According to a recent report by TRM Labs, the illicit use of cryptocurrency for ransomware, drug sales, and sanction evasion was prevalent in Russia in 2023. Russian-speaking ransomware groups alone were responsible for over 69% of all crypto proceeds from ransomware attacks, totaling more than $500 million. These groups, such as Lockbit and ALPHV/Black Cat, dominated the ransomware landscape, with Lockbit’s criminal activities being compromised by the U.K. National Crime Agency in February.
In addition, Russian-language darknet markets were found to account for a staggering 95% of all crypto-denominated illicit drug sales on the dark web in 2023. This highlights the significant role that Russian-speaking threat actors play in various illegal activities involving cryptocurrency.
Moreover, despite restrictions imposed on Russia-based exchange Garantex due to the war in Ukraine, the exchange still managed to receive 82% of crypto volumes from sanctioned entities internationally. This indicates the challenges faced by regulatory authorities in monitoring and controlling the flow of cryptocurrency in the face of geopolitical tensions and conflicts.
The report also mentioned that North Korea continues to be a major player in the world of hacking, having stolen nearly $1 billion in cryptocurrency in 2023. This highlights the global nature of cyber threats and the need for enhanced cybersecurity measures to protect against such attacks.
Overall, the findings of the report shed light on the significant role played by Russian-speaking groups in crypto-related illicit activities, as well as the challenges faced by regulatory authorities in addressing these issues. As the use of cryptocurrency continues to evolve, it is crucial for governments and law enforcement agencies to work together to combat cybercrime and protect the integrity of the financial system.