Over $1M in Ryuk Ransomware Bitcoin Was 'Cashed Out' on Binance: Report
Researchers reportedly traced bitcoin sent as payments to Ryuk ransomware controllers and found a good portion passed through Binance.
Updated Aug 19, 2021 at 3:51 a.m. UTC
Researchers have traced millions of dollars' worth of bitcoin sent as payments to Ryuk ransomware controllers and found a good portion passed through the Binance exchange platform.
- In a document seen by Forbes and covered in a report Sunday, the anonymous researchers said they had analyzed a sample of 63 bitcoin transactions linked to the Ryuk malware that were worth around $5,700,000 in total.
- Of these, "over $1 million [in bitcoin] was sent from the hacking team wallets to the Binance exchange platform to cash out their ransom payments," they said.
- Ryuk, like other ransomware variants, locks up infected computers using encryption and demands a payment (normally in crypto) to release the files.
- Ryuk is said to have raked in $61 million in the two years since it was let loose on the world, Forbes said.
- Looking at 13 other bitcoin addresses linked to Ryuk, the researchers also found some of the total $1,064,865 in bitcoin held there also passed through Binance.
- The remainder of the bitcoin traced, some $4.7 million worth, was found to be held on non-exchange wallets – a suggestion that the malware's operators favor Binance, according to the report.
- Binance has been provided the research findings, Forbes said.
- The exchange said in the report it prioritizes ensuring "the safety of our customers and the integrity of the broader crypto space," though spotting such illicit activity is "not always black and white."
- Binance also analyzed the Ryuk bitcoin flows and reportedly found that 400 bitcoin went to Huobi, a Singapore-based exchange, and 140 BTC moved through a now-closed Thailand-based exchange.