Security News Vastaamo hacker traced via ‘untraceable’ Monero transactions, police says


Level 76
Thread author
Honorary Member
Top Poster
Content Creator
Apr 24, 2016
Julius Aleksanteri Kivimäki, the suspect believed to be behind an attack against one of Finland's largest psychotherapy clinics, Vastaamo, was allegedly identified by tracing what has been believed to be untraceable Monero transactions.

In October 2020, psychotherapy Center Vastaamo announced it had been breached in 2018 by someone who stole thousands of patient records and demanded a payment of 40 Bitcoins ($450,000 at the time) to not publicly release the stolen data.

Failing to extort the clinic, the hacker turned to individual patients, asking them to pay roughly $240 in Bitcoin to delete their records.

Finnish investigators from the National Bureau of Investigation (KRP), with the help of Binance, followed the trail of payments to Kivimäki, who exchanged the funds for Monero and then exchanged them back to Bitcoin.

District Prosecutor Pasi Vainio revealed this as part of the trial concerning the Vastaamo data breach and blackmail.


Level 15
Top Poster
Mar 13, 2022
So... he used Monero to 'wash' the Bitcoin, but it was the Bitcoin that gave his identity up, NOT the Monero.

Also, 'timestamping' is a well known traceability problem and any decent 'crook' ensures there is no time synchronisation during transactions, Whonix and TAILS both specifically avoid accurate timestamping for this reason.

The outcome may have been different had he used TOR as well.

IMO, the guy made rooky mistake and they were lucky. Had it been a single fully Monero transaction, he'd still be out there scamming.
  • Like
Reactions: Moonhorse

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.