A Russian nationwide on February 7, 2023, pleaded responsible within the U.S. to cash laundering prices and for making an attempt to hide the supply of funds obtained in reference to Ryuk ransomware assaults.
Denis Mihaqlovic Dubnikov, 30, was arrested in Amsterdam in November 2021 earlier than he was extradited from the Netherlands in August 2022. He’s awaiting sentencing on April 11, 2023.
“Between not less than August 2018 and August 2021, Dubnikov and his co-conspirators laundered the proceeds of Ryuk ransomware assaults on people and organizations all through the US and overseas,” the Division of Justice (DoJ) stated.
Dubnikov and his accomplices are stated to have engaged in varied felony schemes designed to obscure the path of the ill-gotten proceeds.
In accordance with DoJ, a piece of the 250 Bitcoin ransom paid by a U.S. firm in July 2019 after a Ryuk assault was despatched to Dubnikov in alternate for about $400,000. The crypto was subsequently transformed to Tether and transferred to a co-conspirator, who then exchanged it for the Chinese language Renminbi.
In all, the events concerned within the felony enterprise are estimated to have laundered not less than $150 million in ransom funds.
Dubnikov can be the co-founder of Coyote Crypto and Eggchange, with the latter headquartered in Federation Tower East (or Vostok), a supertall skyscraper identified to harbor a number of cryptocurrency companies with ties to cash laundering related to ransomware operations.
In accordance with Chainalysis, Eggchange acquired over $34 million value of cryptocurrency from darknet markets, scams, fraud retailers, and ransomware operators between 2019 and 2021.
Ryuk, which first emerged on the menace panorama in 2018, is attributed to a menace actor tracked as Wizard Spider and has compromised governments, academia, healthcare, manufacturing, and expertise organizations worldwide.
Usually delivered by way of first-stage malware akin to TrickBot or BazarBackdoor, Ryuk can be a predecessor to the Conti ransomware, which shuttered its operations in Could 2022 and splintered into smaller models.
