The Connection between Cryptocurrency and Ransomware Attacks

Man holding bitcoin Photo by diy13 -

Wannacry ransomware cryptoworm attacks shook the Internet when it infected more than 300,000 computer devices in over 150 countries. An interesting development that occurred following the attack demonstrated the ever-increasing prevalence of cryptocurrency. The operators of Wannacry asked the victims for ransom money in Bitcoins.

From then on, experts are constantly trying to deduce the reasons as to why attackers have chosen cryptocurrency as their preferred method of accepting the ransom payments. Due to a non-conventional nature of cryptocurrency transactions, digital security researchers haven’t succeeded in finding out the exact amount that has been paid to the ransomware attackers through this method.

Nonetheless, cryptocurrency transactions worth millions of dollars have been paid to the attackers for so that their data can be de-encrypted. After taking several factors into account, some important points have been deduced by researchers regarding the connection between ransomware attacks and cryptocurrency payments.

The Rise of Ransomware and Cryptocurrency

There is an interesting aspect regarding ransomware and cryptocurrency as both experienced a large rise than in the previous year and consequently, ransomware posed itself as the leading cyber threat in 2017.

On the other hand, the value of the Bitcoin went through the roof in 2017 of which has not been seen by any digital or physical commodity in recent human history. A single Bitcoin basically went from $900 to the heights of $20,000 in a single year.

Reasons for the Establishment of this Unholy Connection

Paid Ransom Can’t be Charged Back

As we know, payment of ransom is the only option available to victims when all other options have already been exhausted. To discourage the ransomware attacks, it is generally advised not to pay any money to the operators for the recovery of locked files. More importantly, no one wants to pay their hard-earned money to get back their own data.

In normal banking transactions, a chargeback is a tool that can be used to reverse and stop the payments. It’s a widely used practice in the credit card sector where fraudulent and faulty payments are settled through a chargeback.

However, no such feature is present in cryptocurrency transactions because they are unchangeable. Once you have made a payment there, you can’t reverse it even if you have changed your mind. This attribute of cryptocurrency plays in the favor of ransomware operators in all those cases where indecisive victims hesitantly pay the ransom and then regret it later.

Exclusion of Third-party

Ransom payments are outright illegal. Using bank-administered ransom payments can be unsafe for cybercriminals as there are paper trails and this can provide law enforcement agencies with the information they need to nab them. To ensure fast transactions and to demonstrate their model of decentralization in full force, cryptocurrency transactions don’t involve any third-party. Digital coins transferred by one user end up directly in the wallet of other user and he can immediately convert them into fiat currencies.

This fast-tracking of cryptocurrency transactions is also exploited by ransomware operators. This means ransom payment through cryptocurrency is akin to those classic briefcase transactions where only victims and criminals are aware of the activity.

A Way of Profit Maximization

As we saw last year how the value of the Bitcoin has increased, some researchers believe that this rise might be the reason why crypto virological attackers prefer cryptocurrency, particularly the Bitcoin, as a means of ransom payments. By receiving money in Bitcoins to unlock the encrypted files, ransomware operators can actually double down their payments in a few weeks, and without doing anything.

Effortless Accessibility

Even though cryptocurrency is still not a part of the mainstream financial commotions, it can still be used by anyone, thanks to the Internet. Any victim who gets targeted by a ransomware strain can use cryptocurrency channels to pay the attackers.

Cryptocurrency is Universal

In terms of global outreach, cryptocurrency is even bigger than the Euro because it’s the currency of the entire world. This is another reason why cryptocurrency is extensively used by ransomware operators as their preferred payment method.

As we know physical locations are immaterial for cyber attacks. A cybercriminal can make your data hostage while sitting thousands of miles away. With cryptocurrency transactions, ransomware operators are able to transcend exchange rates, interest rates and boundaries of nation-states.

Anonymous Nature of Cryptocurrency

Man with blindfold asking for passwordWe saved cryptocurrency’s most intriguing feature for last, and that is the level of anonymity it provides with its transactions. In general, cybercriminals want to remain anonymous for obvious reasons.

Conventional methods of money transfer need some kind of personal information to proceed with the transactions. However, that is not the case with the payments of cryptocurrency. You can actually make and receive transactions under pseudonyms. Moreover, each transaction can be performed in a different pseudonym so that even the cryptocurrency ledger is virtually useless when trying to trace the people involved in the transactions.

By making social security numbers, banking details and physical addresses irrelevant, cryptocurrency has made it very convenient for criminal elements to manage their monetary dealings by maintaining complete anonymity around it. Likewise, ransomware operators also succeed in their shenanigans without disclosing their identity through cryptocurrency payments.

What’s the Future?

Notwithstanding the rise and fall of the cryptocurrencies are here to stay for a long run. Similarly, ransomware attacks are also being evolved into more complex forms. So, by the looks of it, the marriage of ransomware and cryptocurrency is not going to end any time soon.

Posted On September 6, 2018