Ransomware attackers have developed in sophistication, both in their firms-like operations and the levels of extortion they are perpetrating, according to a recent study.
Cryptocurrencies could improve and disrupt financial systems by offering a cheap, expedient, and secure means of transferring value, according to a study published in the Social Science Research Network. However, they also open up new payment channels for cybercrimes, of which ransomware attacks, money laundering activities, and various crypto-based scams have recently surged.
The study highlighted that a certain modus operandi has become distinct among cybercriminals involving cryptocurrencies. In one instance, hackers exploit weaknesses in either centralized organizations such as crypto-exchanges or decentralized algorithms, then abscond with the illicitly-gained funds. In the second, traditional cybercriminal activities have now been bolstered with a new payment channel utilizing the new technology.
The study focused in particular on the latter variety, conducting the first detailed anatomy of crypto-enabled cybercrimes by assembling a diverse set of public, proprietary, and hand-collected data, that also included dark web conversations in Russian. The analysis revealed that “a few organized ransomware gangs dominate the space and have evolved into sophisticated firm-like operations with physical offices, franchising, and affiliation programs.”
Ransomware attacks have become the most rampant cybercrime, amassing hundreds of millions of dollars last year, according to a recent report from Chainalysis. However, the number of attacks is likely underestimated, because victims like large corporations often seek to avoid disclosure that could trigger negative market reactions. Yet, as ransomware attacks increase in number, their operations have also grown more sophisticated as well, the study detailed.
The study detailed how these techniques have become even more aggressive over time, entailing multiple layers of extortion, then requiring further reputational management. In addition to holding sensitive data hostage, since 2019, ransomware gangs have also started to threaten to leak it. According to the study, the double extortion game proved to be an effective tool to increase the gangs’ revenue. Leaking sensitive data also attracted supporters, giving the gangs additional reputational benefits.
Now, a triple extortion game has emerged, “using affiliated journalists to spread the threat, as well as threatening the victim to expose the data to stockholders, business partners, and employees and customers.” In order to effectively employ the new tactic, ransomware gangs “run sophisticated business-like operations, such as maintaining call centers to contact the victims’ stakeholders and operatives to conduct research on victims’ business.”
Gangs that have developed such a professionalized approach to cybercrime include Conti, REvil, MAZE, and DarkSide, according to the analysis. While the study ultimately proposed that blanket restrictions on cryptocurrency usage would likely prove ineffective and hinder innovation, it concluded that “blockchain transparency and digital footprints enable effective forensics for tracking, monitoring, and shutting down dominant cybercriminal organizations.”
For Be[In]Crypto’s latest Bitcoin (BTC) analysis, click here.
All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.