Recent research has revealed that Eastern Europe remains a very high source of cybercrime activity — both from perpetrators of scams and users of darknet markets — in the cryptocurrency sector.
Cryptocurrency addresses based in the Eastern European region have the second-highest exposure to illicit activity after Africa, according to a report published today by blockchain research firm Chainalysis. However, Eastern Europe has a much larger overall crypto economy than both Africa and Latin America (which came in third). The findings echo research carried out last year.
The research analyzed the illicit share of cryptocurrency activity by region between July 2020 and June 2021. It revealed that Eastern Europe-based crypto addresses and wallets sent $815 million to scams and Ponzi schemes over the period.
“As is the case with all regions, scams make up the biggest share of funds sent from Eastern Europe to illicit addresses — we can assume that most of this activity represents victims sending money to scammers.”
Chainalysis observed that more cryptocurrency is sent to darknet markets in Eastern Europe than other regions. There is a thriving Russian-language darknet market called Hydra which claims itself as the world’s largest.
Drilling down into geographic breakdown by country, the research found that Ukraine was by far the most affected nation in the region, with more internet traffic to scam websites than any other country.
One particular scam accounted for more than half of the value sent in the region. Finiko, a Russia-based Ponzi scheme that collapsed in July 2021, promised huge returns and launched its own token, FNK.
According to the report, the Finiko scheme received more than $1.5 billion in Bitcoin (BTC) in over 800,000 separate deposits between December 2019 and August 2021.
Addresses in Eastern Europe have also been associated with ransomware, with $46 million being sent to suspect wallets in the region. The analytics firm attributed a lot of this to Russian hacker groups, stating that “many of the most prolific ransomware strains are associated with cybercriminal groups either based in or affiliated with Russia,” using Evil Corp as an example.
A year ago, Cointelegraph reported that Evil Corp demanded a $10 million crypto ransom to restore access to Garmin’s navigation solutions after its network was compromised.