Cybercriminals are attracted to the decentralized nature and anonymity of cryptocurrencies, which makes it harder for law enforcement to track them down.
Cryptocurrencies have now been around for over a decade. Since their inception, they’ve been gaining traction as a legitimate form of currency. However, along with the rise in popularity of cryptocurrencies, there has also been a rise in the use of cryptocurrencies for cybercrime. Why is that?
Throughout the history of cybercrime, there has been the issue of dealing with money. Since cybercriminals can be anywhere in the world, far away from their victims, it’s not useful for them to be dealing with physical currency. Using traditional banking was also a no go because law enforcement can follow a bad actors’ trail and use it to arrest them. To get around this issue, they used Western Union, or online services like Webmoney or e-gold, which all had one thing in common: They didn’t ask for a bank account or a credit card.
When cryptocurrencies were created, they quickly became recognized as an ideal vehicle through which cybercriminals could carry out malicious attacks. The adoption of cryptocurrencies within the cyberattack landscape was quick, and there’s a good reason for that: The anonymity that they provide. Transactions made using cryptocurrencies do not require personal information, and because of this, it can be difficult to track down the individuals behind them.
Another important reason why cybercriminals have gravitated towards cryptocurrencies is their decentralized nature. Unlike traditional forms of currency, which are controlled by governments and financial institutions, cryptocurrencies operate on a decentralized system, meaning that transactions are recorded on a public ledger, a.k.a. blockchain, that isn’t controlled by any central authority. This, in turn, also makes it much harder for law enforcement to trace transactions and pinpoint the identities of those involved in crypto-related cybercrime.
Cybercriminals have found many ways to use cryptocurrencies for their benefit. One of the most common ways is through ransomware attacks. In a ransomware attack, a cybercriminal will gain access to a victim's computer and encrypt their files, making them inaccessible. The cybercriminal will then demand a ransom in the form of a cryptocurrency (usually Bitcoin) in exchange for the decryption key that will allow the victim to access their files again.
The most popular cryptocurrencies used by cybercriminals are Bitcoin, Monero, and Ethereum.
The three above examples each show that cybercriminals tend to prefer cryptocurrencies that provide a certain level of anonymity and untraceability.
Cryptocurrency-based scamming is another way cybercriminals are exploiting the use of cryptocurrencies, many of these scams are Ponzi schemes, where an individual or a group of individuals promise high returns on investment with little to no risk. In reality, the scammer will ask for an initial investment in the form of a cryptocurrency and then use the money from new investors to pay off the earlier investors. This creates the illusion of a profitable investment, but eventually, the scheme collapses and leaves investors with nothing.
Initial coin offerings (ICOs) scams are also becoming more common. In these scams, a company or individual will create a new cryptocurrency and offer it for sale to the public. They’ll make false claims about the potential of the cryptocurrency and then disappear with all of the money that has been raised.
Another way cybercriminals are exploiting the use of cryptocurrencies is through phishing scams, where they trick victims into giving away their personal information, such as their private keys, or sending money to a fake wallet address.
And of course, we can’t leave off the various forms of malware related to cryptocurrencies: From Trojans that steal wallets to threats that secretly install miners in computers, smartphones, or any device they can to use the victims’ computing power to mine their favorite flavor of cryptocurrency.
With all this in mind, it's clear that a strong tie has been established between cryptocurrencies and cybercrime. Cybercriminals are attracted to the decentralized nature and anonymity of cryptocurrencies, which makes it harder for law enforcement to track them down.
It's important for individuals and businesses to be aware of the potential risks associated with cryptocurrencies and take steps to protect themselves, including:
The promise of a free movie download led thousands of people into unintended malware.
Avast recently discovered a series of malicious browser extensions on the Chrome Web Store that are spreading adware and hijacked search results.