Colonial Pipeline Ransomware Recovery On June 7, 2021, the US Department of Justice announced that they had seized 63.69 BTC of the 75 BTC ransom Colonial Pipeline had paid to DarkSide. This ransom recovery is the first undertaken by the recently created DOJ Ransomware and Digital Extortion Task Force. While the FBI was able to…
CipherTrace provides critical cryptocurrency intelligence to the Ransomware Task Force to trace the criminal actors that perpetuate this threat. Ransomware not only impacts individuals; it also targets healthcare, education and even tech giants like Apple. Ransomware continues to plague both the public and private sectors around the globe, but too often we in the cybersecurity industry find ourselves trying to… Read more
In a December 9 CipherTrace-ACFCS Webinar on “How Cryptocurrency Intelligence Tipped the Scales in 2020 Sanctions Evasion,” over 500 attendees from various Financial Institutions were asked if they felt confident detecting cryptocurrency related payments flowing through their institutions and/or investigations. Over three-quarters—78.2%—of attendees responded that they do not feel confident in detecting crypto-related payments flowing…
According to the US Department of Treasury, since 2013 there has been a consistent decrease in reported bulk cash seizures by agencies throughout the United States. This could be indicative of increased cryptocurrency use by criminals in favor of cash. The lack of cash seizure for known cash intensive activities should be an automatic red flag for…
On August 3, cybersecurity firm McAfee released new researching showing the activities of NetWalker—ransomware that has collected more than 2,795 bitcoin by operating a ransomware-as-a-service (RaaS) model. Using CipherTrace Inspector, McAfee was able to trace through NetWalker ransomware transactions to follow the coins and uncover intelligence on the revenue-sharing scheme that helped proliferate the malware to make it as profitable as possible. A contributing factor to NetWalker’s success was the utilization… Read more
On January 30, the Office of the Comptroller of the Currency (OCC) issued the first cryptocurrency-related enforcement action against a U.S. bank—M.Y. Safra Bank (MYSB), which is headquartered in New York City. The enforcement action consisted of a cease and desist order that was wholly focused on deficient anti-money laundering (AML) practices for compliance and…
If you travel a lot – especially during January 2020, which was National Slavery and Human Trafficking Prevention Month – you likely saw ads exhorting you to look out for evidence of human trafficking and report what you see to the authorities. Ads like these are great for raising general awareness of the very real…
CIPHERTRACE GLOBAL ALERT: New Phishing Attack Claims to Have Webcam Video of Victims Performing Embarrassing Act – Asks for Ransom in Bitcoin Global Alert, December 11, 2019: In early December 2019, CipherTrace researchers received multiple reports of a new strain of phishing extortion. These “sextortion” emails attempt to fool recipients into believing that the scammer…