Building trust in blockchains among people, businesses and governments. Our compliance and investigation software powers hundreds of top institutions.

Manhattan, NY
Joined December 2014
THREAD: Here’s a quick summary of our blog on today’s Netwalker disruption, which saw US authorities seize nearly $500K in crypto, disable a key Netwalker dark web resource, and arrest a prolific ransomware affiliate. bit.ly/2NJigAj
We’re proud to announce that Chainalysis played a role in today’s disruption of the Netwalker ransomware organization and arrest of a key affiliate. Get the details and see the blockchain analysis here! bit.ly/2NJigAj
1
8
1
15
First, some context: Ransomware skyrocketed in 2020. Our conservative estimate is that attackers extorted nearly $350M from victims, a 311% increase from 2019. Netwalker has been one of the most active strains in that time. bit.ly/2NJigAj
1
1
0
0
Netwalker functions on the ransomware-as-a-service (RaaS) model, meaning its administrators allow independent “affiliates” to use Netwalker to carry out attacks in exchange for a cut of the proceeds. bit.ly/2NJigAj
1
0
0
1
Blockchain analysis of Netwalker wallets shows four “roles” that consistently receive set percents of most victim payments. Affiliates get 80% Administrators get 8-10% Two other commissioned roles get 2.5-5% bit.ly/2NJigAj
1
0
1
0
Blockchain analysis suggests that Netwalker has <20 unique affiliates. Many have received payments from many different ransomware strains. The Chainalysis Reactor exposure wheel below shows one affiliate’s breakdown of ransomware funds received by strain. bit.ly/2NJigAj
1
0
0
1
The affiliate arrested today is a Canadian national named Sebastien Vachon-Desjardins. He was allegedly involved in at least 91 Netwalker ransomware attacks since Apr 2020. These attacks netted him $14M worth of BTC, much of which has since grown in value. bit.ly/2NJigAj
1
2
0
4
Based on blockchain analysis, we also suspect Vachon-Desjardins was an affiliate for other strains such as Sodinokibi and Ragnar. The Reactor graphs below show his wallets receiving funds from those strains. bit.ly/2NJigAj
1
2
0
4
Chainalysis has labeled in our products the NetWalker victim payment addresses, and Chainalysis KYT and Kryptos customers with exposure to these addresses will receive alerts in real-time. bit.ly/2NJigAj
1
0
0
3
Want to learn more about ransomware? Sign up here to get our 2021 Crypto Crime Report, coming out this February. go.chainalysis.com/2021-Cryp… END OF THREAD
0
1
0
3
Chainalysis retweeted
Department of Justice Launches Global Action Against NetWalker Ransomware justice.gov/opa/pr/departmen…
22
195
24
352
We’re proud to announce that Chainalysis played a role in today’s disruption of the Netwalker ransomware organization and arrest of a key affiliate. Get the details and see the blockchain analysis here! bit.ly/2NJigAj
0
10
1
22
In the latest excerpt of our 2021 Crypto Crime Report, we use blockchain analysis to break down the ransomware ecosystem. blog.chainalysis.com/reports…
1
3
1
20
Ransomware attackers' revenue shot up by over 300% in 2020 as Covid-prompted work from home measures made target organizations more vulnerable to attack. Our conservative estimate of total ransomware revenue last year is just under $350 million. blog.chainalysis.com/reports…
1
1
1
1
However, our data suggests that ransomware attackers rely on a surprisingly small pool of money laundering partners to turn stolen cryptocurrency into cash. A group of 199 deposit addresses received 80% of all funds moved by ransomware addresses in 2020. blog.chainalysis.com/reports…
1
3
0
12
Read the full preview on our blog to learn more about those addresses, and sign up here to get the full 2021 Crypto Crime Report delivered straight to your inbox when it comes out in February. go.chainalysis.com/2021-Cryp…
0
1
0
3
Chainalysis retweeted
New: Ransomware gangs laundered $348 million through a handful of bitcoin deposit addresses, opening a potential pathway for investigators, per @chainalysis. - Attacks up by 311% - 199 addresses received 80% of all funds not intended for crypto markets. cyberscoop.com/ransomware-ha…
1
17
3
24
Show this thread
Don't miss our #LinksVirtual session next Thursday, 2/4 at 1pm EST, where @Bitso CEO Daniel Vogel will tell us about building a crypto business in Latin America. Tune in for insights on LATAM regulation and Bitso's latest fundraising round! @vogelbit go.chainalysis.com/building-…
0
1
0
23
It's true – one of the many benefits of the transparency in #crypto is that you can use data to actually estimate the amount of crime that takes place.
Replying to @SenLummis
According to Chainalysis, cryptocurrency-related crime is smaller than criminal activity with cash. #Crypto regulations need to leave room for innovation. Just because a limited number of bad actors have abused crypto doesn’t make it evil.
Show this thread
0
2
0
10
It's a common misconception that #crypto is unregulated & opaque. It's been regulated under the BSA since 2013 and operates on transparent public blockchains. With the right tools, government agencies can have better visibility into illicit activity in crypto than traditional $
Former Goldman Sachs CEO Lloyd Blankfein says regulators could face a nightmare addressing #Bitcoin and other #cryptocurrency concerns...but @philip_gradwell of @chainalysis disagrees. $BTC #BTC #Blockchain #crypto @MelissaLeeCNBC @CNBC
4
14
1
34