Binance cleaned over $1M in Ryuk ransomware proceeds: report

Binance accounts may have been used to launder over a million dollars in proceeds from the “Ryuk” ransomware, according to a new research report. The findings confirm that digital asset exchanges have a problem with illicit usage, one they’re not fully equipped to deal with.

An anonymous research team compiled the report, which they showed to Binance and Forbes blogger Billy Bambrough. It sampled 63 transactions worth around US$5.7 million, and found that $1,064,865 in BTC was sent to various addresses before ending up in a Binance wallet, before being traded and cashed out.

Binance responded by noting it is always fighting against money laundering and other malicious activities, describing it as “a never-ending endeavor.” It then pointed out a number of its procedures and detection algorithms used to “flag potentially malicious activities.”

However sophisticated the techniques are, they clearly aren’t enough to prevent criminal groups operating on Binance. According to the report, the Binance account associated with the transactions was still active this month.

Problems with proceeds of criminal activity continue to plague the blockchain and digital asset world (and, it should be said, the “traditional” international banking system). BTC, however, is particularly associated with ransomware as it permits transactions of any size to be sent to a pseudonymous, numbered address. It is also the best-known and most accessible digital asset. Only by performing a forensic analysis of that address’ transactions and associated addresses can investigators hope to find the real-world identities controlling them.

Regulators and law enforcement agencies around the world are well aware of this problem, and are introducing ever-tighter rules (such as the European Union’s AMLD5) to combat it. Exchanges like Binance, and even custodial wallet services, will soon be subject to greater scrutiny.

What is Ryuk?

According to Crowdstrike, Ryuk is a form of ransomware unleashed upon the world by a Russia-based criminal group as part of the WIZARD SPIDER criminal enterprise. First seen in August 2018, Ryuk is similar to the earlier Hermes ransomware and targets mainly large enterprises.

Otherwise it operates in a very similar manner to other ransomware attacks. It encrypts files on the victim’s computer and other hosts on that network, promising decryption and recovery if a BTC ransom is paid. It has spread typically via users clicking links in spam emails, and uses TrickBot to perform its attack on targeted systems.

Why Binance?

As one of the world’s most popular digital asset exchanges, Binance has become a preferred destination for these kinds of activities. It has long been known for its ease of use and sheer number of assets listed—ease which includes accounts that are simple to create.

In jurisdictions where digital-to-fiat trades are permitted, such as Jersey and Kenya, Binance has KYC procedures similar to other exchanges, requiring a new user to submit a valid National ID card, Permanent Residence card or passport. If accepted, users must then validate their residential address. However it does not ask for the often-standard “selfie with ID,” and has lower-level accounts available in non-fiat-trading jurisdictions for registry with only an email address.

It said in 2018 that it had partnered with Know-Your-Customer services provider Refinitiv (a division of Thomson Reuters) and analytics firm Chainalysis to investigate blockchain transactions.

The sheer number of transactions passing through Binance’s system does make it difficult to monitor and flag all criminal activity. However that doesn’t mean blockchain proponents can simply shrug and absolve themselves of responsibility.

Bitcoin BSV strives for a more accountable and auditable blockchain world, one that retains individual privacy but without full anonymity. Full anonymity, like it or not, eventually causes a breakdown of trust and dysfunction in a society, reducing value in an economy rather than creating it. Where crime is easier, criminals and the corrupt will always flock. Accountability is the only feasible solution available, and a public blockchain where everyone is subject to the same rules is preferable to crypto-anarchists promising new ways to pass around them.

New to Bitcoin? Check out CoinGeek’s Bitcoin for Beginners section, the ultimate resource guide to learn more about Bitcoin—as originally envisioned by Satoshi Nakamoto—and blockchain.