Bitcoin Communities: The Currency Of Choice For Ransomware

I have been considering all the sub-sectors of “the” Bitcoin community, communities defined by interests in using Bitcoin or Bitcoin related technology. There are at least a half dozen such communities, united in enthusiasm for Bitcoin, but disunited in their other goals and hopes.

One of the unfortunate developments in the last year has been the emergence of Bitcoin as the preferred payment for cybercrime, especially for Ransomware and other forms of extortion. Extortion has existed forever and digital forms have been possible for years. But untraceable digital cash is just the thing for this business.

Ransomware has now been automated to the point that it is pretty much run by robots. The victim system is encrypted, with instructions to pay Bitcoin to a specific address in order to get the key to recover your stuff. No human criminals needed, and the payoff disappears into the hidden world of Bitcoin.

Recently, the Cyber Threat Alliance provided a detailed examination  of one family of such ransomware, ‘CryptoWall’. [PDF]  This highly automated system appears to have yielded Bitcoins worth hundreds of thousands of dollars.

While everyone knows that it is unwise to pay off extortionists, there is currently little that can be done once your files have been captured. Paying up may be the only choice, as even law enforcement professionals must concede.

Note that cryptocurrency is not only convenient for the criminals, the anonymity and decentralization of Bitcoin are essential to this particular scheme. (The report details the mechansims used to vanish the transferred funds into a fog of rapid transactions.)  Payment through any conventional system would be traced and blocked. And Bitocins can flow anywhere in the world, quickly and without pesky border controls.

This industry, along with drug and weapon sales are some of the most vibrant uses of Bitcoin today. I don’t have detailed statistics, but a back of the envelope calculation indicates that ransomware alone could be 10-20% of all Bitcoin transactions. Adding in other criminal activities, and it looks like Bitcoin is mainly used for illegal activities (in the sense that the majority of money is for illegal purposes

Is it any wonder that governments and legitimate businesses are wary of Bitcoin?

One other thought: I have to wonder if spam attacks on Bitcoin could provoke a response from cybergangs. If the day comes that the Bitcoin network is seriously disrupted, and it interferes with multimillion dollar extortion and drug trafficking, won’t there be a push to defend the network forcefully?

Gang warfare. Swell.


 

  1. Cyber Threat Alliance, Lucrative Ransomware Attacks: Analysis of the CryptoWall Version 3 Threat. Cyber Threat Alliance, 2015. http://cyberthreatalliance.org/cryptowall-report.pdf

 

Cryptocurrency Thursday

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s