Binance helps take down cyber criminal ring laundering $500mn in ransomware attacks

June 24, 2021

Binance Security recently has been taking part in an international investigation with Ukraine Cyber Police, Cyber Bureau of Korean National Police Agency, US Law Enforcement, Spanish Civil Guard, and Swiss Federal Office of Police, among others, in apprehending a prolific cybercriminal ring.

The group — also known as FANCYCAT — has been running multiple criminal activities: distributing cyber attacks; operating a high-risk exchanger; and laundering money from dark web operations and high-profile cyber attacks such as Cl0p and Petya ransomware. In all, FANCYCAT is responsible for over $500M worth of damages in connection with ransomware and millions more from other cybercrime, Binance said in a statement.

Over the past year, Binance have expanded its in-house AML detection and analytics capabilities.

Based on research and analysis, as well as the understanding of cybercriminals’ history and cashout tactics, Binance arrived at the conclusion that the biggest security problem in the industry today is “money connected to cyber attacks being laundered through nested services and parasite exchanger accounts that live inside macro VASPs, including exchanges like These criminals enjoy taking advantage of reputable exchanges’ liquidity, diverse digital asset offerings and well-developed APIs.”

“We are continuing to investigate the FANCYCAT criminal syndicate across multiple jurisdictions and the connections associated with other cyber attacks,” Binance said.

Ransomware has become the biggest threat to online security, affecting all industries connected to the internet, from supply chains to healthcare institutions.

Earlier this year Binance released a case study on its first Bulletproof Exchanger Project, a dedicated anti-ransomware initiative where it worked with the Ukraine Cyber Police to arrest a major cybercriminal group laundering over $42M of illicit funds, according to the statement.

Leave a Reply