According to the American blockchain company, Chainalysis, in a large percentage of ransomware attacks, specifically at 64%, money laundering is done through cryptocurrency exchange platforms. Attackers usually infect victims' systems with some malicious software, steal their files and then ask for money to retrieve them. In recent years, more and more often, the attackers are calling for cryptocurrencies. If victims give the money, hackers give them the decryption tool so that users can access their data.
The company discovered 38 exchange platforms, which were used by hackers for ransomware attacks.
Attackers used other services for the same purpose, but to a much lesser extent. However, in these attacks, the hackers make more careful moves and do not steal large amounts, as happens when a crypto exchange platform is violated. This is so, not to attract attention. When there are ransomware attacks and large amounts of known platforms are stolen, the issue is immediately known.
Chainalysis also noticed some changes in ransomware attacks, compared to earlier. Attackers now focus on specific goals, from which they can draw a lot data and higher amounts are requested. Instead, in the past, hackers targeted a large number of victims and asked for small sums to restore the files.