Over $1M in Ryuk Ransomware Bitcoin Was 'Cashed Out' on Binance: Report
Researchers reportedly traced bitcoin sent as payments to Ryuk ransomware controllers and found a good portion passed through Binance.
Researchers have traced millions of dollars' worth of bitcoin sent as payments to Ryuk ransomware controllers and found a good portion passed through the Binance exchange platform.
- In a document seen by Forbes and covered in a report Sunday, the anonymous researchers said they had analyzed a sample of 63 bitcoin transactions linked to the Ryuk malware that were worth around $5,700,000 in total.
- Of these, "over $1 million [in bitcoin] was sent from the hacking team wallets to the Binance exchange platform to cash out their ransom payments," they said.
- Ryuk, like other ransomware variants, locks up infected computers using encryption and demands a payment (normally in crypto) to release the files.
- Ryuk is said to have raked in $61 million in the two years since it was let loose on the world, Forbes said.
- Looking at 13 other bitcoin addresses linked to Ryuk, the researchers also found some of the total $1,064,865 in bitcoin held there also passed through Binance.
- The remainder of the bitcoin traced, some $4.7 million worth, was found to be held on non-exchange wallets – a suggestion that the malware's operators favor Binance, according to the report.
- Binance has been provided the research findings, Forbes said.
- The exchange said in the report it prioritizes ensuring "the safety of our customers and the integrity of the broader crypto space," though spotting such illicit activity is "not always black and white."
- Binance also analyzed the Ryuk bitcoin flows and reportedly found that 400 bitcoin went to Huobi, a Singapore-based exchange, and 140 BTC moved through a now-closed Thailand-based exchange.
Also read: Bitcoin’s Ransomware Problem Won’t Go Away
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.
Learn more about Consensus 2024, CoinDesk’s longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.