Windows 10 21H2 is released, here are the new features
New Rowhammer technique bypasses existing DDR4 memory defenses
WordPress sites are being hacked in fake ransomware attacks
Emotet malware is back and rebuilding its botnet via TrickBot
Most SS7 exploit service providers on dark web are scammers
Russian ransomware gangs start collaborating with Chinese hackers
TikTok phishing threatens to delete influencers’ accounts
Victims of $2 billion BitConnect fraud to get back $57 million
Qualys BrowserCheck
STOPDecrypter
AuroraDecrypter
FilesLockerDecrypter
AdwCleaner
ComboFix
RKill
Junkware Removal Tool
How to remove the PBlock+ adware browser extension
Remove the Toksearches.xyz Search Redirect
Remove the Smashapps.net Search Redirect
Remove the Smashappsearch.com Search Redirect
Remove Security Tool and SecurityTool (Uninstall Guide)
How to remove Antivirus 2009 (Uninstall Instructions)
How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo
How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller
Locky Ransomware Information, Help Guide, and FAQ
CryptoLocker Ransomware Information Guide and FAQ
CryptorBit and HowDecrypt Information Guide and FAQ
CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ
How to make the Start menu full screen in Windows 10
How to install the Microsoft Visual C++ 2015 Runtime
How to open an elevated PowerShell Admin prompt in Windows 10
How to Translate a Web Page in Google Chrome
How to start Windows in Safe Mode
How to remove a Trojan, Virus, Worm, or other Malware
How to show hidden files in Windows 7
How to see hidden files in Windows
eLearning
IT Certification Courses
Gear + Gadgets
Security
washing_machine
Cryptomixers have always been at the epicenter of cybercrime activity, allowing hackers to “clean” cryptocurrency stolen from victims and making it hard for law enforcement to track them.
When threat actors steal cryptocurrency or receive it as a ransom payment, law enforcement or researchers can see what cryptocurrency wallet the funds were sent to.
Mixers allow threat actors to deposit illicitly obtained cryptocurrency and then mix it in a large pool of “random” transactions.
This way, the original crypto gets muddled in a large collection of sums from many different and unknown sources.
When done, the “cleaned” crypto is sent to a different address owned by the threat actors that have not been used before and is unknown to law enforcement. For the use of this service, the cryptomixers take a commission (usually 1-3%) from the mixed cryptocurrency.
There’s a dedicated area of research around the tracing of illicit cryptocurrency transactions, so mixing services need to use secret and robust mixing algorithms, or law enforcement could trace the funds.
Also, these services have to avoid keeping any logs or any piece of information that could help identify users and link them to their assets.
Researchers at Intel471 have explored the cybercrime underground to find which platforms are thought to be the most reliable in eradicating the transactions’ trace, and they found four notable examples.
Today, hackers use four popular cryptomixing services, namely Absolutio, AudiA6, Blender, and Mix-btc.
Except for Mix-btc, all platforms operate on the Tor network to ensure the anonymity and privacy of their users.
They support Bitcoin, Bitcoin Cash, Dash, Ethereum, Ethereum Classic, Litecoin, Monero, and Tether.
Mixers charge either a flat fee or a dynamic fee for using their services. Intel471 explains that “dynamic fee.”
“Some services allow users to choose a “dynamic” service fee, which is most likely done to complicate investigations into illicit cryptocurrency funds by altering the amount being laundered at different stages of the process, making it more difficult to tie the funds to a specific crime or individual,” explains the report by Intel471.
The different fees offered by each of the four mixers are below:
Below you can see the various configurations options threat actors can use on the Absolutio mixing platform.
Absolutio also offers time-delay options to help introduce variations that will help strengthen the anonymization. Also, it promises to wipe all request data after two days.
The service claims that all the coins come from allowed addresses and reputable exchanges and that users won’t get crypto from “shady” sources.
Analysts at Intel471 were able to find a wallet that belongs to Blender and report that between June 2020 and July 2020, it handled cryptocurrency transactions worth $3,400,000.
This indicates the business size of these platforms, which operate in a gray legal area, making tens of thousands of dollars per month, mostly coming from cybercrime activities.
Cryptocurrency mixing isn’t intrinsically illegal and is commonly promoted as a privacy-boosting method.
However, if a mixer is knowingly assisting illegal operations in laundering their illicit proceeds, law enforcement will target them and shut down their operations.
In the past, law enforcement operations shut down the Helix bitcoin mixer for laundering hundreds of millions of dollars of illicit narcotics proceeds. Similarly, the Dutch police seized the BestMixer.io domain after building a case that threat actors used the mixer to launder at least $200 million bitcoin for cybercriminals.
Intel471 also says that some ransomware groups integrated cryptocurrency mixing services directly in their administrative panels.
“The developers behind Avaddon, DarkSide 2.0 (also known as BlackMatter) and REvil likely integrated the BitMix cryptocurrency mixer to facilitate the laundering of ransom payments for program affiliates,” reads the report by Intel471.
As mixers are known to be used by illegal operations, they will continue to be targeted by law enforcement and possibly US sanctions, as we saw with the Chatex and Suex exchanges.
Bitcoin.org hackers steal $17,000 in ‘double your cash’ scam
Russian ransomware gangs start collaborating with Chinese hackers
Victims of $2 billion BitConnect fraud to get back $57 million
Alibaba ECS instances actively hijacked by cryptomining malware
The Week in Ransomware – November 12th 2021 – Targeting REvil
Not a member yet? Register Now
New Microsoft emergency updates fix Windows Server auth issues
High severity BIOS flaws affect numerous Intel processors
To receive periodic updates and news from BleepingComputer, please use the form below.
Terms of Use Privacy PolicyEthics Statement
Copyright @ 2003 – 2021 Bleeping Computer® LLC – All Rights Reserved
Not a member yet? Register Now
Read our posting guidelinese to learn what content is prohibited.

source

You May Also Like

Researchers show that Apple’s CSAM scanning can be fooled easily

HPE says hackers breached Aruba Central using stolen access keyFBI warns of…

Firefox users can't reach Microsoft.com — here's what to do

Microsoft December 2021 Patch Tuesday fixes 6 zero-days, 67 flawsNew ransomware now…

US universities targeted by Office 365 phishing attacks

Grafana fixes zero-day vulnerability after exploits spread over TwitterGoogle disrupts massive Glupteba…

Facebook disrupts operations of seven surveillance-for-hire firms

Microsoft December 2021 Patch Tuesday fixes 6 zero-days, 67 flawsNew ransomware now…