View All R&D Articles

Why Ransomware Criminals are Moving Away from Bitcoin

June 29, 2018

darkweb hacker image

Bitcoin used to be the preferred payment method of cybercriminals. Last year, we reported that the hackers behind the WannaCry ransomware infected PCs worldwide, and demanded payment in the form of Bitcoin from their victims. Hackers asked for Bitcoin because the cryptocurrency’s transactions are harder to trace to individuals compared to traditional bank transfers.

Some European businesses started to purchase Bitcoin in 2017 in order to prepare themselves for future ransomware demands. Cyber criminals, meanwhile, saw the value of Bitcoin skyrocket, which made the cryptocurrency a target for high-profile cyber theft.

Despite Bitcoin’s continuing popularity and expensive value, several news reports are stating that ransomware criminals are now asking for a different payment method.

While Bitcoin remains a highly popular cryptocurrency among people who deal in the dark web, its high-profile status is giving criminals some problems. ZDnet puts the blame on the asset’s hyper volatility that sometimes jeopardizes criminal operations. A crash doesn’t only affect investors who have diversified their portfolio with cryptocurrencies, but also criminals who need to keep adjusting their ransom based on the current prices of Bitcoin.

Before 2017 ended, Bitcoin reached an all-time high of $20,000. However, it slid sharply at the start of 2018, and settled at 50% of its December 2017 prices. In June, Nadex reported that cryptocurrency markets are being rocked by volatility almost every day. Bitcoin moved 13% lower, and even experienced a $1,000 drop in one trading day. Like any other asset, Bitcoin’s prices are affected by fundamental factors that affect the economy as a whole. Hacked online exchanges, the strengthening of regulated currencies, and current investor sentiment towards cryptocurrency markets are just some examples of what can affect the price of Bitcoin.

In the same article by ZDNet, it was mentioned that criminals are moving towards more stable forms of cryptocurrency like Monero, Zcash, and Ethereum. With the aforementioned 3 cryptocurrencies, criminals won’t have to keep adjusting their ransom every time Bitcoin’s prices crash.

Bad news for altcoins

The shift to other cryptocurrencies is gaining traction within the dark web. If more cybercriminals move towards other forms of digital funds, it will create problems for investors who have decided to stay away from Bitcoin because of its volatility. Hackers who switch to other cryptocurrencies will disrupt the trust of investors, and make altcoins more volatile. Apart from that, the mass switch by ransomware criminals to other cryptocurrencies will also make it harder for authorities to catch criminals, because they will be investigating multiple cryptocurrencies instead of just Bitcoin. Some new cryptocurrencies are designed to provide almost absolute anonymity to the integrity of the transactions and users, making investigations into cyber-crime money laundering next to impossible.

“We’ll see a progressive shift in 2018 towards criminal use of cryptocurrencies other than Bitcoin, making it generally more challenging for law enforcement to counter,” warned the Executive Director of Europol Rob Wainwright in a Tweet.

Despite the switch to other cryptocurrencies, many criminals will also continue to use Bitcoin due to its popularity. With more people and companies using it for everyday transactions, there is a higher chance of receiving the ransom.

“We must remember that when forcing ransom payment, Bitcoin is still the cryptocurrency of choice given its wide availability and use” said Thycotic’s Chief Security Scientist Joseph Carson. “It is when cyber-criminals are moving money around to pay other cyber-criminals or to purchase new toys they will use an alternative cryptocurrency to keep a low profile.”

Did you have your data stolen by ransomware criminals? Here on we provide fast and affordable solutions to your stolen files. Call us at 800-237-4200 so we can help retrieve what’s yours.