DHS tracks down $ 4.3 billion ransomware payments

An official report from Homeland Security Investigations (HSI) released on October 4, 2024, reveals that department officials have tracked and recovered nearly $4.3 billion in cryptocurrency payments related to ransomware crimes over the past three years.

The Department of Homeland Security (DHS) has also successfully blocked more than 537 ransomware attacks since its establishment in 2021, according to insights from Mike Prado, the Deputy Assistant Director of Homeland Security.

Tracking blockchain transactions involving cryptocurrencies like Bitcoin and Monero has traditionally been challenging. However, as ransomware activities have increased, law enforcement agencies, in collaboration with technology firms, have developed advanced methods for tracing these digital payments. This progress has allowed HSI to recover billions in payments, offering hope to victims that their stolen funds can be reclaimed if they provide the necessary information to the cyber divisions of law enforcement.

Chainalysis, which monitors cryptocurrency flows linked to cybercrime, reports that nearly $1 billion in ransomware payments were made in crypto in 2023, with a projected 2% increase for 2024.

While cybercriminals are continually innovating their tactics, such as employing double or triple extortion strategies, they are facing greater difficulties as security and tech agencies implement proactive measures. These include establishing monitoring nodes in various countries to oversee payments linked to blacklisted states and criminal networks, ensuring that any significant transactions undergo further scrutiny.

With web traffic under constant surveillance, it has become increasingly difficult for criminals to profit from their schemes. As a result, they have begun demanding larger ransoms and targeting the same victims multiple times within a year if vulnerabilities are not addressed after an initial attack.

In related news, the Australian Department of Foreign Affairs and Trade, the UK’s Foreign, Commonwealth and Development Office, and the US Treasury have sanctioned Evil Corp, a notorious cybercrime group responsible for stealing over $100 million from banks and financial institutions in just one year through the BitPaymer ransomware. Evil Corp is believed to be a Russian-speaking gang linked to LockBit ransomware, with several of its operators arrested in the recent Operation Cronos campaign led by Europol.

Ad
Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display