A new report says Russian hackers are responsible for most ransomware attacks involving cryptocurrencies.
The report by TRM Labs says that Russia-based groups were responsible for nearly 70% of all crypto proceeds obtained through ransomware attacks last year.
In 2023, more than $500 million U.S. worth of cryptocurrencies were obtained through ransomware, a type of malware that prevents people from accessing a computer or other electronic device until a sum of money, or ransom, is paid.
The two largest ransomware operators in 2023 were Lockbit and ALPHV/Black Cat, both Russian groups.
Additionally, TRM Labs says that Russian exchange Garantex accounted for 82% of cryptocurrency volumes associated with sanctioned entities globally.
It has been widely reported that Russia has been relying on cryptocurrencies to evade economic sanctions that were imposed on the country after its 2022 invasion of Ukraine.
Russian groups are also reportedly using cryptocurrencies to facilitate illicit drug and arms sales on the dark web, the internet’s equivalent of a black market.
Despite Russia’s involvement in ransomware attacks, TRM Labs says that North Korea remains the world’s leader when it comes to hacking and stealing cryptocurrencies.
In 2023, North Korean hackers stole nearly $1 billion U.S. worth of cryptocurrency through various means, according to the report.