November 9

3 Ways Cryptocurrency Continues To Fuel Cybercrime

Cryptocurrency: A cyber criminal’s favourite playground

Cryptocurrency (particularly Bitcoin) has been in existence since 2009. Today, its popularity continues to rise across the globe. As cryptocurrencies increase in user adoption and value, so does cybercriminals’ interest in using cryptocurrencies as a method of payment. 

Many experts have given their assessment as to why cryptocurrencies seem to be fueling cyber extortion and ransomware. 

For example, Mikko Hypponen, Head of Research at the Finnish security services F-secure said that bitcoin makes ransomware extortion fashionable. He also mentioned that since 2013, criminals have been on the lookout for cryptocurrency.

Furthermore, The Chainalysis 2021 Crypto Crime Report shows that the volume of ransom demands from cyber attackers in digital currencies is aggressively increasing.

A favourite method of payment across the cybercriminal world: Bitcoin and Monero

Bitcoin so far has been the favourite means of payment by cybercriminals, however, there’s a new player in town. Monero is becoming one of the most preferred cryptocurrencies in the world by ransomware criminals.

Monero was released by anonymous consortium developers. The cryptocurrency boasts its ‘privacy and anonymity.’ The privacy token operates on its blockchain, making it possible to virtually hide all transaction details including:

  • Identity of the sender/recipient
  • Transaction amount/s

The privacy Monero offers through its anonymity features enables cybercriminals to virtually go undetected, once payment has been made.

This is all due to the anonymity features. In a nutshell, Monero allows cybercriminals greater freedom from some of the tracking tools and mechanisms that the bitcoin blockchain offers.

Why Cyber Criminals Prefer Cryptocurrency

Cybercriminals prefer cryptocurrency more than other forms of payment. Hackers choose Bitcoin and Monero for its confidentiality and hard-to-trace movements. 

With corporate ransom payments averaging around $0.2-1.2 million depending on the demands of the hacker and the severity of the attack – cybercrime can not be ignored.

Cypfer CEO and founder Jason Kotler says this about hackers – “They expect a negotiation”. “For billion dollar companies, they expect multimillion dollar payments.” 

Furthermore, he states that there’s even something of an industry-standard: “It’s roughly a percentage of their published net revenues — a half a percent for billion dollar companies.”

Ransomware payments increase by 311% in 2020

The top reason why hackers still prefer Bitcoin is that with it, cybercriminals can attain anonymity. Added to this, transactions of ransom payments are speedy with its easy access and difficulty in tracking the movements of the paid currency. 

Though there are other cryptocurrency options such as Zcash and Monero, the majority of cybercriminals still prefer Bitcoin.

Payments in Bitcoin, like most cryptocurrencies, are hard to trace. Since Bitcoin is a digital currency, it can be transferred from one person to another without having to go through a bank or its regulations. 

Furthermore, Bitcoin is not insured by any government bodies, making it hard for them to regulate the cryptocurrency.

3 Ways Cryptocurrency is Fueling Cybercrime

1. Privacy

Cryptocurrency offers more privacy than traditional bank accounts for cybercriminals

In the recent Liquid heist where nearly $100 million tokens were stolen, the blockchain analytics firm Elliptic reported that at least $45 million in Ethereum assets were converted to Ether with the assistance of decentralised exchanges like SushiSwap and Uniswap to prevent freezing the assets.

Whilst the majority of cryptocurrency systems to date have similar foundational systems – tied together by groups of computers that process transactional information directly from users wanting to send money or data. User privacy, anonymity remains a key focus for most cryptocurrencies.

There are many crypto currency exchanges that allow their users to conceal their real names or require KYC protocols. 

Cyber criminals love these as although users’ transaction amounts and for example bitcoin account numbers, also known as ‘wallets or addresses’ are visible on the blockchain, it can be extremely hard to trace and uncover.

In a public ledger, these transactions are permanently recorded making it possible for anyone to read them. A public ledger can help you track how much currency each individual owns. 

However, developers will tend to tweak the code, often creating faster transaction processing whilst also improving its anonymity – user privacy.

Cryptocurrency offers more privacy than traditional bank accounts and credit cards, this helps shield bad actors ‘hackers’ from Government Agencies who are trying to apprehend cybercriminals.

2. It’s complicated to trace

Bad actors ‘Hackers’ use cryptocurrency tumbling services to cause confusion through a labyrinth of paths for law enforcement and fraud investigators to seek and follow.

Because of the anonymity of the users or account owners, it’s difficult for the Government Agencies to trace where the money went. This is because cryptocurrency providers use tumbling services.

Tumbling services provide anonymity by mixing or cleaning bitcoin for their users. Such a process involves mixing potentially recognisable or fraudulent funds with other funds, making it more difficult to trace the funds back to their source. The same funds are also mixed in random amounts for an uncertain period.

Bad actors ‘Hackers’ use cryptocurrency tumbling services to cause confusion through a labyrinth of paths for law enforcement and fraud investigators to seek and follow.

How Tumbling Service Works

  • The individual sends bitcoin or other crypto currencies to a tumbler’s address.
  • The sender’s bitcoin is then mixed with other transactions distributed among many other wallets that acquired tumbling services.
  • Once the process is completed, the ‘clean bitcoin or crypto’ is sent back to the original user or another new user.

Simply put, it’s like money laundering but with a whole different way and materials. This cryptographic facility helps conceal the trail of the ransom payments from its fund’s basic origin.

3. Speeds up ransom payment by adding pressure

Cryptocurrencies speed up ransom payment as cybercriminals add pressure

Cryptocurrency may be increasing in popularity, however, not everyone is aware of how it works. 

For now, anyway, not everyone has a cryptocurrency account and not everyone is aware of how much bitcoin or wider cryptocurrencies are used in the mainstream environment. Without proper knowledge about what’s happening, cryptocurrency can add a great deal of pressure to victims of cyber criminals.

Ransom Attacks Create Havoc For Businesses and Their Teams. 

Without access to their network, systems, and data, organisations are stressed out and extremely pressured on how they’ll be able to get it back. Add to this, when hackers demand payments in crypto the pressure builds. What adds more salt to the wound is when Hackers continue to increase the amount of ransom demanded as time passes by without payment.

Cryptocurrency takes time to acquire. If the victim isn’t on an exchange or doesn’t have a crypto wallet currently set up – they then have to go through the setup process, transfer the corresponding amount demanded by hackers, and turn it into the cryptocurrency they want.

The time pressure, the inaccessible system/data/network, and the ransom in the form of a cryptocurrency cause extreme pressure on the victims. These factors make it hard for most organisations to pay cybercriminals, in a timely manner.

What Businesses Need To Consider When Combating Cybercrimes

Cyber attacks and ransomware are here to stay …and continue to increase year on year. It’s only a matter of time before a cyberattack hits your Government Department, Corporation or Small Business …and let’s not forget you as an individual either.

Why? The data held by these entities and individuals is extremely valuable to cybercriminals

Paying a ransom to cybercriminals also means you’re encouraging them and providing the incentive along with funding for further attacks on others. 

This is why Governments around the world are encouraging and in some cases passing laws that make it mandatory to disclose a cyber attack.  Ultimately, Governments want to track cyber crimes whilst offering support to those who have been victimised.

As long as cryptocurrencies are paid to threat actors, ransomware and other cyber attacks will continue to endanger any business or organisation regardless of size. 

With its privacy features, cryptocurrency continues to help cyber criminals fund their future attacks and lifestyle.

As the number of credentials increase – business and individuals, and are available for sale on the dark web – organised ransomware gangs have plenty of potential victims to choose from. 

Leading Causes of Ransomware - Cryptocurrencies are widely used in dark web transactions.
Leading Causes of Ransomware

Cryptocurrencies are also widely used in dark web transactions adding to the demand for ransom payments in the form of Bitcoin, Monero, and others.

A leaked credential is dangerous for you, your business and you may never know if your credentials are exposed unless you invest in an active cyber intelligence strategy.

This is why Government Departments, Corporates and SMEs, are investing in Cyber Intelligence solutions, like CRINTEL, to act as a double-check for their cybersecurity teams.

Discover how Cyber Threat Intelligence helps businesses secure their brand reputation, operations, and cash flow through CRINTEL.

CRINTEL helps Government Departments, Corporates and SMEs deal with the dangers of the Dark Web

CRINTEL – Cyber Risk Intelligence is a Private Intelligence Agency (PIA) that specialises in Cyber Threat and Risk Intelligence originating from the Dark Web. 

CRINTEL stands apart from other Private Intelligence agencies (PIA) that specialise in cyber intelligence. Because of the enormity of the Dark Web, one PIA cannot possibly detect all credential breaches. 

CRINTEL is unique as it works with multiple independent enterprise-level PIAs threat intelligence units (TIUs) globally to provide an aggregated intelligence awareness outcome for their clients. Rather than relying on one or two PIAs, CRINTEL’s multiple PIAs/TIUs significantly increase the chances of discovering compromised credentials for clients.

Furthermore, we work as a co-managed solution to support and provide your internal team and external IT cybersecurity advisors with 24/7 live monitoring of the dark web.

Our Threat Intelligence Units (TIUs) monitor your business domain, email addresses and key suppliers – looking for exposed credentials that we can find about your business and suppliers – that are up for sale on the dark web. 

Our enterprise-level cyber intelligence systems, used by Fortune 500 companies, are supported by human operatives and collect live dynamic data that is scanned or sourced from live dark web forums leveraging multiple sources in real-time 24/7, 365 days per year.

Are your business credentials up for sale on the dark web? 

Dark Web Monitoring

Get started with Crintel FREE today! Request a complimentary Cyber Intelligence Report here.


NOTE: As this article is sourced from one or more third parties we cannot guarantee the information is correct and suggest if you are relying on this information, for whatever reason, then you should first do your own research. Click here to learn more about how CRINTEL can help your business.



Downloadable copy:


Why hackers prefer bitcoin:


bitcoin, blockchain, cryptocurrency, Cyber Risk Intelligence, Cyber Threat Intelligence, Cyber Threats, Dark Web, Hackers

You may also like

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}