Ukranian Police Arrest Cybercriminals Laundering Ransomware Money

Ukrainian flag infront of parliament house

Ukrainian police, with the help from cryptocurrency exchange Binance, have taken down a money laundering racket worth $42 million. Three cybercriminals were arrested who were laundering cryptocurrencies for ransomware gangs.

The Case’s Details

Today Ukrainian police announced the arrest in June of a 3-person money laundering gang operating from Ukraine’s Poltava region. The gang had been operating since 2018 and ran 20 cryptocurrency exchanges used to launder cryptocurrencies for criminal groups. Over the last two years, the gang allegedly laundered more than $42 million in funds originating mainly from ransomware attacks.

The gang allegedly advertised its services in criminal forums on the dark web. As part of their services, the gang offered to convert cryptocurrency earned through criminal activities into fiat. Fiat is a term used to mean real-world currency. The gang is also accused of collaborating with cybercriminal groups running malware operations and ransomware attacks. Furthermore, it is believed the gang carried out their own ransomware attacks.

During a raid of the gang’s premises, the police seized more than $200,000 worth of computer equipment. Digital evidence of the gang’s criminal activities was unearthed on the seized equipment. Also discovered at the premises were weapons, ammunitions and cash. If found guilty, the gang face up to 8 years imprisonment.

How were the Money Launderers Identified?

Binance, a cryptocurrency exchange, started investigating suspect cryptocurrency exchangers earlier in the year because of their negative effect on the cryptocurrency industry. “Fighting money laundering, ransomware, and other malicious activity is of critical importance to the well-being of the [cryptocurrency] community and industry growth,” Binance said.

To this end, Binance started an internal investigative project named “Bulletproof Exchanger”. The project’s aims are to unearth malicious activity in the cryptocurrency industry and identify possible bad actors. Individuals on the project then work with authorities to have suspects arrested and their businesses shutdown.

To help identify possible bad actors, Binance built a database containing data such as DNS records, user data, open-source intelligence feeds, police requests and blockchain analytics. Once the database had enough data, Binance then partnered with TRM Labs to have the data analysed. TRM Labs is a US blockchain analysis firm specializing in fraud detection.

The Arrests

The database’s data was correlated against suspicious activity on Binance’s own cryptocurrency exchange platform. The company’s use of big data techniques threw up the gang as being perpetrators of possible fraudulent activities.

“For this particular group, the strength of the signals which their accounts were eliciting gave us high confidence they were involved in nefarious activities and prompted the need for further investigation,” the Binance security team said.

The gang’s identity was then passed on to Ukrainian police. Next, the police conducted their own investigation into the gang’s activities and cryptocurrency exchanges, which culminated in the gang’s arrest.

Who is Binance?

This is not the first time that Binance has helped in police investigations. In September 2019, Binance helped the UK police in a $51 million phishing fraud. So, who is Binance?

Binance is a cryptocurrency exchange with a platform for trading various cryptocurrencies such as Bitcoin, its own BNB cryptocurrency, Ethereum, Ripple and Litecoin. Despite its own shady beginnings, today Binance is the largest cryptocurrency exchange in the world in terms of trading volume.

The company was founded by Changpeng Zhao, a Chinese Canadian developer, and it was initially headquartered in China. However, the company later moved out of China to Japan due to China’s increasing regulation of cryptocurrency. Today the company’s head office is in Malta and has offices in Taiwan, Singapore, Jersey, Bermuda and Uganda.

Information technology expert
Grace is an information technology expert who joined the VPNoverview team in 2019, writing cybersecurity and internet privacy-based news articles. Due to her IT background in legal firms, these subjects have always been of great interest to her.