When the FBI succeeded in hacking into a crypto wallet that Colonial Pipeline hackers held in bitcoin by tracking the money's path through the blockchain, it served as a wake-up call to cybercriminals who believed that dealing with a digital currency automatically protected them from scrutiny. One of the basic principles of Bitcoin is that its public ledger, which stores all transactions in its history, is visible to all.
This is why more and more hackers are turning to cryptocurrencies like Dash, ZCash, and Monero, which have additional anonymity built into them. Monero in particular has become the cryptocurrency of choice for a growing number of the world's top ransomware criminals.
Monero was released in 2014 by a group of developers, many of whom chose to remain anonymous. As explained in the white paper, privacy and anonymity are the most important aspects of this digital currency. Monero operates via its own blockchain, which hides almost all transaction details. The identity of the sender and receiver is hidden, as well as the amount of the transaction itself. Because of these anonymizing features, Monero gives cybercriminals more freedom as compared to some of the tracking tools and mechanisms that Bitcoin provides.
Through the Bitcoin blockchain, you can find out the address of the wallet that has been dealt with, the number of Bitcoins, where they came from, and where they are heading. But with Monero, its blockchain network obfuscates the wallet address, the number of transactions, and who the counterparty was, which is what cybercriminals want. And while Bitcoin still dominates ransomware attacks, more and more cybercriminals have started requesting Monero.
DigitalMint, which helps corporate victims pay the ransom, said: REvil has offered discounts or solicited payments in Monero in the past two months.
Monero was also a popular choice in AlphaBay, a massive marketplace on the dark web that closed in 2017. From a cybercriminal perspective, we seem to be seeing a revival in Monero as it inherently has more privacy than some of the other cryptocurrencies out there.
There are some major drawbacks when it comes to popularizing Monero. First, it is not as liquid as other cryptocurrencies. Many regulated exchanges chose not to list due to regulatory concerns. In practical terms, this means that it is difficult for cybercriminals to get direct money in the currency. Cryptocurrency could also be made more vulnerable by regulation regarding the bridge between fiat currencies and crypto tokens.
And while the US government can keep Monero at bay by sidelining liquidity points, markets that allow peer-to-peer transfers will always be difficult to regulate. There is also nothing to keep hackers within the jurisdiction of the United States. Criminals can choose to carry out all transactions in places that are not subject to the kind of controls that US regulators might put in place.
Online security is another reason why Bitcoin remains the currency of choice for most ransomware attacks. Insurance companies often refuse to make ransom payments if they are in Monero. Traceability is more easily achieved with Bitcoin, given that its blockchain network determines the bare transaction amounts and addresses of both the sender and recipients participating in the exchange.
There is also infrastructure in place for administrators to monitor these transactions. The authorities maintain lists of bitcoin wallets that are linked to different penal systems. While Monero offers a greater degree of privacy compared to Bitcoin, hackers have mastered certain techniques to anonymize Bitcoin transactions. And hackers often resort to a mixing service where they can combine illicit funds with clean cryptocurrencies.
Therefore, although the Bitcoin blockchain is public. There are still ways in which it is difficult for investigators to trace transactions to their final destination.