Almost three quarters of ransomware money went to Russia-linked hackers in 2021, research claims

More than $400m worth of cryptocurrency went to chains linked to Russia, claims research

New research suggests that almost three quarters of money made through ransomware in 2021 went to Russia-linked hackers.

The research carried out by blockchain data platform Chainalysis claims over $400m worth of cryptocurrency went to chains which are "highly likely" to be in some way affiliated with Russia.

It added that an estimated 13 per cent of funds sent from ransomware addresses to services went to users estimated to be in Russia, more than any other region.

Chainalysis says it was able to use blockchain analysis and tracked web traffic data to discover that, after ransomware attacks take place, most of the extorted funds are laundered through services primarily catering to Russian users.

Key themes of the research included ransomware attacks which were carried out by Russia-based Evil Corp, ransomware which avoids targeting those in the Commonwealth of Independent States (CIS) and those which share documents using the Russian language.

Russian-speaking ransomware groups have been blamed for a large number of high-profile cyber-attacks in recent years.

Last year, around 50 of IT management software firm Kaseya's MSP customers and thousands of businesses worldwide were impacted after an attack by the REvil ransomware group on its VSA tool.

Russia-linked Nobelium has also been widely blamed for the SolarWinds attack in 2020 which breached both parts of the US government as well as businesses.