According to a report by appreciated accountancy company PricewaterhouseCoopers (PwC), the people behind the SamSam ransomware attack are linked to the questionable cryptocurrency exchange WEX (previously BTC-e). The Iranian hacker group is thought to have actually utilized the platform to wash as much as $6 million.
2 of the guys recognized by the United States Department of Justice as being accountable for the SamSam ransomware are Haramarz Shahi Savandi and Mohammad Mehdi Shah Mansouri. PwC determines both having links to WEX. The SamSam attack of which information were released last September is thought to have actually cost an overall of $30 million.
WEX Connected to “Clean-up” of Ransomware Funds
The PwC report states that wrongdoers are progressively favouring smaller sized cryptocurrency exchanges to wash cash utilizing Bitcoin or other digital currencies. It associates this to increased compliance of “understand your client” and anti-money laundering policies at bigger trading locations. It goes on to recommend that decentralised exchanges, such as those being released by Binance and other companies, might be utilized by launderers to avert detection moving forward.
Among the smaller sized exchanges favoured appears to be WEX. 2 of the Iranian nationals connected to the SamSam ransomware attack that struck over 200 institutional targets to the tune of over $30 million are thought to have actually been gotten in touch with the exchange. The PwC compose:
” We recognized this Iranian cash laundering operation as having relate to currency exchange WEX (formerly referred to as BTC-e) … WEX is most significantly understood for its supposed participation in the risk star tracked by PwC as Blue Athena, and being accountable for squandering 95 percent of all ransomware payments made considering that 2014.”
Payment for the release of files secured by ransomware attacks like SamSam and WannaCry is typically required in Bitcoin or another cryptocurrency. This, according to the PwC report is since it is much more secure to negotiate discretely with thanks to its “fundamental decentralised and confidential qualities.”
Although WEX clearly rejects being linked to BTC-e, the 2 share nearly similar designs and the PwC report mentions that all the users accounts from BTC-e were moved over to the WEX platform. BTC-e trading pertained to an abrupt stop in 2017 following the arrest of Alexander Vinnik, the website’s administrator is presumed of being associated with the laundering of around $4 billion.
The PwC mentions that it anticipates to see more examples of the Treasury’s Workplace of Foreign Assets Control openly associating digital currency addresses to people as it made with the Iranian nationals in this case. This, it confesses, might require the wrongdoers to modify techniques in reaction.
In concluding, the PwC used the suggestions for those affected by ransomware like SamSam to not pay the ransom. It mentions that payment simply motivates the attack considering that it shows its financial credibility.
Included Image from Shutterstock.