New analysis suggests that 74% of all money made through ransomware attacks in 2021 went to Russia-linked hackers.
Researchers say more than $400 million worth of crypto-currency payments went to groups “highly likely to be affiliated with Russia”.
Russia has denied accusations that it is harbouring cyber-criminals.
Researchers also claim “a huge amount of crypto-currency-based money laundering” goes through Russian crypto-companies.
Chainalysis, which carried out the research, said it was able to follow the flow of money to and from the digital wallets of known hacking groups using public blockchain transaction records.
Analysts say they know which hacking groups are Russian because they display various characteristics, for example: code is written to prevent it from damaging files if it detects the victim’s computers are located in Russia or a CIS country, the gang operates in Russian on Russian-speaking forums.
The research is further evidence that many cyber-criminal groups operate either in Russia or in the surrounding Commonwealth of Independent States (CIS) an intergovernmental organization of Russian-speaking, former Soviet countries.
However, the report only looks at the flow of money to cyber-criminal gang leaders, and many run affiliate operations, essentially renting out the tools needed to launch attacks to others, so it’s not known where the individual hackers who work for the big gangs are from.