Ransomware creators are laundering their Bitcoin rapidly since the currency value is dropping

The drop in the value of the Bitcoin is pushing cyber criminals to rapidly cash-out their ears with ransomware in order to monetize their efforts.

The business made by exploiting Ransomware has seen better days, all because the value of Bitcoin is dropping, that means, to avoid losing more money crooks are laundering money.

“They( criminals)  use Bitcoin for the money laundering part and take payment with it, but they’ll move it out almost immediately. Most of them won’t keep bitcoins – they don’t like the valuations Bitcoin has – so they just use it as a layer of obfuscation, and move it to a different form of money.” Etay Maor, senior fraud prevention strategist at IBM Security told to The Register.

The reason for this is easy to understand when you realize that in December 2013 Bitcoin was worth US$1,147 (1,055€, £ 758) and the current value is US$238 (£158, €216).

Authors of Ransomware use to accept only bitcoins payments to unlock the system of encrypted files because the pseudo anonymity of its transactions.

Etay Maor added that malware masterminds and operators launder their ransom bitcoins into other online currencies or using “mules” and convert the funds through their accounts in exchange for a commission.

These “mules” are normally recruited online, but their profile differs from each other, depending on the mule’s geo location. For example in Europe, mules are generally retirees looking for some extra income, working from home, but for example in Asia , who most common profile of “mules” this role is played by students looking for an extra income, where they get between 15 and 20% of the laundered money.

In any of these cases, most of them don’t actually know what they are doing, until law enforcement shows up in their front door, and the malware creation continues on the loose, going on with the classic extortion scheme.

Nowadays we are also starting seeing botnet owners entering in the scam, by offering to install ransomware on machines, and also seeing ransomware spreading in websites, by gradually encrypted the website’s database.

Since it doesn’t exist an effective way to block these threats, please be careful with any type of emails you receive, back up your data regularly and store your backup’s offline.

About the Author Elsio Pinto

Elsio Pinto is at the moment the Lead Mcafee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own blog http://high54security.blogspot.com/

Pierluigi Paganini

(Security Affairs – ransomware, Bitcoin)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Cisco addressed high-severity flaws in IOS and IOS XE software

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to…

10 hours ago

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

16 hours ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

1 day ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

1 day ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

2 days ago

The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build…

2 days ago

This website uses cookies.