On Tuesday, 6 February 2023, Denis Mihaqlovic Dubnikov, a Russian national, admitted to the charges of laundering money obtained from cyberattacks conducted by the Ryuk ransomware group over a three-year period. Dubnikov, a former crypto-exchange executive and the co-founder of Coyote Crypto and Eggchange crypto trading platforms, was arrested in Amsterdam in November 2021 and extradited to the United States in August 2022. If convicted, he could face up to 20 years in prison, three years of supervised release, and a fine of up to $500,000. Dubnikov was part of a money laundering group with 13 other individuals from August 2018 to August 2021. They received profits from Ryuk ransomware attacks on people and organizations from the United States and other countries. The money laundering group, including Dubnikov, used various financial transactions, including international ones, to conceal the origin, location, and identity of those who received the ransom payments. After a ransom was paid by a victim in bitcoin private wallets, the sum was split into smaller amounts and transferred to other private wallets. Hundreds of private wallets were used for this scheme, each connected with thousands of public keys. Then the ransom was once again transferred from the wallets to cryptocurrency exchange accounts and converted into Tether, other cryptocurrencies, or fiat currency. The final step was that the exchanged ransom was sent to other accounts where it was turned into fiat currency using Over the Counter services. The Bitcoin transferred to Dubnikov was directly sourced from the ransom paid by an American company. Dubnikov changed the Bitcoin to Tether and sent it to a second co-conspirator, who eventually exchanged it for Chinese Renminbi. Ryuk ransomware group was a ransomware-as-a-service operation that ran from August 2018 to the middle of 2020. Then the group switched to Conti ransomware, which was shut down in May 2022. If you enjoyed this article, follow us on LinkedIn, Twitter, Facebook, YouTube, and Instagram for more cybersecurity news and topics. If you liked this post, you will enjoy our newsletter. Get cybersecurity updates you'll actually want to read directly in your inbox.
This Cyber News was published on heimdalsecurity.com. Publication date: Wed, 08 Feb 2023 11:20:02 +0000