The Cryptocurrency Forensics Solution to OFAC’s $11.5 Billion Ransomware Conundrum

Image for post
Image for post
Image for post
Image for post
Figure 1: The International Economics of RaaS (Ransomware as a Service) by Industry. FireEye Mandiant, 2020

Cryptocurrency Forensics: A More Modern Approach

Image for post
Image for post
Figure 2: Average dwell time of ransomware bitcoin wallets: Locky, WannaCry and Ryuk.
Image for post
Image for post
Image for post
Image for post
Figure 3: Transaction In/Outflow of Ransomware Variants
Image for post
Image for post
Image for post
Image for post
Figure 4: In/Outflow Transactions — Ryuk (Hackers Active on UTC 14:00–23:00. Probably European.)
Image for post
Image for post
Image for post
Image for post
Figure 5: In/Outflow Transactions — Locky (Hackers active UTC 8:00–18:00. Probably European)
Image for post
Image for post
Image for post
Image for post
Figure 6: In/Outflow Transactions — WannaCry (Hackers active UTC 9:00 -16:00. Probably Russian)
Image for post
Image for post
Figure 7: Heatmap of International Ryuk Ransomware Victims. Kaspersky, 2019
Image for post
Image for post
Figure 8: AI-powered Auto-trace of Ransomware Funds Flowing to Exchange

The Evolving Face of Ransomware

Image for post
Image for post
The diverse profiles of 3 ransomware families

Closing Remarks

Blockchain data analytics firm providing security, risk, and compliance solutions.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store