Russian-Speaking Groups Dominate Crypto-Related Cybercrime 🚨
Russian-speaking threat actors have become a “ubiquitous force” in international crypto crime as per a new report.
Russian-speaking threat actors who come from former Soviet Union are the primary drivers of various types of crypto-related cybercrime, including ransomware, illegal crypto exchanges, and darknet markets, according to the latest report by TRM Labs.
In fact, ransomware groups that speak Russian were also found to be responsible for at least 69% of all ransomware earnings in 2023, totaling over $500 million.
Russian-Speaking Threat Actors Dominate
In its latest report, prominent crypto research firm TRM Labs revealed that the two largest operators of the year, Lockbit and ALPHV/Black Cat – both Russian-speaking – generated a combined revenue of at least $320 million from their attacks.
Moreover, Russian-language darknet markets (DNMs) account for 95% of all dark web drug sales conducted in crypto across the world. These DNMs are multi-vendor platforms that facilitate the global trade of illegal drugs. As a well-established form of transnational organized crime, DNMs integrate anonymization networks, crypto, and encryption technologies.
TRM Labs’ said that the top three largest Russian-language DNMs processed $1.4 billion in crypto in 2023, which is about 33% higher than in 2022. In comparison, the entire Western DNM ecosystem managed less than $100 million in 2023, around 20% less than in 2022.
Garantex Dominates Sanctioned Crypto Transactions
Garantex, a Russia-based crypto exchange sanctioned by OFAC in April 2022, handled 82% of the crypto volumes associated with all sanctioned entities globally in 2023. This included exchanges and individuals under US and international sanctions.
The report also observed that at least $85 million has been sent to wallets linked to Russian and Chinese entities involved in the manufacturing, transport, and sale of military and dual-use equipment and components since 2021.