On Oct 15, 2021, the Financial Crimes Enforcement Network (FinCEN) in the US released a report called ‘Financial Trend Analysis: Ransomware Trends in Bank Secrecy Act Data Between January 2021 and June 2021.’ This report contains some key insights into the relationship between cryptocurrency and ransomware-related financial crimes.
It appears that a large proportion of this report is specifically targeted at covering the role that cryptocurrencies play in the world of ransomware in 2021. In total, the organization claims to have “identified approximately $5.2 billion in outgoing BTC transactions potentially tied to ransomware payments” in the course of its research for the report.
The rising problem with crypto in ransomware
Indeed, the most prevalent ransomware variants listed by FinCEN include ‘REvil,’ a form of threat that has been well known for being used to extort its victims specifically for payments using the bitcoin cryptocurrency.
In the report, FinCEN specifically names the methods which these criminals are using to evade detection by regulatory and legal authorities. For example, the criminals behind ransomware are increasingly demanding payments using ‘Anonymity-enhanced cryptocurrencies’ (think Monero or DASH) when they attempt to extort their targets.
Many privacy cryptocurrencies are based on permissionless networks like Bitcoin. Unlike Bitcoin, they employ advanced encryption and cryptographic techniques to obscure additional details which could otherwise be used to identify address owners, their account balances, and potentially the amount of crypto associated with individual transactions associated with those addresses.
The report also mentions that ransomware attackers are using Tor to evade detection, as well as “avoiding reusing wallet addresses, ‘chain hopping’ and cashing out at centralized exchanges, and using mixing services and decentralized exchanges to convert proceeds.”
The freedom associated with cryptocurrencies like bitcoin is more commonly considered to be one of their benefits, but the flip side of this freedom is accessibility to financial criminals such as scammers and money launderers. While this isn’t an issue that affects the average user, it’s a huge sticking point for regulators and one argument on the side of CDBC advocates.