said. It pointed out.

In a sign that this trend is gaining momentum, the cumulative value of assets transferred from ransomware wallets through mining pools to exchanges has increased from less than $10,000 in Q1 2018 to $10,000 in Q1 2023. It skyrocketed to almost $50 million.

upcoming webinars

🔐 Mastering API Security: Understanding Your True Attack Surface

Discover untapped vulnerabilities in your API ecosystem and take proactive steps towards ironclad security. Join us for an insightful webinar!

join the session

That’s not all. Since January 2018, 372 exchange deposit addresses have been found to have received at least $1 million worth of cryptocurrency from mining pools and random amounts from ransomware his addresses.

“Overall, this data suggests that mining pools may play a key role in the money laundering strategies of many ransomware attackers,” Chainalysis said.

Mining pools have also been incorporated into scammer tactics such as: bit club networkBTC, a cryptocurrency exchange founded to facilitate the laundering of illegal Bitcoin earnings and money stolen in the Russian-based Bitcoin mining operation and the infamous Mt Gox hack. It turned out that I had mixed up the assets received from -e.

“Cryptocurrency scammers and money launderers acting on their behalf also use mining pools as part of the money laundering process,” the company said. “Deposit Address [with receipts of at least $1 million worth of crypto from mining pools] Since 2018, it has received just under $1.1 billion in cryptocurrency from scam-related addresses. ”

Did you enjoy this article? Follow us twitter and LinkedIn To read more of the exclusive content we post.



Register now for our membership to gain access to our elite training program and fast forward your career today!


Subscribe my Newsletter for new blog posts, tips & new photos. Let's stay updated!

Security Blog

Blue Training Academy

Blue Training Academy was developed in 2018 as a educational and training facility for continuing education and certification courses. Blue Training Academy is an educational institution that allows for all sectors of the public and Criminal Justice field to gain ongoing training and education.

Copyright ©️ All rights reserved. | Blue Training Academy Blog