A recent report by blockchain analysts reveals a noteworthy decrease in crypto-related crimes throughout 2023. However, a closer look at the findings underscores a significant surge in ransomware and darknet market activities involving cryptocurrencies.
Ransomware Inflows Hit New Heights
Eric Jardine, a cybercrime researcher, sheds light on the concerning trend. He points out that ransomware and darknet market wallets experienced increased inflows in 2023 compared to the previous year when measured in euros. In the realm of ransomware, heightened inflows indicate that victims – individuals to critical infrastructure providers – are paying larger ransoms after falling prey to cyberattacks by malicious actors.
Darknet Markets: A Resilient Ecosystem
Jardine notes that the surge in darknet market activities can be attributed to the recovery of the illicit darknet ecosystem. The closure of Hydra Marketplace in 2022, one of the largest darknet marketplaces, reduced the inflows to darknet markets that year. However, this closure also triggered increased darknet market activity throughout 2023.
Historical Context: Cryptocurrency and Darknet Marketplaces
Another researcher draws attention to the historical use of cryptocurrencies in darknet marketplaces. Notable examples include The Silk Road, known for utilising Bitcoin in money laundering and illegal drug transactions, and the closure of Abraxas in 2015. Surprisingly, in 2023, an entity moved 4,800 BTC – valued at €144 million – from a wallet tied to Abraxas.
Ransomware Attacks on the Rise
Beyond darknet markets, ransomware attacks involving cryptocurrency witnessed a substantial increase in the past year. According to a bug bounty platform Immunefi report, the top 10 crypto-ransomware attacks since 2020 have profited €69,316,140 in Bitcoin.
Nir Duan, CEO of Sayfer – a blockchain cybersecurity company, attributes this surge to the prevalence of malware-as-a-service (MaaS). Duan emphasises that these services allow individuals to execute attacks without advanced technical skills.
Evolving Threats: Phishing and “Crypto Drainer” Malware
Duan points to the rise of phishing-as-a-service infrastructure, citing examples like pig butchering schemes. These schemes involve enticing individuals to deposit money using various tactics, resulting in substantial financial losses.
Additionally, a recent report from cybersecurity company Group-IB highlights the increasing use of “crypto drainer” malware. The Inferno Drainer, a phishing operation functioning under the “scam-as-a-service” model, compromised approximately 130,000 victims and stole nearly €87 million of digital assets in 2023.
Responding to the Surge in Crypto Crimes
Efforts are underway to combat the escalating threat of ransomware and darknet market crimes. The creation of The Darknet Marketplace and Digital Currency Crimes Task Force in June 2023 aims to target “cryptocurrency-enabled crimes” such as drug trafficking, money laundering, and child exploitation.
Jardine emphasises the role of law enforcement in locating and apprehending perpetrators. He notes that the traceability of blockchains facilitates such enforcement actions.
Proactive Measures and Future Outlook
Despite the challenges, proactive measures are being taken. Duan shares that Sayfer is developing an on-chain-off-chain investigation tool to detect underlying infrastructure used in attacks, aiming for a more effective defence against evolving malware techniques.
However, Duan and Jardine express concerns about the persistence and growth of ransomware and darknet market crimes using cryptocurrency. Duan cites the franchising of malware tools and advancing technology as contributors to the continued rise in criminal activities.
In conclusion, while the use of cryptocurrency grows, enforcement actions and proactive measures become crucial to mitigate the impact of these evolving cyber threats. The landscape of crypto-related crimes is dynamic, demanding ongoing adaptation and collaboration across sectors to maintain a safer digital environment.
