Study Reveals Conti Affiliates Money Laundering Practices

Contrary to the popular notion that ransomware hackers are sophisticated launderers of their stolen money, research shows they use straightforward mechanisms to transfer their bitcoin - allowing researchers to follow their money trail. In a study examining data leaked during the May 2022 collapse of the Conti ransomware as a service group, a researcher at the Catholic University of the Sacred Heart at Milan, analyzed 182 Bitcoin addresses belonging to 56 Conti affiliates. Most often, Conti administrators merely deposited earnings, leaving affiliates to figure out ways to launder their earnings. The affiliated moved a majority all the illicit proceeds, writes doctoral candidate Mirko Nazzari, in a single, direct transaction rather than breaking them down into multiple transactions over time. "This habit is highly insecure because it does not add any obfuscation layers between the illicit proceeds and their criminal origin." Only a sliver - 8% - transacted with a crypto mixer, a service that pools potentially tainted funds and randomly distributes them to destination wallets in a bid to make tracing stolen cryptocurrency hard or impossible.