What happened to cyber climates in 2022?
kidnappings, dossiers, detentions.
These are just some of the ways in which police around the world have foiled the largest cyber criminal operations in the past year.
Cyber criminals have a lot of imagination, which has meant, for law enforcement, resorting to new and unconventional methods because
2022 saw some of the most astounding and ingenious breaches.
From hiding billions of bitcoins under floorboards, to underage hackers breaking into Fortune 500 networks.
Since the beginning of the year, more than $3.6 billion worth of bitcoin has been seized,
Later this year, the Office of Foreign Asset Control (OFAC), announced that it had sanctioned decentralized cryptocurrency “blending” service Tornado Cash for its role in cryptocurrency laundering on its platform.
Tornado Cash, along with others such as AlphaBay, allows its customers to hide the source of their cryptographic funds when participating in a transaction in exchange for a fee. Mixes potentially identifiable or contaminated cryptocurrency funds with others to conceal the origin and destination of cryptocurrencies. It is estimated that more than $1.5 billion in proceeds from crimes, such as ransomware and fraud, have been laundered through Tornado Cash to date.
In August, the U.S. government shared an image of a suspected ransomware operator called Conti, known by the name “Target,” the first time a major ransomware member has been discovered. The US State Department said Conti carried out more than 1,000 ransomware operations against US and international critical infrastructure.
Another group that suffered a devastating blow in 2022 was NetWalker , a ransomware gang that has been linked to several high-profile attacks including one on the University of California San Francisco, which paid a ransom demand of more than 1 million dollars. Between August 2019 and January 2021, ransomware attacks involving NetWalker demanded $46 million in ransom payments , according to cryptocurrency analytics firm Chainalysis.
One of the U.S. government’s longest-running cyber cases: the mystery of the missing billions in the Silk Road dark web drug market has been solved. In November, U.S. federal agents said they recovered $3.36 billion in bitcoins that were hidden inside a popcorn jar under the boards in the bottom of the bathroom cabinet in a hacker’s home. Prosecutors filed a lawsuit against a Georgia resident named James Zhong, whose plea deal with the feds saw him forfeit his huge cryptocurrency deposit, along with $600,000 in cash and other precious metals.
In October u
n Ukrainian national was charged, by the
U.S. officials, for his alleged role in the Raccoon Infostealer “malware-as-a-service” operation that infected millions of computers worldwide. Mark Sokolovsky, nicknamed “ Raccoonstealer ,” was accused of having a major role as the administrator of malware that, according to prosecutors, was used to steal more than 50 million unique credentials and forms of identification from victims around the world , starting in February 2019. Sokolovsky is charged with computer fraud, wire fraud, money laundering and identity theft and faces up to 20 years in prison.
The Lapsus $ gang became famous in 2022. A data-extorting group that first emerged a year earlier quickly reaped a number of high-profile victims, including Okta, Microsoft, Nvidia and Samsung. The gang seemed invincible, instead some of its members were arrested in March this year. In a statement, City of London police confirmed that seven people between the ages of 16 and 21 had been arrested in connection with Lapsus$. News of the arrests came shortly after a Bloomberg report revealed that a teenager based in Oxfordshire, UK, is suspected of being the mastermind of the Lapsus $ group.
In June 2019, Paige Thompson, a former engineer in Amazon’s cloud division, was convicted of a breach that compromised the personal and financial information of 100 million CapitalOne customers. The breach was one of the largest bank robberies in U.S. history
Thompson has been accused of using her knowledge, as a software engineer at Amazon, to hack CapitalOne’s online cloud storage, hosted on Amazon’s servers, and of compromising the cloud storage of several other companies, including Vodafone, Ford, and the Ohio state automotive agency.
These are just a few cases; the list of cyber criminals arrested is a bit longer.