FinCEN, the U.S. Treasury Department that collects and analyzes financial transaction information to combat domestic and international money laundering, terrorist financing and other financial crimes, combines more than $ 5 billion in BTC transactions with the most common ransomware variants.
The organization said in a report released last week that the average total suspected monthly volume of ransomware transactions was $ 66.4 million during the first two quarters of 2021. FinCEN also determined that the most commonly used cryptocurrency associated with these activities was BTC.
FinCen report on ransomware attacks
FinCEN, the US financial crime network, has found that more than $ 5 billion in BTC transactions have been linked to payments to the top ten most popular variants of ransomware. These findings were published by the institution in report entitled “Ransomware Trends in the Bank Secrecy Act Data Between January 2021 and June 2021”, which summarizes ransomware activity during the first two quarters of the year.
The report, which examines ransomware trends and their critical impact on infrastructure, states that 635 attacks and 458 transactions were reported as of June. We will be surprised at the total number of incidents that will be reported during the whole of 2021, because it is already more than in the whole of last year. One of the best-known incidents is the attack on the Colonial Pipeline, which caused a shortage of gas throughout the country.
The report also found that BTC was the most widely used cryptocurrency for ransomware-related transactions. FinCen stated that during the period under review, the vast majority of payments related to these incidents were requested in BTC. However, there has also been a smaller increase in payments made with Monero, a privacy-focused cryptocurrency.
Another interesting finding is that most of the funds raised through these activities have been channeled to known entities, such as exchanges, and that techniques such as “Chain Hopping” have been used, which involves exchanging one cryptocurrency for another to prevent detection by the authority. The use of mixers is also becoming more common.
Defi applications have also been used to convert some of these currencies into others for exchange on other, more liquid exchanges. FinCEN identified ransomware-related resources that were sent indirectly to addresses associated with open protocols for use in defi applications.
The institution recommended that organizations quickly report suspicious activity when a ransomware attack occurs and integrate intrusion detection systems into their cyber protection mechanisms.