Recently, Binance Security has been taking part in an international investigation with Ukraine Cyber Police, Cyber Bureau of Korean National Police Agency, US Law Enforcement, Spanish Civil Guard, and Swiss Federal Office of Police, among others, in apprehending a prolific cybercriminal ring.
The group -- also known as FANCYCAT -- has been running multiple criminal activities: distributing cyber attacks, operating a high-risk exchanger, and laundering money from dark web operations and high-profile cyber attacks such as Cl0p and Petya ransomware. In all, FANCYCAT is responsible for over USD 500 million worth of damages in connection with ransomware and millions more from other cybercrimes.
The company and its collaborators in this process applied a two-pronged approach to the FANCYCAT investigation: their AML detection and analytics program detected suspicious activity on Binance.com and expanded the suspect cluster. Once they mapped out the complete suspect network, they worked with private sector chain analytics companies TRM Labs and Crystal (BitFury) to analyse on-chain activity and gain a better understanding of this group and its attribution.
Based on the analysis they found that this specific group was not only associated with laundering Cl0p attack funds, but also with Petya and other illegally sourced funds. This led to the identification and eventual arrest of FANCYCAT.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now