Several sanctions and the suspension of several direct money transfer operations in Russia, as well as the seizure of the assets of Hydra Market, Russia's biggest darknet platform, amid the ongoing Russian invasion of Ukraine have pushed Russian cybercriminals to leverage new money laundering approaches, BleepingComputer reports.
Most Russian hackers have been leveraging Chinese payment systems, including the Union Pay cards systems, which has already begun considering prohibiting Russian customers, according to a report from Flashpoint. More viable long-term options for money laundering among Russian threat actors have surfaced, with others providing money routes through China, Armenia, and Vietnam, which have not yet sanctioned Russian banks. The report also showed that Russian hackers have been forced to use darknet coin-mixing and cash-out services, while the closure of Hydra has obliged them to seek the services of less trustworthy options. However, some Russian threat actors have been found to store cryptocurrency in cold wallets or enter into gold investments. The recent wave of sanctions are also less likely to impact more sophisticated operations, researchers said.
More than a dozen industrial enterprise organizations, government agencies, military entities, and other public organizations in Russia, Ukraine, Afghanistan, Belarus, and other countries in Eastern Europe have been compromised by the Chinese hacking group TA428 through a widespread phishing campaign that leveraged six backdoors, The Register reports.