Cryptocurrency payments to scams outpace ransomware jackpots in Eastern Europe, Chainalysis finds

Eastern Europe is leading the pack.
Getty Images

Eastern Europe remains a hotbed for illicit cryptocurrency activity, new research shows.

Between June 2020 and July 2021, Eastern Europe-based cryptocurrency addresses sent $815 million to investment ponzi scams that lure users with false promises of high returns, according to Chainalysis data published Wednesday. Ukraine, in particular, drove a significant amount of the region’s traffic to the fraud websites, trouncing second-place United States by roughly 20 million visits.

Half the money sent in the region went to just one apparent fraud effort. Between December 2019 and August 2021, users sent over $1.5 billion worth of bitcoin to Finiko, a Russia-based ponzi-scheme whose founders are under arrest or have fled Russia. The company marketed itself as a referral network that would reward investors with high returns, only to come under scrutiny from authorities in Moscow for allegedly defrauding users.

The report highlights that while Eastern Europe is largely seen as the recipient of illicit cryptocurrency funds, it also hosts a growing number of victims due to economic instability in the region. Despite the steady spike of ransomware attacks, scam payments outpaced other forms of crime in Eastern Europe as well as every other region tracked by Chainalysis.


Cryptocurrency scams have also flourished in the United States, which came in third behind Eastern and Western Europe in scam payments.

Still, cybercriminals racked up tens of millions in dollars in cryptocurrency ransomware payments, the firm found.

Eastern Europe also came second in receiving funds associated with ransomware, totaling $46 million. However, there’s evidence that some of the $51 million in activity attributed to Western Europe could actually be attributed to Eastern Europe due to overlap in services, researchers say. Most of the money went to cybercriminal groups believed to be based in Russia and other parts of Eastern Europe, including Evil Corp.

Tonya Riley

Written by Tonya Riley

Tonya Riley covers privacy, surveillance and cryptocurrency for CyberScoop News. She previously wrote the Cybersecurity 202 newsletter for The Washington Post and before that worked as a fellow at Mother Jones magazine. Her work has appeared in Wired, CNBC, Esquire and other outlets. She received a BA in history from Brown University. You can reach Tonya with sensitive tips on Signal at 202-643-0931. PR pitches to Signal will be ignored and should be sent via email.

Latest Podcasts