fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Ryuk Ransomware Bitcoin Wallets Point To $150 Million Operation

Ryuk Ransomware Bitcoin Wallets Point To $150 Million Operation

Security researchers following the money circuit from Ryuk ransomware victims into the threat actor’s pockets estimate that the criminal organization made at least $150 million.

They found that Ryuk operators primarily use two legitimate cryptocurrency exchanges to cash out the Bitcoin from paying victims as fiat money.

Ryuk’s money circuit

Threat intelligence companies Advanced Intelligence and HYAS tracked 61 Bitcoin wallets attributed to the Ryuk malware enterprise and discovered that the cryptocurrency moves from an intermediary to Huobi and Binance exchanges.

When a Ryuk victim pays the ransom, the money reaches a broker that passes it to the malware operators. The money then goes through a laundering service before getting to legitimate cryptocurrency exchanges or being used to pay for criminal services on underground markets.

Also Read: Personal Data Websites: 3 Things That You Must Be Informed

“In addition to Huobi and Binance, which are large and well-established exchanges, there are significant flows of crypto currency to a collection of addresses that are too small to be an established exchange and probably represent a crime service that exchanges the cryptocurrency for local currency or another digital currency,” the researchers explain.

One of the largest transactions involving a Ryuk wallet found during this investigation was above $5 million (365 bitcoins), the researchers said in their report. This is not the highest ransom paid to Ryuk, though.

In a previous report, Advanced Intelligence said that the largest payment confirmedto these attackers was 2,200 BTC, which converted to $34 million at the time. The average ransom value received by the group is 48 bitcoins.

Escaping ID verification

Cashing out the ransom money in fiat currency is not a simple process but Ryuk set up a circuit that allows them to handle millions despite security researchers and law enforcement keeping a close eye on the operation.

The conversion from cryptocurrency is essential in identifying the criminals because reputable exchanges require personal documents before transferring the money to a bank account.

However, it is unclear how strict this verification is in the case of Huobi and Binance.

Ryuk ransomware has been active for more than two years and left behind a long list of victims. It is a tight enterprise that leaves little clues about its actions and profits.

Attacks from this threat actor focused mostly on organizations in the healthcare sector come November 2020, adding to the pressure from the pandemic. In the third quarter last year, the attackers were hitting, on average, 20 companies every week.

Considering the actor’s reputation of a tough negotiator that does not budge an inch regardless of the victim’s profile or financial difficulties, the $150 million revenue estimation is likely conservative. Obviously, the entire operation comes with some costs.

Also Read: PDPA For Companies: Compliance Guide For Singapore Business

Another highly profitable ransomware gang is REvil (Sodinokibi), who announced through a public-facing representative that they made $100 million in one year from extorting victims. They said that the goal was to make $2 billion.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us