Investigations | August 13, 2024

FBI warns against BlackSuit ransomware group

by the Crystal Marketing Team

This week, we bring you the most recent updates and developments in crypto compliance and investigations.

FBI and CISA issue urgent BlackSuit ransomware cyberthreat advisory

The FBI and the Cybersecurity and Infrastructure Security Agency issued a joint Cybersecurity Advisory about BlackSuit ransomware on August 7, 2024, noting that the criminal group had been active since July 2024.  

The advisory is the second update on the Royal Ransomware criminal group, first identified in March 2023. The two law enforcement agencies warn that the group has rebranded itself as Blacksuit, and its activities are once again a threat. 

BlackSuit exfiltrates data before encrypting systems and demands ransom in Bitcoin ranging from $1 million to $10 million. If unpaid, victim data is published on a leak site. Phishing emails are a primary attack vector, and once inside a network, BlackSuit disables antivirus software. The ransomware has amassed over $500 million in demands, the single largest of which was for $60 million, with some victims receiving direct communication from criminals to negotiate payments. 

Read more on cisa.gov.

 White-hat hackers return Ronin’s $12m in stolen crypto

Hackers returned $12 million to the Ronin gaming blockchain after exploiting an undocumented vulnerability in the bridge, a key component of the network.  

The hackers, acting as white-hats, discovered the exploit and reported it, prompting Ronin to pause the bridge for 40 minutes. The incident involved the withdrawal of 4,000 ETH and 2 million USDC, totaling $12 million, the maximum allowed in a single transaction.  

Ronin thanked the white-hats and offered them a $500,000 bounty. This follows Ronin’s 2022 breach, during which $625 million was stolen and linked to North Korea’s Lazarus Group. The bridge remains paused as investigations continue. 

Read more on Therecord

 Hong Kong to advance crypto regulations in next 18 months

Hong Kong is set to enhance its digital asset regulations within 18 months to become a global fintech hub. Legislative Council member David Chiu announced plans to attract tech talent and establish robust oversight, with a focus on stablecoins, expected by the end of 2024.  

The Hong Kong Monetary Authority’s stablecoin sandbox includes major participants like Standard Chartered Bank and Jingdong Coinlink Technology.  

This regulatory push, alongside the launch of Asia’s first Bitcoin futures inverse product by CSOP Asset Management, highlights Hong Kong’s commitment to innovation and regulation in the crypto space, impacting future industry practices.

Read more on Cointelegraph

UN approves first treaty targeting cybercrime

The UN General Assembly committee has finalized a draft convention on cybercrime, marking the first global legally binding instrument on cybercrime. Expected to be adopted later this year, this convention is the result of a five-year effort involving UN Member States, civil society, academia, and the private sector. 

UNODC, serving as the secretariat, highlighted the significance of this treaty as the first multilateral anti-crime agreement in over 20 years. The convention aims to enhance international cooperation, law enforcement, and capacity-building to combat cybercrime, addressing the growing threats in digital spaces. Compliance officers and investigators should prepare for its implications. 

Read more on unodc.org. 

Learn how Crystal can enhance your crypto investigations and ensure your compliance by requesting a demo here. 

Be the first to get news from Crystal