DarkSide Ransomware gang starts laundering ill-gotten $7 Million by liquidating Bitcoin assets in ever smaller denominations

DarkSide Ransomware Bitcoin Cryptocurrency Tokens Wallets Multiple
Money Laundering of Bitcoin. Pic credit: Zach Copley/Flickr

The DarkSide Ransomware operators seem to be moving their monetary assets which they acquired through extortion and blackmail. About $7 million worth of Bitcoin tokens is rapidly moving in ever-decreasing denominations, which is a typical money laundering pattern.

Millions of dollars worth of Bitcoin cryptocurrency is on the move in the virtual world, indicated cybersecurity company Profero. The way in which the virtual currency is moving between multiple wallets is identical to the way money laundering takes place.

DarkSide ransomware gang is moving 107 Bitcoin cryptocurrency tokens as Federal agencies tighten their reins:

The DarkSide ransomware gang, operating Ransomware as a Service, and Malware as a Service, seems to be taking its ill-gotten money and running. The operators have been quite successful in vetting, targeting, compromising, and extorting multiple businesses and government services.

The gang shot to infamy after it successfully crippled Colonial Pipeline, the largest fuel pipeline in the United States. It was after this attack that the U.S. government started to aggressively pursue multiple leads and ransomware creators.

Multiple Federal agencies and independent departments are actively capturing illegal digital assets, and even going after malicious code writers on the Dark Web.

Presumably sensing the Feds closing in on them, the DarkSide ransomware gang could be rushing to liquidate its assets. The majority of the ill-gotten funds of the gang are in Bitcoin.

DarkSide gang moving its cryptocurrency assets through multiple wallets in ever-decreasing denominations:

Omri Segev Moyal, the CEO, and co-founder of cybersecurity company Profero, indicated that 107 Bitcoins from a DarkSide wallet are on the move through multiple wallets.

The collective value of the transactions indicates the gang is moving about $7 million. It is not immediately clear if the gang has amassed even more loot.

In a blog post, blockchain analysis company Elliptic revealed how DarkSide’s cryptocurrency flowed through different wallets. The transfers began with 107.8 BTC and while moving through multiple wallets ended with just 38.1 BTC.

Some financial experts indicate this is the same way the money laundering process takes place. The primary intention behind moving money in this way is to hinder tracking. In the case of the DarkSide gang’s transactions, the group seems to be trying to convert its cryptocurrency to fiat money.

Incidentally, the Colonial Pipeline hack might be the one that got the group notoriety. However, the group couldn’t keep the assets from the attack for long.

Previous reports indicate Colonial Pipeline paid the 75 BTC (around $5 million at the time) ransom. But the Department of Justice indicated that Federal agencies were successful in recovering 63.7 BTC.

Notify of
Inline Feedbacks
View all comments
Would love your thoughts, please comment.x