Ransomware attacks are increasingly demanding the ransom be paid back via Bitcoin, the cryptographic digital currency based on Blockchain distributed ledger technology.
This is because the cryptocurrency offers discretion. It offers a secure, often untraceable, method of making and receiving payments – a perfect currency for those hackers who want their financial activities to remain hidden.
The popularity of Bitcoin has grown significantly in recent years, hitting a peak in recent weeks of $1,300 per coin. This does not correlate directly to the rise of ransomware.
“There are multiple influences on bitcoin’s price fluctuation,” said Aaron Higbee, CTO at PhishMe.
>See also: Has ransomware exploded because of bitcoin?
“The biggest moves can usually be tied to government regulations or policy changes like India’s aggressive change to get cash declared and in banks. Some fans of cryptocurrency only see long term viability if people start transacting it for normal goods or services. This shakes the stigma that it’s only used on the underground for illicit goods.”
Instead, ransomware attackers have switched to using the digital currency for their payment activities.
Before they used PO boxes, which were traceable. They then moved to online payments using Western Union or PayPal, but these systems are still tied to banks, giving the authorities an opportunity to trace the the cybercriminals. So, they turned to the already popular cryptocurrency. Anonymity is the key.
“While it’s difficult to tie bitcoin price swings to any one event, one thing for sure, bitcoin transactions are on the rise due to the increasing victim count of those who’ve had their computers infected via phishing emails delivering ransomware,” suggested Higbee.
He believes Bitcoin’s record valuation will incentivise ransomware attacks. “Cyber criminals are not price adjusting their ransomware phishing emails. Depending on the ransomware family and affiliate, the typical ransom request has been either .5 or 1 btc. This means that a year ago today, you would be paying $225-$450 to decrypt a single computer. Today you are paying $650-$1320.”
“I’m sure this isn’t lost on the ransomware phishing cybercriminals. While malicious actors are celebrating the price increase, folks like the Gemini Capital Winklevoss twins are biting their nails since they need cryptocurrency to have legitimate uses if the SEC will ever overturn their ETF rejection. Cybercriminals getting rich on phishing isn’t helping their case.”