The bill empowers the US president to issue letters of marque, allowing “privately armed and equipped persons” to act on behalf of the government. These privateers would use all necessary means to seize property and detain or penalize cybercriminals deemed a threat to national security.

US Privateers Against Cybercrime

This groundbreaking cybercrime bill targets a range of threats, including crypto theft, pig butchering scams, ransomware attacks, identity theft, unauthorized computer access, online password trafficking, and the spreading of malicious code. According to the bill, these cybercrimes are not just criminal acts but are considered “acts of war” against the United States that threaten both economic and national security.

The introduction of privateers is a revival of an 18th-century concept, adapted for modern digital threats. If passed, this legislation could significantly impact cybersecurity and the future of asset seizure, making it a powerful tool in the fight against cybercrime.

Potential Impact on Cryptocurrency

Significantly, the US could potentially funnel seized assets into a national Bitcoin reserve and a crypto stockpile. In July alone, hackers stole over $142 million in crypto, with losses exceeding $3 billion for the year. The assets seized by law enforcement could be forfeited to the government, bolstering its crypto reserves.

Earlier this year, President Donald Trump signed an executive order to establish a Bitcoin and crypto reserve, aiming to accumulate cryptocurrencies through budget-neutral strategies or asset forfeiture.

Recent Seizures Highlight the Bill’s Relevance

In July, the federal government filed a civil complaint to claim over 20 Bitcoin, worth more than $2.3 million, seized by the FBI’s Dallas division from the Chaos ransomware group. Additionally, the Department of Justice (DOJ) confiscated $1 million in crypto from the BlackSuit ransomware group.

In August, the DOJ authorized the seizure of $2.8 million in cryptocurrency from a wallet controlled by Ianis Aleksandrovich Antropenko, charged with ransomware attacks targeting both individuals and businesses.

This legislation not only aims to address and deter cybercrime but also holds the potential to convert seized cryptocurrencies into a national asset, further integrating digital currencies into governmental strategies.

The post Cybercrime Bill: 5 Powerful Insights for an Amazing Future appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

Embargo’s Impact on U.S. Infrastructure

The Embargo ransomware group has left a significant mark on U.S. infrastructure. Notable victims include American Associated Pharmacies, Georgia-based Memorial Hospital and Manor, and Weiser Memorial Hospital in Idaho. These organizations have faced ransom demands reaching up to $1.3 million, according to blockchain intelligence firm TRM Labs.

Potential Rebranding from BlackCat

TRM Labs suggests that Embargo could be a rebranded version of the notorious BlackCat (ALPHV) operation, which vanished following a suspected exit scam earlier this year. Both groups exhibit technical overlap, utilizing the Rust programming language and maintaining similar data leak sites. Moreover, they share onchain ties through common wallet infrastructure.

Embargo Holds $18.8M in Dormant Crypto

Around $18.8 million of Embargo’s crypto proceeds remain dormant in unaffiliated wallets. Experts believe this tactic is designed to delay detection or exploit better laundering conditions in the future. The group employs a network of intermediary wallets, high-risk exchanges, and sanctioned platforms like Cryptex.net to obscure the origin of funds.

Double Extortion Tactics

While not as overtly aggressive as other ransomware groups like LockBit or Cl0p, Embargo has adopted double extortion tactics. They encrypt systems and threaten to leak sensitive data if victims fail to pay. In some cases, they have publicly named individuals or leaked data on their site to increase pressure.

Targeting High-Value Sectors

Embargo primarily targets sectors where downtime is costly, including healthcare, business services, and manufacturing. The group has shown a preference for U.S.-based victims, likely due to their higher capacity to pay.

UK’s Ransomware Payment Ban

In response to the growing threat, the UK is set to ban ransomware payments for all public sector bodies and critical national infrastructure operators, such as energy, healthcare, and local councils. The proposal introduces a prevention regime that requires victims outside the ban to report intended ransom payments.

The plan includes a mandatory reporting system, requiring victims to submit an initial report to the government within 72 hours of an attack and a detailed follow-up within 28 days. Notably, ransomware attacks dropped by 35% last year, marking the first decline in ransomware revenues since 2022, as reported by Chainalysis.

The post Ransomware Group Embargo: $34M Crypto Scheme & Powerful Tactics Revealed appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

Like many ransomware gangs, LockBit demands its victims pay in cryptocurrencies such as Bitcoin (BTC) or Monero (XMR). Victims are often coerced into sending funds to specific wallet addresses to access decryption keys or prevent data leaks. Affiliates then usually attempt to clean the funds using mixers, cross-chain swaps, or privacy coins to dodge detection.

The dark web platforms of LockBit affiliates were altered with a message containing a link to a database dump. The message stated, “Don’t do crime CRIME IS BAD xoxo from Prague,” according to cybersecurity publication, Bleeping Computer.

BleepingComputer’s examination of the leaked LockBit database, first highlighted by the cyber threat actor, Rey, revealed 20 tables with revealing details. One table includes almost 60,000 Bitcoin addresses, likely a combination of addresses used by the gang’s affiliates and infrastructure. Another reveals ransomware builds specific to certain targets. The leak also discloses configuration details for attacks, such as which servers to avoid or which files to encrypt. A chat log unveils over 4,400 negotiations between the ransomware operation and its victims, and a user table names 75 admins and affiliates, with passwords in plain text, including samples like “Weekendlover69” and “Lockbitproud231.”

A LockBit operator known as “LockBitSupp” confirmed the breach to Rey, ensuring that no private keys were leaked. Bleeping Computer indicates that the database dump likely occurred around April 29, as suggested by the MySQL timestamp and the latest chat record. However, the identity of the individual or group behind the breach and the means by which it was executed are still unknown. The defacement message mirrors one used in a recent attack on Everest ransomware’s dark web site, hinting at a potential connection.

The server was found to be running PHP 8.1.2, which is vulnerable to CVE-2024-4577 – a critical flaw that can facilitate remote code execution. In February 2024, Operation Cronos, an international law enforcement initiative, dismantled LockBit’s infrastructure, seizing 34 servers, stolen data, cryptocurrency addresses, 1,000 decryption keys, and its affiliate panel. Despite this setback, LockBit managed to rebuild and resume operations, only to face another significant blow in May of the same year when U.S. authorities unmasked and indicted its ringleader, Dmitry Khoroshev, on 26 criminal counts.

The post Cybercriminals Beware: LockBit Ransomware Gang’s Bitcoin Addresses Exposed in Counter-Hack appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

Chainalysis’ 2025 crypto crime report shed light on the ebbs and flows of the year. In the first half of 2024, it seemed like the cybercriminals were on track for another year of record earnings, with a 2.4% increase in the value stolen compared to 2023, including a massive $75 million ransom paid by an undisclosed victim to the Dark Angels group. However, the second half of 2024 witnessed a drastic reduction in ransomware payments, causing the total value extorted for the year to decrease.

Centralized exchanges were still the preferred channel for the criminals to convert their ill-gotten crypto into fiat. However, sanctions against Cryptex, a Russian-based exchange, and the seizure of 47 non-KYC Russian language crypto exchanges by the German Federal Criminal Police in the previous year, hampered the criminals’ ability to launder their illegal proceeds, according to Chainalysis.

“There’s an increasing reluctance among ransomware operators, majorly driven by financial motives, to cash out. This could be indicative of their fear of getting traced, identified, and prosecuted by law enforcement agencies, thanks to crypto investigation tools,” stated Jacqueline Burns Koven, Chainalysis Head of Cyber Threat Intelligence.

Chainalysis also highlighted a growing disparity between the ransoms demanded by attackers and the amounts actually transferred by victims on the blockchain. Despite a rise in the number of ransomware incidents, the payout gap swelled to 53% in the latter half of 2024, suggesting that more victims were standing their ground and refusing to pay the ransom, Chainalysis reported. The typical payment from victims who did give in to the hackers’ demands ranged between $150,000 and $250,000, regardless of the original ransom amount.

“The cybersecurity landscape seemed to be spiralling towards a ransomware apocalypse. This considerable drop, even lower than the figures of 2020 and 2021, is a testimony to the effectiveness of law enforcement actions, enhanced international cooperation, and the escalating refusal of victims to succumb to the attackers’ demands,” Koven commented.

Disclaimer: The Block is an independent news platform focused on delivering the latest news, research, and data in the crypto sector. As of November 2023, Foresight Ventures is its primary investor. Foresight Ventures also invests in other crypto entities. Crypto exchange Bitget is an anchor LP for Foresight Ventures. The Block remains committed to providing objective, impactful, and timely information about the crypto industry. This article is for informational purposes only and should not be used as financial, legal, tax, investment, or other advice.

The post Crypto Ransomware Extortion Falls by 35% in 2024 as Exchanges Clamp Down and Victims Fight Back: Chainalysis appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

Since the 18th century, humankind has witnessed rotations that have forever altered the world for the better. The closest revolution we have observed is the advent of the internet. The influence of the internet is so enormous that we can no longer imagine our lives without it.

On the other hand, we have to face criminal activities and ransomware on the internet. Moreover, the potential of cryptocurrencies and blockchain technology is vast and we all know this. It is by no means without any downsides. Though, currently, the one tormenting the crypto world the most is none other than ransomware attacks. 

Having said that, ransomware attacks are not solely a crypto-problem. Particularly, now that this problem is being highlighted and many platforms are coming to the rescue of the crypto if not completely cut it. Also, at the forefront of this effort is ‘Binance’, one of the world’s largest cryptocurrency exchanges.

Binance Taking Charge by Curbing with Ransomware

Cryptocurrencies and the cases of Bitcoin for illegal activities are growing. Further, efforts to restrain these activities are also growing. This effort saw the development of several crypto and blockchain firms actively taking part in tracing the source of cryptocurrencies, and the movements of illicit actors.  

The one leading by example is Binance, one of the largest cryptocurrency exchanges in the world. 

Here is how Binance is taking the charge of the future!

The cryptocurrency exchange has partnered with several law enforcement agencies and implemented advanced methods to keep a tab on trade activities like ransomware executed on the platform. The exchange also has a dedicated team – the security data science team – that focuses on building anti-fraud systems and scaling investigations.

The post Binance Takes the Lead in Restraining Ransomware Related to Crypto appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.

Citing Tether’s official Twitter account, the source says that the company has no intention to pay the ransom demand. They explain the decision by suggesting that hackers did not make their intentions clear, so the demand might be simply a part of an extortion scheme, and the documents are likely fake.

Cryptocurrency prices continue to fluctuate, and Bitcoin is making its way to new highs. As a result, hacking and ransomware attacks, in particular, are increasing. According to Chainalysis, hackers made at least $350 on ransomware attacks in 2020. Moreover, the firm found that this amount is 311% more than what victims of attacks paid in 2019.

Tether has been a victim of hacking before. In 2017, the firm had USDT worth $30 million stolen. Hackers moved the funds from the company wallet to an unauthorized Bitcoin address. At the time, the company made attempts to prevent the movement of stolen tokens into the broader ecosystem. Tether is a stablecoin pegged to the US dollar, with the value of each coin being $1.

The post Tether does not plan to go along with a ransom demand of $23 million appeared first on Crypto Market Insights: Dive In with CryptoUpdate.io.