The sanctions imposed on Russia have forced the cybercrime community in the country to look for alternative options in laundering their illegally-gained money, especially since authorities have also shut down many dark web marketplaces.
The Russian threat operators have sought workable solutions to withdraw their profit despite the limited options due to the ongoing Russian-Ukraine war.
The bank sanctions, including the SWIFT payments blocking, had disrupted threat actors with their regular profit streams. Aside from blocking SWIFT, the government also suspended several money transfer services like MoneyGram and Western Union, which hackers utilise to receive payments from their fraudulent activities.
Furthermore, the notorious dark web Hydra marketplace shutdown had also crippled a massive profit for many Russian cybercriminals. The US also sanctioned a cryptocurrency trading platform that the hackers utilise in money laundering, called the Garantex. Many coin mining operations were also included in Russia’s sanctions.
And recently, the largest cryptocurrency exchange platform, Binance, had decided to ban Russians from transacting and investing in the platform following the country’s invasion of Ukraine.
The Russian hackers opted for Chinese payment systems for money laundering.
Several Chinese banks and payment systems, such as Union Pay, have become the threat actors’ other option to continue their money-laundering operations despite the US sanctions. However, recent reports revealed that Union Pay had also ceased its services to Russian clients, causing the hackers to lose another alternative.
Nonetheless, these hackers are eager to find a viable solution to laundering their illicit profits, such as engaging with money launderers that offer routes from banks in Armenia, Vietnam, and China that are still not sanctioned by the government.
Since the options to launder their money are being constrained day by day, the hackers had to think of a long-term approach to handle the situation. Some begin to invest in gold, while others keep their crypto assets in cold wallets and wait until the situation improves.
Security experts believe that the lower-tier hacking groups are the most impacted circle in this situation since they are less capable of handling the problem. On the other hand, bigger and more sophisticated threat groups could still find ways to launder their profits from their private channels and operate continuously.