Representatives of Finland's National Bureau of Investigation (NBI) have successfully traced Monero transactions related to the Vastaamo medical network hack, as reported by local media.
In October 2022, a hacker attacked the psychotherapy provider, gaining unauthorized access to the accounts of 33,000 customers. The hacker demanded a ransom of 40 BTC ($1.7 million) from the company. When the ransom was not paid, the hacker resorted to blackmailing individuals listed in the user database.
Law enforcement subsequently identified Julius Aleksanteri Kivimäki, who lives in Estonia, as the perpetrator of the Vastaamo hack. NBI claims to have obtained strong evidence against the suspect.
The hacker received bitcoin payments from victims, which were then routed through a KYC-free exchange and converted into Monero, a cryptocurrency known for its privacy. Chainalysis analysts have previously noted the popularity of Monero among fraudsters.
Despite the challenges associated with Ring Confidential Transactions (RingCT) technology, which ensures transaction privacy and user anonymity, NBI investigators were able to trace the Monero transactions and establish a link to Kivimäki's bank account.
Law enforcement officials note that after converting the funds to Monero, the hacker transferred them to the #Binance exchange, where they were exchanged for #bitcoins and subsequently sent to various addresses. The money was eventually traced to Kivimäki's bank account.
