How do hackers collect ransom money and not IMMEDIATELY get arrested?

228 views

[ad_1]

How do hackers collect ransom money and not IMMEDIATELY get arrested?

In: Technology
[ad_2]

Crypto?

Three German Pornstars on Dirt Bikes?

They use crypto currency which can be transferred without the police having a way to find out to whom.

As mentioned, by using a form of payment that can’t immediately be traced to any one specific recipient, thus at least temporarily evading the eyes of law enforcement.

Many of them are located on places with lax police and get payment through crypto or gift cards.

Paid in crypto. From there that money could be transferred to any number of wallets around the world.

not sure about regular laundering practices, but crypto is fairly straight forward. just convert it to monero and back. Its private transactions, so its all hidden.

Also stuff like samurai wallet exist to do that with bitcoin and stuff

Pentester here: there’s a couple of ways they do this:

1) they require payment in bitcoin. While not totally anonymous, they put it through a tumbler scheme to make tracing much more difficult.

2) they use stolen accounts to pay the money into and withdraw from, meaning the transactions are not associated with them.

3) they reside in countries that couldn’t give less of a fuck about extradition requests from the west (eg: China)

The world needs a Robin Hood of hackers. Nothing crazy just a little skim for the less fortunate. Paying for school lunches .

It generally gets paid in a crypto that can’t be traced like monero. If they’re asking for a a tracable coin like bitcoin then they will be laundering through untraceable ones to allow them to cash out.

Im not an expert in cybersecurity but here’s my 2 cents on it.

usually, the criminals demand ransom via cryptocurrencies. now that doesn’t mean that no one knows where the cryptocurrencies are going as:

* the transactions are visible to everyone since they’re a part of blockchain. But, it only mentions the amount of the money, transaction date and time, and the unique wallet addresses involved.
* at some point, the criminals will have to change their crypto into a more practical thing like dollars. it is at this point where they are very vulnerable.

[if you don't know what a blockchain is, it's basically just a pile of transaction records, that are NOT editable once made, they're also public. anyone can see anyone else's transaction as long as they know their wallet address]

To prevent getting caught, the criminals also use something called “mixing” (it is a feature in many crypto wallets) which means taking the crypto they got from the victim and creating multiple transactions so as to make it harder to trace it. Basically taking the money and sending random amounts of it to many other wallets and repeating this many times to make it harder for anyone to trace where the money actually went. The mixing service probably charges some money for this service.

So it’s not that they can’t be traced, it’s just almost impossible with so many layers and so many things to decode, not to mention the constantly evolving and new mechanisms. There might be some techniques that not everyone knows about, yet. Some people do get caught tho.

They use cryptocurrency, which is difficult to trace to a physical location.

I actually just learned today that there exist ransomware brokers who will evaluate the exposure risk of a company being ransomed to see how worth it it is to pay the ransom, and how much. These ransomware attacks happen quite a lot, so these brokers have formed working relationships with the attackers and can be like, listen, here’s how much it’s worth to this company to recover their data and prevent any leaks. So, you should probably lower your ransom demand, otherwise they’ll just put that money toward finding a technical fix to recover access to their systems or data or whatever.

From scam-busting videos on YouTube, as well as things like crypto currency they will also get people to buy large amounts of gift cards or just take out lots of cash, then have them mail that recorded delivery to a random AirBnB address where another person hired as a “mule” will wait outside for the delivery truck, collect it without the AirBnB owner knowing, and then send it on to another handler who will get the money (minus a cut) to the original scammers.

A few items:

1) if you’re a business that immediately gets hackers arrested, the next time you get hacked, the hackers aren’t going to cut a deal, because they know you won’t play nice

2) many hacking deals are handled through an intermediary. I think it’s called black lake or something like that. This company deals with the hackers as a middle man. You give them the Bitcoin, the hackers give them the key to undo the hacks. They check that the key to undo the hacks truly works and doesn’t contain some nasty stuff that will make the situation worse. If all goes well, they send the Bitcoin to the hackers and send you the key to fix your stuff

Everyone plays nice and nobody gets totally boned. The key is to try and not get hacked in the first place

**Please read this entire message**

Your submission has been removed for the following reason(s):

Information about a specific or narrow issue (personal problems, private experiences, legal questions, medical inquiries, how-to, relationship advice, etc.) are not allowed on ELI5.

If you would like this removal reviewed, please read the [detailed rules](https://www.reddit.com/r/explainlikeimfive/wiki/detailed_rules) first. **If you believe this submission was removed erroneously**, please [use this form](https://old.reddit.com/message/compose?to=%2Fr%2Fexplainlikeimfive&subject=Please%20review%20my%20thread?&message=Link:%20https://www.reddit.com/r/explainlikeimfive/comments/nc1fvo/eli5_how_do_hackers_collect_ransom_money_and_not/Please%20answer%20the%20following%203%20questions:1.%20The%20concept%20I%20want%20explained:2.%20Link%20to%20the%20search%20you%20did%20to%20look%20for%20past%20posts%20on%20the%20ELI5%20subreddit:3.%20How%20is%20this%20post%20unique🙂 and we will review your submission.

I once had to pay someone through western union to an address in the Philippines. So good luck arresting them over there

Why are legal questions deleted ?