Weekend Argus (Saturday Edition)
It’s enough to make them WannaCry
LONDON: Bitcoin is well-entrenched as the preferred payment for cybercriminals like the WannaCry hackers who have hit more than 300 000 computers over the past week, but cryptocurrencies offering more anonymity are threatening to displace it.
Bitcoin’s dominance in the nefarious online underworld, say cybercrime experts, is its size – the value of all bitcoins is more than twice that of the nearest of hundreds of rivals.
That makes it easy for victims to access enough to pay the ransoms demanded, and for hackers to cash out of it via online exchanges.
Bitcoin was set up in 2008 by someone – or some group – calling themselves Satoshi Nakamoto, and was the first digital currency to successfully use cryptography to keep transactions secure and hidden, making traditional financial regulation difficult if not impossible.
Money is sent from one anonymous online “wallet” to another with no need for a third party to validate or clear the transactions.
In the WannaCry attack, the addresses of three anonymous bitcoin wallets were given to victims, with a demand for ransom payments from $300 worth of bitcoin, with a promise the affected machines would be decrypted in return, a promise that no evidence has shown will be kept.
But since the way Bitcoin functions is via the blockchain – a giant, virtually tamper-proof, shared ledger of all bitcoin transactions ever made – payments can be traced, if users do not take further steps to cloak themselves using digital anonymity tools.
. If criminals using bitcoin want to stay truly anonymous, Gun Sirer said, they have to go through a number of additional, complex steps to make sure they do not get caught.
It is not yet clear what level of sophistication the WannaCry hackers have when it comes to laundering their cryptocurrency, as none of the money has yet been moved out of the three bitcoin wallets linked to the ransomware, which have had over $80 000 worth of bitcoin paid into them so far.
But some have suggested that the fact that the WannaCry hackers demanded bitcoin shows how amateur they are.
More sophisticated criminals use obfuscation methods that make it very hard to be tracked down. One of the most basic ones is a technique known as “chain-hopping”, whereby money is moved from one cryptocurrency into another, across digital currency exchanges – the less-regulated the better – to create a money trail that is almost impossible to track.
Newer and more complex money-laundering methods have also emerged in recent years, which make it very difficult for law enforcement and bitcoin security firms such as Elliptic or New Yorkbased Chainalysis to track down cybercriminals.
“It’s a cat-and-mouse game – as police and companies like Elliptic catch up to criminals’ techniques, they invent new techniques,” said Jerry Brito, executive director of the Washington, DC-based Coin Centre, a not-for-profit advocacy group focusing on public policy issues around cryptocurrency. – Reuters