AccordingChainalysis published Monday a new report that estimated 74% (or more than $400 million US) of ransomware revenue was funneled into wallet addresses with high risk, likely Russian, addresses. Three key features were used to determine Russia’s affiliation with ransomware hackers throughout 2021.

1. Evil Corp, an organization that is based in Russia and has been implicated in a number of breaches; it also claims to have ties with the Russian government.
2. Ransomeware was only programmed against former Soviet countries.
3. Ransomware can cause documents to be shared and announcements made in Russian.

Apart from the selection criteria, web traffic data clearly shows that most extorted funds are being laundered through Russia. Another 13% of funds sent from ransomware addresses to services went to users who were likely in Russia — more than any other region. These ransomware strains infect computers via program exploits, downloading unknown files or other means. The ransomware strains encrypt victim’s files, and then demand payment.BTC) or Monero (XMRTo access the files, send ) to a wallet adress