Chainalysis acquires cybercrime investigative firm Excygent in fight against ransomware attacks

Published at: Oct. 6, 2021

Blockchain analytics firm Chainalysis has purchased cybercrime investigative company Excygent for an undisclosed amount, hinting that the two will continue to work together to help “dismantle ransomware operations.”

In a Tuesday announcement, Chainalysis CEO Michael Gronager said the firm had collaborated with Excygent on the seizure of cryptocurrency connected to the now-defunct darknet market Silk Road, shutting down a major child abuse website, disrupting campaigns related to the financing of terrorism and other projects. Gronager said staff from Excygent would join the firm’s Investigations and Special Programs team to support investigations of thecryptocurrency used in cybercrimes.

“Following the flow of ransomware payments on the blockchain is instrumental for law enforcement to understand and dismantle ransomware operations,” Gronager said to Cointelegraph. “As paradoxical as it seems, it can actually be beneficial to investigators when bad actors choose to use cryptocurrency when committing crimes.”

The CEO cited Chainalysis’ contribution to the investigation of cybercrimes involving NetWalker, a ransomware operator who allegedly targeted hospitals during the pandemic and collected more than $25 million from ransom payments in 2020. In addition, the company looked into Russia-based business Suex OTC, recently targeted by the U.S. Treasury Department for allegedly allowing hackers to access cryptocurrency sent as payment for ransomware attacks. Chainalysis claimed that “tens of millions" worth of crypto payments from Suex’s funds came from addresses associated with different cybercrimes.

“Cryptocurrency is transparent, and with the right tools and the right talent, we can weed out bad actors and build a safer financial ecosystem,” said Gronager.

Related: US Senator Warren introduces bill to study crypto’s role in ransomware

Chainalysis has grown significantly in the last year, receiving support from both the United States government and the private sector. In June, the company reached a $4.2 billion valuation following a $100 million funding round led by global investment manager Coatue.

Tags
Related Posts
Chainalysis exec touts blockchain analysis to Senate homeland security committee
The collection and processing of information was a major theme at the United States Senate Committee on Homeland Security and Governmental Affairs (HSGAC) hearing titled, “Rising Threats: Ransomware Attacks and Ransom Payments Enabled by Cryptocurrency” on Tuesday. The committee hosted a panel of private-sector experts who discussed the problem of ransomware attacks and the challenges of collecting and using the information necessary to fight them. Committee chair Gary Peters of Michigan, who introduced the Strengthening American Cybersecurity Act in February, said the government lacks sufficient data even to understand the scope of the threat posed by ransomware attacks. Attackers almost …
Regulation / June 7, 2022
Aussie cyber spies to control critical infrastructure during ransomware attacks
Australia’s top cyber spies are set to gain greater powers in the event of ransomware or other cyber attacks on critical infrastructure. The Australian Signals Directorate (ASD), a government agency in charge of cyber warfare and information security, would be able to take over control of critical infrastructure — including energy, communications and banking systems — under new legislation introduced into Parliament. The legislation even includes health care and grocery businesses under the definition of critical infrastructure and imposes new positive security obligations. For ASD operatives to provide assistance, operators from the affected infrastructure would have to report a serious …
Adoption / Oct. 20, 2021
Don’t blame crypto for ransomware
Recently, gas has been a hot topic in the news. In the crypto media, it’s been about Ethereum miner’s fees. In the mainstream media, it’s been about good old-fashioned gasoline, including a short-term lack thereof along the East Coast, thanks to an alleged DarkSide ransomware attack on the Colonial Pipeline system, which provides 45% of the East Coast’s supply of diesel, gasoline and jet fuel. In cases of ransomware, we generally see a typical cycle repeat: Initially, the focus is on the attack, the root cause, the fallout and steps organizations can take to avoid attacks in the future. Then, …
Technology / May 30, 2021
Hackers Stole and Encrypted Data of 5 U.S. Law Firms, Demand 2 Crypto Ransoms
Hackers compromised five United States law firms and demanded two 100 Bitcoin (BTC) (over $933,000 at press time) ransoms from each firm: one to restore access to the data, one to delete their copy instead of selling it. According to data shared with Cointelegraph by cybersecurity firm Emsisoft, the hacker group — called Maze — already started publishing part of the data stolen from the aforementioned firms. Two of the five law firms were hacked within the 24 hours leading to Feb. 1. The hackers published the data on two websites that were shared with the author of this article, …
Bitcoin / Feb. 3, 2020
Using Ransomware, Hackers Steal and Publish Medical Data of Firm Researching Coronavirus
Black hat hacker group Maze has infected the infrastructure of a firm researching the coronavirus with ransomware, managing to steal and publish sensitive data. The hack of medical information Cybersecurity firm Emsisoft told Cointelegraph on March 23 that Maze group’s hackers compromised United Kingdom medical firm Hammersmith Medicines Research. The published data includes sensitive data on medical test volunteers such as id documents like passports, medical background and details of the tests. Emsisoft threat analyst Brett Callow said: “[The data] is on the clear web where it can be accessed by anybody with an internet connection. [...] The criminals almost …
Bitcoin / March 23, 2020