Nearly 75% of Stolen Ransomware Crypto Went to Russia in 2021, New Report Finds

Hooded figure at laptop

Image source: Getty Images

Many or all of the products here are from our partners that compensate us. It’s how we make money. But our editorial integrity ensures our experts’ opinions aren’t influenced by compensation. Terms may apply to offers listed on this page.

While Russia seems poised to attack Ukraine at any moment, new Chainalysis research finds Russia was linked to the majority of crypto ransomware attacks last year.

Key points

  • With tens of thousands of troops currently arrayed along the Ukraine border, Russia seems to be threatening invasion of that Eastern Bloc country.
  • A new report finds that Russia was linked to the majority of crypto ransomware invasions, siphoning the equivalent of $400 million in stolen funds to illicit addresses in that country.

Tensions remain high along the Ukraine border as more than 100,000 Russian troops, with missiles, military equipment, and other supplies, continue to intimidate with the threat of invasion of the Eastern Bloc country. That's despite new Russian rhetoric today promising troop withdrawals from the hot zone. However, when it comes to promises from Russian leaders, a healthy degree of skepticism is required.

New report finds Russia at the center of crypto crimes

It appears Russia has strong ties to the majority of crypto hacks and cybercrimes, especially when you consider that 74% of ransomware revenue in 2021 -- over $400 million worth of cryptocurrency -- went to accounts affiliated with the country in some way, according to a new report from cryptocurrency tracking and analytics firm, Chainalysis.

According to the report, Russia has a long history as a haven for hackers due to that country's focus on coding training, computer sciences, and information technology education among students starting in middle and high school. When that training is combined with low economic legitimate job prospects for such skilled workers, many turn to cybercrime and crypto attacks to make a living. Chainalysis states that against such a contextual backdrop, it's not surprising that Russia leads the way in global ransomware.

Not only is Russia a leading ransomware perpetrator, based on the Chainalysis blockchain forensics and web traffic data, once any type of ransomware attack occurs, most of the extorted funds are laundered through services primarily catering to Russian users. The report cites a large concentration of those hackers operate out of the Federation Tower in Moscow City.

The Federation Tower is a two-skyscraper complex in the heart of Moscow City. It's one of the most recognizable and prestigious buildings in all of Russia, and it houses several prominent businesses headquartered there and a thriving cybercrime collective as reported by Bloomberg.

"Nothing is more emblematic of the growth of Russia's crypto crime ecosystem, and of cybercriminals' ability to operate with apparent impunity, than the presence of so many cryptocurrency businesses linked to money laundering in one of the capital city's most notable landmarks," as stated in the Chainalysis report.

Our top crypto play isn't a token - Here’s why

We’ve found one company that’s positioned itself perfectly as a long-term picks-and-shovels solution for the broader crypto market — Bitcoin, Dogecoin, and all the others. In fact, you've probably used this company's technology in the past few days, even if you've never had an account or even heard of the company before. That's how prevalent it's become.

Sign up today for Stock Advisor and get access to our exclusive report where you can get the full scoop on this company and its upside as a long-term investment. Learn more and get started today with a special new member discount.

Get started

Possible changes ahead for Russian crypto

Despite the criminal activity, Russia is a leading country in cryptocurrency adoption, placing 18th overall on the Global Crypto Adoption Index. In January 2022, Russian police arrested 14 associates of the REvil ransomware organization, which seemingly marked an example from authorities that they were cracking down on crypto-related crimes to possibly legitimize digital assets in that country.

However, the Chainalysis report presents a more cynical perspective, citing analysts who assert that the specific REvil crime bust was only an act of placating diplomacy by the Russians to ease U.S. concerns regarding Russia's troop buildup on Ukraine's borders.

In true Russian fashion, cryptocurrencies' regulatory fate is shrouded in ambiguity and doublespeak. On one side there's Russian President Vladimir Putin defending crypto miners as an economic driver of his country's future, while on the opposite side you see the country's national bank demanding a national ban on crypto assets.

Regardless of what Russian leaders say, we must watch what they do. The Chainalysis report aptly summarizes that we can't fully trust their words because as it stands right now, their actions and the research prove that Russian cybercriminal organizations are some of the biggest perpetrators of cryptocurrency-based crime in the world -- especially ransomware. And that's the truth.

Our Research Expert