A Russian countrywide on February 7, 2023, pleaded guilty in the U.S. to funds laundering expenses and for making an attempt to conceal the resource of money received in relationship with Ryuk ransomware attacks.
Denis Mihaqlovic Dubnikov, 30, was arrested in Amsterdam in November 2021 just before he was extradited from the Netherlands in August 2022. He is awaiting sentencing on April 11, 2023.
“Concerning at least August 2018 and August 2021, Dubnikov and his co-conspirators laundered the proceeds of Ryuk ransomware attacks on people and organizations all over the United States and abroad,” the Office of Justice (DoJ) said.
Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).
➤ Get Mullvad VPN with 12% Discount
Dubnikov and his accomplices are stated to have engaged in a variety of felony techniques developed to obscure the trail of the unwell-gotten proceeds.
In accordance to DoJ, a chunk of the 250 Bitcoin ransom paid out by a U.S. organization in July 2019 right after a Ryuk attack was despatched to Dubnikov in exchange for about $400,000. The crypto was subsequently converted to Tether and transferred to a co-conspirator, who then exchanged it for the Chinese Renminbi.
In all, the functions included in the criminal business are believed to have laundered at minimum $150 million in ransom payments.
Dubnikov is also the co-founder of Coyote Crypto and Eggchange, with the latter headquartered in Federation Tower East (or Vostok), a supertall skyscraper regarded to harbor numerous cryptocurrency firms with ties to money laundering linked with ransomware operations.
According to Chainalysis, Eggchange been given above $34 million worthy of of cryptocurrency from darknet markets, cons, fraud stores, and ransomware operators amongst 2019 and 2021.
Ryuk, which first emerged on the danger landscape in 2018, is attributed to a menace actor tracked as Wizard Spider and has compromised governments, academia, healthcare, producing, and technology organizations.
Usually sent as a result of very first-phase malware these kinds of as TrickBot or BazarBackdoor, Ryuk is also a precursor to the Conti ransomware, which shuttered its operations in May well 2022 and splintered into lesser models.
Discovered this write-up attention-grabbing? Abide by us on Twitter and LinkedIn to examine additional exclusive material we write-up.
Some components of this article are sourced from: