The U.S. Department of Justice has launched an investigation into a former ransomware negotiator who is accused of colluding with hackers to take a cut from the cryptocurrency paid to the ransomers.
DigitalMint President Marc Grens confirmed in a statement to Cointelegraph that a former employee of the company is becoming the subject of an ongoing criminal investigation and was "immediately terminated" after the related allegations surfaced. The investigation apparently involves unauthorized actions allegedly taken by the employee during their tenure.
The Chicago-based company provides negotiation support for ransomware victims and assists in making payments to hackers. According to insiders, Bloomberg was the first to report the incident on Thursday.
Grens also stated, "DigitalMint is not the target of this investigation and has been 'fully cooperating with law enforcement.'"
He added that after discovering the issue, the company "swiftly took action to protect customer interests. Trust needs to be built every day. We began notifying affected stakeholders as soon as conditions allowed."
DigitalMint states on its official website that the company focuses on the secure handling of ransomware incidents and helps clients make secure payments to hackers.
The company claims its client base includes several Fortune 500 companies and has registered with the Financial Crimes Enforcement Network (FinCEN) in the U.S.
Fewer companies are yielding to criminals' ransom demands. A report released by cybersecurity incident response firm Coveware in February of this year showed that in the last quarter of 2024, only 25% of companies that faced ransom demands paid the ransom.
According to Coveware data, among companies that received ransom demands in the third quarter of 2024, 32% ultimately made payments, down from 36% in the previous quarter. This figure stands in stark contrast to the first quarter of 2019, when as many as 85% of companies would pay the ransom when asked.
Coveware stated that this decline "indicates that more organizations are enhancing their cybersecurity defenses, implementing better backup and recovery strategies, and refusing to fund cybercriminals."
However, Coveware also noted that the decrease in payment rates may also be related to "increased law enforcement efforts" and "stricter regulatory guidance discouraging companies from paying ransoms."
Meanwhile, in the latest crackdown on ransomware gangs, the U.S. Treasury Department imposed sanctions on the Russia-based Aeza Group and its executives, as well as a cryptocurrency wallet associated with its services, citing their alleged provision of hosting services for ransomware and information thieves.
Another report released by blockchain analysis firm Chainalysis on February 5 showed that the total amount of ransom obtained through ransomware attacks in 2024 decreased by 35% compared to 2023, totaling $815 million, down from $1.25 billion in 2023.
James Taliento, CEO of cybersecurity intelligence company AFTRDRK, stated in an interview with Bloomberg that ransomware negotiation experts do not always prioritize the interests of their clients.
He pointed out, "If the company that the negotiator works for can take a commission or cut from the ransom paid by the victim, they lack the incentive to actively drive down the ransom amount or fully disclose information to the victim. That's the reality."
Meanwhile, investigative news organization ProPublica found in a 2019 report that two companies in the U.S. would pay hackers to retrieve stolen data and then charge clients additional fees under the pretext of "using specialized recovery techniques."
Related: Reported kidnapping of crypto billionaire involved resistance that resulted in biting off the kidnapper's finger.
Original: “U.S. Investigates Negotiator Accused of Receiving Cryptocurrency Ransom Payments”
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
