For Ransom, Bitcoin Replaces the Bag of Bills

Uploaded on 2015-08-04 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-Financial

26db-ransom-web-popup.jpg

A screengrab of a message sent by a hacker demanding Bitcoins for unlocking encrypted files.

In the old days, criminals liked their ransom payments in briefcases full of unmarked bills. These days, there’s a new preferred method for hostage takers: the virtual currency Bitcoin. In a modern day version of a mob shakedown, hackers around the world have seized files on millions of computers, taken down public websites and even, in a few cases, threatened physical harm. The victims, who have ranged from ordinary computer users to financial firms and police departments, are told that their only way out is through a Bitcoin payment that is sometimes more than $20,000.

One set of attackers, believed to be based in Russia and Ukraine, collected about $16.5 million in Bitcoins in a little over a month, primarily from victims in the US, according to the security firm Sophos.

Criminals like the virtual currency because it can be held in a digital wallet that does not have to be registered with any government or financial authority — and because it can be easily exchanged for real money. At the moment, a single Bitcoin can be sold online or on the street for around $290.

Bitcoin, which was released by an anonymous creator in 2009, has recently been gaining mainstream appeal. Start-ups in the industry have won investments from big names like Goldman Sachs and the New York Stock Exchange, which have praised the technology as a faster, more efficient way to complete financial transactions.

But the proliferation of ransom demands has provided an unhappy reminder of the virtual currency’s continuing appeal to the criminal underworld, long after the authorities shut down the online drug bazaar, Silk Road, where heroin and cocaine were sold using Bitcoin.

The latest reminder of Bitcoin’s underbelly came last week with the arrest of two Florida men. The authorities said victims of malware were steered to Coin.mx, a site run by the two men, to buy the Bitcoins to pay the ransom demanded by the malware. The complaint suggested that the criminals also used the site to launder their proceeds.

A police department in New Hampshire that was hit by CryptoWall in June 2014, refused to hand over the ransom and was able to revert to backup files. But more recently, police departments in Dickson County, Tenn., and Tewksbury, Mass., have said that they chose to pay the roughly $500 ransom rather than deal with the headache of trying to circumvent the hackers.
Beyond these attacks, extortionists went after two longtime Bitcoin advocates last year, threatening to exploit personal information about the men’s families if they did not pay up.

Some leaders in the Bitcoin community have suggested potential ways to fend off the ransom threats, digitally marking any coins used for ransom payments, similar to how dollar bills used in hostage situations are marked with invisible dye.
But such solutions have been held up because of the value that many Bitcoin believers have put in the virtual currency’s unfettered free movement.
NYT: http://nyti.ms/1KNVnTi

« Google Gives Customers Control of Encryption Keys
3D Xpoint Memory: Faster-than-flash Storage »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Perforce Software

Perforce Software

Perforce helps companies build complex software products more collaboratively, securely, and efficiently.

CERT.AZ

CERT.AZ

The national Cyber Security Center of the Republic of Azerbaijan.

VXRL

VXRL

VXRL is a Hong Kong-based cybersecurity company. We provide consulting services, penetration testing, and corporate training.

Standards Council of Canada (SCC)

Standards Council of Canada (SCC)

SCC leads and facilitates the development and use of national and international standards and accreditation services in Canada.

Cyan Securiy Group

Cyan Securiy Group

Cyan provide best-in-class cyber security solutions for mobile Internet and mobile devices that are extremely effective and highly intuitive in their use.

Stratus Cyber

Stratus Cyber

Stratus Cyber is a premier Cyber Security company specializing in Managed Security Services. Our services include Blockchain Security, Pentesting, and Compliance Assessments.

RIT Global Cybersecurity Institute

RIT Global Cybersecurity Institute

At RIT's Global Cybersecurity Institute, we educate and train cybersecurity professionals; develop new cybersecurity and AI-based knowledge for industry, academia, and government.

e-Careers

e-Careers

e-Careers is an edtech institution that provides industry recognised courses and up-skilling solutions to individuals and organisations.

Enzoic

Enzoic

Enzoic is an enterprise-focused cybersecurity company committed to preventing account takeover and fraud through compromised credential detection.

C3i Hub

C3i Hub

C3i Hub aims to address the issue of cyber security of cyber physical systems in its entirety, from analysing security vulnerabilities to developing tools and technologies.

Integrity

Integrity

Integrity is a PCI QSA and ISO 27001 certified company specialized in Information Security and IT Consulting.

Upfront Security

Upfront Security

Upfront Security helps companies with innovative products & services to prevent, recognise and recover from (identity) fraud.

RiskOpsAI

RiskOpsAI

RiskOpsAI (formerly OptimEyes) is an AI/ML driven Integrated Risk Modeling and Decisioning Platform functioning as an advanced GRC/Risk Management Integration Accelerator.

Infisign

Infisign

Infisign addresses the challenges of traditional IAM systems and offers a comprehensive solution for modern identity management.

EPAM Systems

EPAM Systems

Since 1993, EPAM Systems has leveraged its advanced software engineering heritage to become a leading global digital transformation services provider.

COcyber

COcyber

COcyber aims to enhance collaboration between the cybersecurity civilian and defence spheres. It is a two-year project funded by the European Union and it kicked off in July 2024.