What do cryptocurrency ups and downs mean to cyber threats?

by Gabriel E. Hall - - 2022-03-16

Cryptocurrency and malicious threat actors go hand in hand in this digital world

Ransomware operators rely on crypto Cryptocurrency payment anonymity is used by threat actors to their advantage

Ransomware and other threats keep on using cryptocurrency as their main goal because direct extortion and stealing methods allow threat actors to profit from victims. Cryptocurrencies have many types and have been popular for a long time now. The relationship with ransomware started when crooks started to use digital currency as their primary payment method.^[1]

There are tons of different threat strains that use cryptocurrency as their main goal or tool. Trojans and malware can be designed to steal credentials, so fraudulent transfers can be made via user accounts that get hacked. Threats lock files and make the data hostage for particular money transfers in cryptocurrencies like Ethereum or Bitcoin.

Cryptocurrency extortion-based threats, ransomware, have been there for a long time, and there are various strains using new methods and relying on techniques that allow creators to make large sums from victims and ensure that profit. Double extortion^[2] was introduced recently, and with new strains, triple extortion comes to play too.^[3]

The threat relies on the file-locking use the cryptocurrency payments because it is not easily traced, and criminals can remain undetected and unreached but make money from all the ransom demands from victims across the world. Many people are targeted, particularly because of the relation to cryptocurrency platforms or different sources that show that Bitcoin or another preferred cryptocurrency could be obtained in case of a file encryption attack.

Particular digital asset holders, cryptocurrency owners, other investors, and people involved in the cryptocurrency world, marketplaces can become targets of malicious advertisements in search engines. These people can even become direct victims of digital wallet stealers and this is a common scam going around these years. People suffer serious losses when their wallets get wiped empty by scammers.

What is ransomware?

It is not new that criminals want money. Cybercriminals are also mainly financially motivated because getting paid for their false promises and claims is the best option and the quickest way to make a bank. Ransomware is a threat that manages to affect machines and demands money payments for fake offers of the file recovery tool.

People fall for these tricks and can transfer their funds, thinking that encryption is a reversible process and that their data will get restored once those cryptocurrency payments get to the cybercriminals behind the infection. However, those claims and promises are fake, and file-locking remains unreversed even when victims pay those large sums.

Ransomware has had a year of successful attacks in 2020 because attackers managed to run campaigns on specific targets, and creators chose how to attack properly.^[4] Cryptocurrency also became more popular in the past two years. It is more popular among people and companies, so ransomware has more profitable targets to choose from.

Cryptocurrency helps to spread ransomware

Cryptocurrency transactions are untraceable, and these ransomware creators are knowingly using that to their advantage. It is not traceable on the receiver and the sender end, so it is a fully anonymous transaction. the increased popularity and demand of digital currency in these recent years have made it easier to get and sell virtual coins or assets like NFTs.^[5]

This digital currency quickly became a preferred way for the crooks to get their ransom payments without getting tracked, so money could be collected, and files still left inaccessible. This way, all the ransomware-as-a-service businesses got promoted and more attractive for affiliates or other criminals that want to make money easily and remain uncaught.

These huge payments have little to no risks, so criminals can extort huge sums from companies, governments, and entities, and cyber thieves remain untraced for a long time. In most cases, cybercriminals who launch these campaigns live in other countries like Russia and India, and their targets are in China or the US, so this virtuality helps them to make money without any risks.

There are ways to protect yourself and avoid participating in ransomware campaigns. You need to take cryptocurrency awareness seriously and rely on multilayered protection, avoid malicious sources, rely on VPN tools, keep the machine virus-free, make sure to have strong DNS protection, and frequently check the machine with AV tools to remove mining malware or other crypto-related infections.

About the author

Gabriel E. Hall - Passionate web researcher

Gabriel E. Hall is a passionate malware researcher who has been working for 2-spyware for almost a decade.

Contact Gabriel E. Hall
About the company Esolutions

References

^ Greg Myre. How Bitcoin Has Fueled Ransomware Attacks. NPR. National security.
^ David Bisson. Ransomware Attackers’ New Tactic: Double Extortion. Securityintelligence. Data protection and security.
^ Benjamin Pimentel. The crypto crash is bad news for ransomware criminals. Protocol. Cryptocurrency reports.
^ What We Know About the DarkSide Ransomware and the US Pipeline Attack. Trendmicro. Cybersecurity research.
^ Kyle Wiggers. Redditors have created millions of crypto wallets to buy NFT avatars. Techcrunch. IT and security news.

Read in other languages

• Lietuvių
• Deutsch
• Français
• Italiana
• Español
• English (UK)