fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

US Sanctions Cryptocurrency Exchange Used By Ransomware Gangs

US Sanctions Cryptocurrency Exchange Used By Ransomware Gangs

The US Treasury Department announced the first-ever sanctions against a cryptocurrency exchange, the Russian-linked Suex, for facilitating ransom transactions for ransomware gangs and helping them evade sanctions.

Suex is registered in the Czech Republic but has no physical presence there. Instead, it operates out of Moscow and St. Petersburg branch offices and other Russian and Middle Eastern locations, according to Chainalysis.

“SUEX has facilitated transactions involving illicit proceeds from at least eight ransomware variants. Analysis of known SUEX transactions shows that over 40% of SUEX’s known transaction history is associated with illicit actors,” the Treasury Department said today.

Also Read: Data Protection Officer Singapore | 10 FAQs

“SUEX is being designated pursuant to Executive Order 13694, as amended, for providing material support to the threat posed by criminal ransomware actors.

“This action is the first sanctions designation against a virtual currency exchange and was executed with assistance from the Federal Bureau of Investigation.”

This move is designed to disrupt the main channel used by ransomware operations to collect ransom payments from their victims, which, as the Treasury added, amounted to over $400 million last year, more than four times when compared to 2019.

By sanctioning crypto exchanges providing ransomware groups with material support, the US hopes to drain their funding and disrupt their operations.

The Treasury’s Office of Foreign Assets Control (OFAC) also issued an advisory today highlighting the “sanctions risks associated with ransomware payments in connection with malicious cyber-enabled activities.”

As Chainalysis also revealed today, since being launched in February 2018, Suex has received more than $481 million in Bitcoin alone, including funds received from cybercriminals:

  • Nearly $13 million from ransomware operators including Ryuk, Conti, Maze, and several others
  • Over $24 million from cryptocurrency scam operators including the fraudsters behind Finiko, a scam that took in over $1 billion worth of cryptocurrency from victims primarily in Russia and Ukraine
  • Over $20 million from darknet markets, primarily the Russia-based Hydra Market
Suex funds received from cybercriminals
Suex funds received from cybercriminals since 2018 (Chainalysis)

Part of a larger effort to disrupt ransomware operations

The Biden administration was expected to issue sanctions this week against cryptocurrrency exchanges, wallets, and traders used by ransomware groups, as Wall Street Journal reported on Friday.

These are not the first sanctions the US government has levied against entities or threat actors associated with ransomware gangs.

Also Read: Practitioner Certificate In Personal Data Protection: Everything You Need To Know

In 2019, the US charged members of the Evil Corp for stealing more than $100 million and them to the Office of Foreign Assets Control (OFAC) sanctions list.

Over the years, Evil Corp was linked to multiple ransomware families, including WastedLockerHadesPhoenix CryptoLocker, and PayLoadBin.

In October, the Treasury also warned that ransomware negotiators might also face civil penalties for facilitating ransom payments to ransomware gangs on its sanctions list.

“Ransomware and cyber-attacks are victimizing businesses large and small across America and are a direct threat to our economy. We will continue to crack down on malicious actors,” Treasury Secretary Janet L. Yellen added today.

“As cyber criminals use increasingly sophisticated methods and technology, we are committed to using the full range of measures, to include sanctions and regulatory tools, to disrupt, deter, and prevent ransomware attacks.”

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us