After tracking the wallet transactions for a while, researchers at Advanced Intelligence and HYAS have estimated that Ryuk ransomware has made at least $150 million in ransom payments to date. They also detailed that the threat group is using two famous crypto exchanges to cash out their earned Bitcoins.
Ryuk Gang Uses Binance and Huobi
Ryuk ransomware is one of the prominent threat groups targeting companies all over the world, with the main focus on healthcare services. The malware group is one that uses the double-extortion strategy of stealing sensitive data before encrypting the targetโs systems.
This would help them force victims into paying the ransom better than just asking them to pay with a note. Since leaking the stolen data degrades the victimโs image, theyโre more likely to pay the ransom, and this method has worked to date. Now, itโs estimated that the Ryuk ransomware group may have made over $150 million from this strategy.
Also Read- Hackers Stole More Than $40 Billion in Cryptocurrency Data Breach
This was reported by two security firms โ Advanced Intelligence and HYAS, where the researchers have tracked the Bitcoins being poured into Ryuk groupโs wallets, which were then cashed out through legitimate platforms. Overall, the researchers have pointed out about 65 wallets belonging to Ryuk ransomware.
They also explained that the ransom payment made by victims wasnโt directly deposited into Ryuk groupโs, but will first be welcomed into a brokerโs wallet, and then to Ryukโs. These payments were then transferred to a Bitcoin mixer, a specialized service to mask the transaction paths, and make it harder for snoopers to decode the sources.
Also Read- Ryuk Ransomware is Found Responsible for the Hack on New Orleans City
Later, theyโd be brought into cryptocurrency exchanges by the intermediaries (Bitcoin mixers) through a well-crafted circuit, to cash out into fiat currencies. Researchers said the Ryuk group has been using two major exchanges โ Binance and Huobi for converting their ransom Bitcoins into desired currencies.
Also, itโs said that Ryuk deposited their Bitcoins into not just popular exchanges, but also the small ones in hefty terms. One of the largest ransoms being tracked to Ryukโs wallet is worth 365 Bitcoins, valuing over $5 million.