While cybercriminals’ use of digital currencies has become a constant concern of law enforcement agencies around the world, bitcoin (BTC) is no longer prevalent in ransomware ransom payments and money laundering. Now, the so-called “privacy cryptocurrencies” are gaining the attention of hackers, especially the monero (XRM), which makes it difficult to track digital transactions and wallets.
Bitcoin operates on an open blockchain network, in which a fully public ledger records all cryptocurrency movements, specifying the addresses of the digital wallets involved and the amount of BTC transacted. In this way, it becomes easier for authorities to track money involved in criminal activities, even more so with the increasing preventive measures being taken in multiple countries.
Thus, privacy coins have emerged as a great option for criminals to cover their money trail. Monero is the most famous digital currency of its kind. It is designed to hide the sender, receiver, and also the amount moved. Thus, digital currency has become a very interesting tool to be used in money laundering and ransomware payments, when hackers take control of the victim’s system and place a price to release it.
Bitcoin surveillance grows
Monero’s rise is directly linked to increased efforts by authorities around the world to crack down on cybercrime. Thus, cryptocurrencies have been receiving more regulations in recent months in countries like the United States, making it difficult for criminals to act.
One of the most notable cases of 2021 was the ransomware attack that US pipeline company Colonial Pipeline suffered in mid-May. One of the main fuel distributors in the United States found itself totally paralyzed for hours, affecting supply in much of the country, forcing the company to agree to pay about $4.4 million to criminals.
Criminal groups migrate to monero
“We’ve seen ransomware groups specifically switching to monero,” said Bryce Webster-Jacobsen, director of intelligence for cybersecurity group GroupSense, to Financial Times. The company has already helped several victims pay ransoms with the privacy cryptocurrency “Cybercriminals have recognized that it’s easier to make mistakes using bitcoin, which ultimately allows transactions recorded on the blockchain to reveal your identity.”
Brett Callow, threat analyst at anti-malware developer Emsisoft, told the Financial Times that the well-known Russian ransomware group REvil has fully migrated from bitcoin to monero in their ransom demands. The organization is believed to be responsible for the recent attack on a JBS slaughterhouse.
DarkSide, one of the top known ransomware organizations responsible for the Colonial Pipeline attack, also accepts monero, while charging a fee of up to 20% more on the ransom value if the customer chooses to pay bitcoin for the higher risks involved in the transaction . Babuk, responsible for another attack on Washington DC police, operates in a similar way.
Member of the community that developed monero, Justin Ehrenhofer told the Financial Times which estimates that between 10% and 20% of ransomware attack ransoms are paid in the privacy cryptocurrency, but believes that percentage will rise to 50% by the end of 2021. He also stated that digital currency was not designed for use criminals, but that facilitating these activities was a structuring error.
With information: Financial Times