Chainalysis: 64% of Ransomware Attackers Launder Proceeds via Crypto Exchanges

United States-based blockchain intelligence firm Chainalysis claims that 64% of ransomware attack cash-out strategies involve the laundering of funds via cryptocurrency exchanges.

A ransomware attack involves the infection of a target with malware and the demand of a ransom payment - frequently denominated in cryptocurrencies.

Chainalysis - which provides blockchain analytics tools that enable firms, governments and law enforcement to monitor blockchain transactions and track suspected illicit activities - claims that 64% of ransomware attackers launder their ill-gotten funds via crypto exchanges.

Chainalysis has ostensibly identified 38 exchanges - without disclosing their names - that directly received funds from an address associated with a ransomware attack.

Among other ransomware cash-out strategies analyzed, 12% involved mixing services and 6% involved peer-to-peer networks, while others went via merchant services providers or dark web marketplaces.

9% of ransomware proceeds reportedly remain unspent.

The analysis also noted that ransomware attacks typically involve less complex cash-out networks as compared with crypto exchange hacks.

By contrast, ransomware campaigns typically involve smaller discrete sums to multiple addresses and are ostensibly less publicized, thereby avoiding intense, immediate scrutiny.

In addition to cash-out strategies, Chainalysis also identified a shift in the ransomware threat landscape.

As recently reported, Coveware's Q1 2019 Global Ransomware Marketplace report revealed that bitcoin continues to account for the lion's share - 98% - of crypto-denominated ransomware payments.