Crypto fraud, sadly, is running rampant throughout the digital space, and according to a new report, popular crypto exchange Binance – arguably the biggest cryptocurrency trading platform by daily volume – has seemingly been associated with a common form of ransomware known as Ryuk.
Binance Is a Central Hub for Ryuk Enforcers
Ryuk has been around since 2018. Per data from the FBI, the ransomware may be responsible for a minimum of $61 million in theft since it first emerged roughly two years ago. Ryuk works by encrypting people’s data and making it inaccessible to the original owners. It then demands a bitcoin or cryptocurrency ransom if they’re wishing to regain access to their documents or information.
Ryuk has been highly active during the coronavirus and has been targeting many hospitals and health organizations since the start of the pandemic. It locks up their networks and makes doctors and staff members fork over bitcoin in exchange for access. It looks like many of the hackers responsible for utilizing Ryuk may be transferring the money they get from their victims to accounts through Binance, where they are then turning the money into fiat currency.
As much as $1 million in bitcoin ransoms have made their way into the Binance platform. The money has been spread out over several different accounts, making it hard to track and pinpoint. Researchers examining the situation state in their report:
Out of the 63 sampled transactions worth around $5,700,000, it was found that over $1 million was sent from the hacking team wallets to the Binance exchange platform to cash out their ransom payments. 13 other bitcoin addresses associated with Ryuk containing a total of $1,064,865 followed a similar pattern. All were sent from the hackers’ wallets to several other addresses and eventually to Binance, enabling them to cash out their ransom payments.
Much of the stolen funds are still being held in other locations, though the heavy amount sent to Binance suggests that the crypto platform is still the primary choice for many Ryuk enforcers.
No Easy Way to Keep Things Straight
In a statement, Binance explained:
Fighting money laundering, ransomware and other malicious activities is a never-ending endeavor at Binance. It is our top priority to ensure the safety of our customers and the integrity of the broader crypto space. Unfortunately, when it comes to tracking illicit activity on-chain, attribution is not always black and white. The recipient may be completely unaware of the fraudulent source of the transaction… If you clamp down with policies and procedures to try and slow these bad actors, it negatively affects all the innocent users. [There’s] no easy answer.
Meanwhile, several other cryptocurrency exchanges have been linked to ransomware payments, including Huobi and the now defunct BX Thailand. Binance also helped authorities in the Ukraine take down a large ransomware ring.