When the FBI successfully hacked into the Bitcoin wallet held by Colonial Pipeline hackers by tracing the money’s path through the blockchain, it was a wake-up call to cybercriminals who thought transacting with digital currency automatically protected them from scrutiny.
One of the basic principles of Bitcoin is that its public ledger, which stores all transactions in its history, is visible to everyone.
This is why more hackers are turning to cryptocurrencies like Dash, ZCash, and Monero, which have additional anonymity built into them.
Monero, in particular, has become the cryptocurrency of choice for a growing number of major ransomware criminals in the world.
History of Monero
Monero was released in 2014 by a group of developers, many of whom chose to remain anonymous. As explained in the white paper, privacy and anonymity are the most important aspects of this digital currency.
Monero operates via its own blockchain network, which hides almost all transaction details. The identity of the sender and recipient is hidden, as well as the amount of the transaction itself.
Because of these anonymity features, Monero allows cybercriminals more freedom compared to some of the tracking tools and mechanisms provided by Bitcoin.
Through the Bitcoin blockchain network, you can know the address of the wallet that was processed, the number of Bitcoins, where they came from, and where they are headed.
But with Monero, its blockchain network obfuscates the wallet address, the amount of transactions, and who the counterparty was, which is what cybercriminals want.
While Bitcoin still dominates ransomware attacks, more cybercriminals are starting to demand Monero.
DigitalMint, which helps corporate victims pay ransomware, said: REvil has been offering discounts or requesting payments in Monero in the past two months.
Monero was also a popular choice on AlphaBay, a massive dark web marketplace that shut down in 2017.
From a cybercriminal perspective we seem to be seeing a resurgence in Monero because it is inherently more private than some of the other cryptocurrencies out there.
Monero limitations
There are some major hurdles when it comes to popularizing Monero. First, it is not as liquid as other cryptocurrencies. Many regulated exchanges chose not to list it due to regulatory concerns.
In practical terms, this means that it is difficult for cybercriminals to obtain direct funds in the currency.
Cryptocurrency could also be more vulnerable to regulation regarding the bridge between fiat currencies and crypto tokens.
While the US government can keep Monero at bay by marginalizing liquidity points, markets that allow peer-to-peer transfers will always be difficult to regulate.
There is also nothing to keep hackers within US jurisdiction. Criminals can choose to carry out all transactions in places that are not subject to the type of controls that US regulators might put in place.
Bitcoin is taking over
Cybersecurity is another reason why Bitcoin remains the currency of choice for most ransomware attacks. Insurance companies often refuse to make ransomware payments if they are in Monero.
Traceability is more easily achieved using Bitcoin, given that its blockchain network identifies the bare transaction amounts and addresses of both the sender and recipients involved in the exchange.
There is also an infrastructure in place for administrators to monitor these transactions. Authorities maintain lists of Bitcoin wallets linked to various sanctions regimes.
While Monero offers a greater degree of privacy compared to Bitcoin, hackers have mastered certain techniques to anonymize Bitcoin transactions.
Hackers often resort to a mixing service where they can combine illicit funds with clean cryptocurrencies.
Therefore, although the Bitcoin blockchain is public. There are still ways that make it difficult for investigators to trace transactions to their final destination.