When the FBI succeeded in following the Bitcoin blockchain money trail and breaking the cryptocurrencies held by Colonial Pipeline hackers, it thought that cryptocurrency transactions would automatically protect them from scrutiny. It was a call for the awakening of cyber criminals.
One of Bitcoin’s core beliefs is that everyone has a public ledger that keeps all token transactions in history. That’s why more hackers are looking at coins such as dash, zcash, and monero that have additional anonymity built in.
In particular, Monero is an increasingly popular cryptocurrency for the world’s top ransomware criminals.
Rick Holland, Chief Information Security Officer, Digital Shadows, a cyber threat intelligence company, said:
Created in 2014
Monero was released in 2014 by a consortium of developers, many of whom chose to remain anonymous. As stated in the white paper, “privacy and anonymity” is the most important aspect of this digital currency.
The privacy token works on its own blockchain, hiding the details of virtually every transaction. The sender and recipient IDs, as well as the transaction amount itself, are spoofed.
These anonymous features allow monero to free cybercriminals from some of the tracking tools and mechanisms provided by the Bitcoin blockchain.
“The Bitcoin blockchain allows you to see the wallet address traded, the number of Bitcoins, their source and destination,” explained Fred Thiel, former chairman of Ultimaco, one of Europe’s largest cryptocurrencies. I will. Microsoft, Google, etc. on post-quantum cryptography.
“In Monero, [the blockchain] It obscures the wallet address, volume of transactions, and who the other party is. This is almost exactly what a malicious person wants, “he said.
More threat actors demand Monero while Bitcoin still dominates demand for ransomware, according to Marc Grens, president of Digital Mint, a company that helps corporate victims pay the ransom. I’m starting to do it.
“In the last few months, we’ve seen REvil offer discounts and demand payments on monero,” continued the Netherlands.
Monero was also popular on Alpha Bay, a huge underground market that was popular until it closed in 2017.
“At least from a cybercrime perspective, Monero seems to be seeing a resurgence, because Monero is inherently more privacy-protected than other coins,” Holland said of Monero’s recent popularity. He talked about the rise. Ransomware space actor.
However, there are some major barriers to mainstreaming monero.
For one thing, it’s not as fluid as other cryptocurrencies-many regulated exchanges have chosen not to list it due to regulatory concerns, and portfolio manager and founder of Quantum Economics. Matty Greenspan explained. “I’m certainly not enjoying it that much from the recent wave of institutional investment,” he said.
In reality, that means that cybercriminals have difficulty paying directly in currency.
“If you’re a business and want to get a lot of Monero to pay someone, it’s very difficult,” Thiel told CNBC.
Digital currencies can also be more vulnerable to on / off-ramp regulation, which is the bridge between fiat money and crypto tokens.
“I would like to say that the United States and other regulators intend to shut them down. [monero] It fell pretty hard. “
One way they can keep up with it: if they list monero, they tell the exchange that they are at risk of losing their license.
However, while the U.S. government can keep Monero away by minimizing liquidity points, Castle Island Ventures founding partner Nic Carter constantly regulates markets that allow Monero’s peer-to-peer transfers to Fiat. I think it’s difficult.
Nor can hackers remain within US jurisdiction. Criminals can easily choose to carry out all transactions abroad, where they are not subject to the types of regulations that US regulators may enforce.
Bitcoin still dominates ransomware
Cyber insurance is another reason why Bitcoin is still the currency of choice for most ransomware attacks.
“Insurance is very important in this area, and insurers often refuse to repay if the ransom payment is Monero,” said Hogan Lovells, a law firm partner on cyber risk management. Former CIA Case Officer Peter Malta, who advises, said.
“One of the things insurers are always looking for is what kind of due diligence the victim has done before making the payment … the possibility that the payment will be sent to an entity on the sanctions list. To minimize it, “Malta explained. ..
Traceability is more easily achieved with Bitcoin, given that the blockchain puts both the sender and receiver addresses participating in the exchange with a bare transaction volume. Established infrastructure for authorities to monitor these transactions is already in place.
Authorities maintain a list of Bitcoin wallets associated with various sanctions regimes.
Monero offers a higher degree of privacy than Bitcoin, but Holland points out that threat attackers have mastered certain techniques to anonymize Bitcoin transactions in order to obscure the management process. ..
He said that cybercriminals often turned to mixing or tumbling services, where they could combine illegal funds with clean crypto to create essentially a new type of Bitcoin, at which point they were currency. He says he will look at swaps.
“Like you pound from dollars … they might go back to Bitcoin, Monero, and Bitcoin and get a Bitcoin ATM card, where they buy dollars with it. It can be cashed, “explained the Netherlands.
Therefore, while the Bitcoin blockchain is open to the public, there are still ways to make it difficult for investigators to track transactions to their final destination.