A new report from TRM Labs reveals that Russian-speaking hackers dominate the ransomware sector, capturing almost 70% of illicit cryptocurrency earnings in 2023.
These groups, including ALPHV/BlackCat and Lockbit, have collectively amassed over $320 million. Lockbit targeted major organizations like Boeing and the UK’s Royal Mail, while BlackCat/ALPHV attacked MGM Resorts and Henry Schein.
The report also highlights that Russian exchange Garantex handled over 80% of sanctioned cryptocurrency transactions, despite facing penalties. This underscores the challenges of regulating illegal crypto activities.
Additionally, cryptocurrencies are increasingly used to evade sanctions, particularly amid the Russia-Ukraine conflict. U.S. authorities have banned several Bitcoin and Ethereum addresses linked to sanction evasion, demonstrating the adaptability of criminals to new technologies.
North Korea remains a significant threat, having stolen $1 billion in Bitcoin in 2023. The report emphasizes the need for stronger international cooperation and regulation to address the growing challenge of crypto-related cybercrime and safeguard global financial systems.
A sophisticated cyberattack targeting Brazil’s central bank reserve accounts has resulted in the theft of over $140 million (R$800 million), much of which was swiftly funneled through cryptocurrency channels.
A malicious open-source project on GitHub disguised as a Solana trading bot has compromised user wallets, according to a July 2, 2025, report by cybersecurity firm SlowMist.
The U.S. Department of Justice has sentenced Dwayne Golden, 57, of Pennsylvania to 97 months in prison for orchestrating a fraudulent crypto investment scheme that stole over $40 million from investors.
The first half of 2025 has become the most damaging six-month period in crypto history, with over $2.1 billion stolen across 75+ separate incidents, according to new data.