The history of hacking ransoms and cryptocurrency

Posted on by ashtoncrowther

id=”article-body” class=”row” section=”article-body” data-component=”trackCWV”>

Earlier this month, hundreds of companies from the US to Sweden were entangled in the , a company that offers network infrastructure to businesses around the world.

The Kaseya hack comes on the heels of other headline-grabbing cyberattacks like the  and the . In each instance, criminals had the opportunity to make off with millions — and much of the ransoms were paid in Bitcoin.

“We have to remember the primary reason for creating Bitcoin in the first place was to provide anonymity and secure, trustless and borderless transaction capabilities,” says Keatron Evansprincipal security researcher at .

As Bitcoin grows more prominent in best darknet markets around the world, cybercrooks have found a vital tool to help them move illegal assets quickly and pseudonymously. And by all accounts, the attacks are only becoming more common. 

Ransomware on the rise

Ransomware is a cybercrime that involves ransoming personal and business data back to the owner of that data. 

First, a criminal hacks into a private network. The hack is accomplished through various tactics, including phishing, social engineering and preying upon users’ weak passwords.

Once network access is gained, the criminal locks important files within the network using encryption. The owner can’t access the files unless they pay a ransom. Nowadays, cybercriminals tend to request their ransoms in cryptocurrencies.

The FBI  ransomware attacks accounted for at least $144.35 million in Bitcoin ransoms from 2013 to 2019. 

These attacks are scalable and can be highly targeted or broad, ensnaring anyone who happens to click a link or install a particular software program. 

This allows a small team of cybercrooks to ransom data back to organizations of all sizes — and the tools needed to hack into a small business or multinational cooperation are largely the same. 

Private citizens, businesses, and state and national governments have all fallen victim — and many decided to pay ransoms.

Today’s business world depends on computer networks to keep track of administrative and financial data. When that data disappears, it can be impossible for the organization to function properly. This provides a large incentive to pay up. 

Although victims of ransomware attacks are encouraged to report the crime to federal authorities, there’s no US law that says you have to report attacks (). Given this, there’s little authoritative data about the number of attacks or ransom payments. 

However, a recent study from Threatpost  only 20% of victims pay up. Whatever the actual number is, the FBI  against paying ransoms because there’s no guarantee that you’ll get the data back, and paying ransoms creates further incentive for ransomware attacks. 

Why do hackers like cryptocurrency?

Cryptocurrency provides a helpful ransom tool for cybercrooks. Rather than being an aberration or misuse, the ability to make anonymous (or pseudonymous) transfers is a  of cryptocurrency. 

“Bitcoin can be acquired fairly easily. It’s decentralized and readily 

available in almost any country,” says Koen Maris, a cybersecurity expert and advisory board member at IOTA Foundation.

Different cryptocurrencies feature different levels of anonymity. Some cryptocurrencies, like Monero and Zcash, specialize in confidentiality and may even provide a higher level of security than Bitcoin for cybercriminals. 

That’s because Bitcoin isn’t truly anonymous — it’s pseudonymous. Through careful detective work and analysis, it appears possible to trace and recoup Bitcoin used for ransoms, as the FBI  after the Colonial Pipeline hack. So Bitcoin isn’t necessarily used by ransomers simply because of security features. Bitcoin transfers are also fast, irreversible and easily verifiable. Once a ransomware victim has agreed to pay, the criminal can watch the transfer go through on the public blockchain. 

After the ransom is sent, it’s usually gone forever. Then crooks can either exchange the Bitcoin for another currency — crypto or darknet market magazine fiat — or transfer the Bitcoin to another wallet for safekeeping. 

While it’s not clear exactly when or how Bitcoin became associated with ransomware, hackers, cybercrooks, and crypto-enthusiasts are all computer-savvy subcultures with a natural affinity for new tech, and Bitcoin was adopted for illicit activities online soon after its creation. One of Bitcoin’s first popular uses was currency for transactions on the dark web. The  was among the early marketplaces that accepted Bitcoin.

Financial impact

Ransomware is big business. Cybercriminals made off just under $350 million worth of cryptocurrency in ransomware attacks last year, . That’s an increase of over 300% in the amount of ransom payments from the year before. 

The COVID-19 pandemic set the stage for a surge in ransomware attacks. With vast tracts of the global workforce moving out of well-fortified corporate IT environments into home offices, cybercriminals had more surface area to attack than ever.

According to , the organizational changes needed to accommodate remote work opened up more businesses for cybercrime exploits, with Coalition’s policyholders reporting a 35% increase in funds transfer fraud and social engineering claims since the beginning of the pandemic.

It’s not just the number of attacks that is increasing, but the stakes, too. A  from Palo Alto Networks estimates that the average ransom paid in 2020 was over $300,000 — a year-over-year increase of more than 170%.

When an organization falls prey to cybercrime, the ransom is only one component of the financial cost. There are also remediation expenses — including lost orders, business downtime, consulting fees, and other unplanned expenses. 

The  report from Sophos found that the total cost of remediating a ransomware attack for a business averaged $1.85 million in 2021, up from $761,000 in 2020. 

Many companies now buy cyber insurance for financial protection. But as ransomware insurance claims increase, the insurance industry is also dealing with the fallout.

Globally, the price of cyber insurance has , according to a new report from Howden, an international insurance broker. The increase is likely due to the growing cost these attacks cause for insurance providers. 

A cyber insurance policy generally covers a business’s liability from a data breach, such as expenses (i.e., ransom payments) and legal fees. Some policies may also help with contacting the businesses customers who were affected by the breach and repairing damaged computer systems. 

Cyber insurance payouts now account for  of all premiums collected, which is the break-even point for the providers. 

“We noticed cyber insurers are paying ransom on behalf of their customers. That looks like a bad idea to me, as it will only lead to more ransom attacks,” says Maris. “Having said that, I fully understand the argument: the company either pays or it goes out of business. Only time will tell whether investing in ransom payments rather than in appropriate cybersecurity is a viable survival strategy.”

Early adopters

The AIDS Trojan, or PC Cyborg Trojan, darknet market markets onion address is the first known ransomware attack. 

The attack began in 1989 when an AIDS researcher distributed thousands of copies of a floppy disk containing malware. When people used the floppy disk, it encrypted the computer’s files with a message that demanded a payment sent to a PO Box in Panama. 

Bitcoin wouldn’t come along until almost two decades later. 

In 2009, Bitcoin’s mysterious founder, Satoshi Nakamoto, created the blockchain network by mining the first block in the chain — the genesis block. 

Bitcoin was quickly adopted as the go-to currency for the dark web. While it’s unclear exactly when Bitcoin became popular in ransomware attacks, the 2013 CryptoLocker attack definitely put Bitcoin in the spotlight. 

CryptoLocker infected more than 250,000 computers over a few months. The criminals made off with about $3 million in Bitcoin and pre-paid vouchers. It took an internationally coordinated operation to take the ransomware offline in 2014.

Since then, Bitcoin has moved closer to the mainstream, and ransomware attacks have become much easier to carry out.

Early ransomware attackers generally had to develop malware programs themselves. Nowadays, ransomware can be bought as a service, just like other software. 

Ransomware-as-a-service allows criminals with little technical know-how to “rent” ransomware from a provider, which can be quickly employed against victims. Then if the job succeeds, the ransomware provider gets a cut. 

Future legislation

In light of the recent high-profile ransomware attacks, darknet markets links calls for new legislation are growing louder in Washington.

President Joe Biden issued an  in May “on improving the nation’s cybersecurity.” The order is geared toward strengthening the federal government’s response to cybercrime, and it looks like more legislation is on the way.

The  was recently introduced by a bipartisan group of senators. The bill aims to ramp up penalties for cyberattacks that impact critical infrastructure, so the Justice Department would have an easier time charging criminals in foreign countries under the new act.

States are also taking their own stands against cybercrime:  have proposed legislation to outlaw ransomware payments. North Carolina, Pennsylvania, and Texas are all considering new laws that would outlaw taxpayer money from being used in ransom payments. New York’s law goes a step further and could outright ban private businesses from paying cybercrime ransoms. 

“I think the concept of what cryptocurrency is and how it works is something that most legislative bodies worldwide struggle with understanding,” says Evans. “It’s difficult to legislate what we don’t really understand.”

Self-proclaimed 'Crocodile of Wall Street' and husband granted bail

Posted on by ashtoncrowther

The self-proclaimed ‘Crocodile of Wall Street’ and her husband have been granted bail set at $3million and $5million respectively after being arrested for allegedly laundering $4.5billion in stolen in the 2016 Bitfinex exchange hack. 

I Explored Dark Web Markets In 2024

Ilya ” Lichtenstein, 34, and his wife, Heather Rhiannon Morgan, 31, who raps under the name Razzlekhan, were arrested on Tuesday in Manhattan on federal charges of conspiracy to commit money laundering and conspiracy to defraud the United States. 

At an initial court appearance, a magistrate judge ruled Lichtenstein could be released into home detention on a $5 million bond co-signed by his parents; the bond amount for Morgan was set at $3 million but they were to remain in custody until the bail conditions were met.

Prosecutors had argued defendants, who live on Wall Street in lower Manhattan, should be denied bail, calling them flight risks who still potentially have access to vast sums of money.  

Federal law enforcement officials said they recovered roughly $3.6 billon in cryptocurrency – the Justice Department’s largest ever financial seizure – linked to the hack of Bitfinex, a virtual currency exchange whose systems were breached nearly six years ago.    

Lichtenstein is a citizen of both  and the United States and the co-founder of an online marketing firm. Morgan, a rapper and former Forbes contributor, describes herself as ‘an expert in persuasion, social engineering, and game theory’.

WARNING: EXPLICIT LYRICS 

Bail for Ilya 'Dutch' Lichtenstein, 34, and his wife, Heather Rhiannon Morgan, 31, was set at $5million and $3million respectively after their arrest on Tuesday for allegedly laundering $4.5billion in Bitcoin stolen in the 2016 Bitfinex exchange hack

Bail for Ilya ‘Dutch’ Lichtenstein, 34, and dark web sites his wife, Heather Rhiannon Morgan, 31, was set at $5million and $3million respectively after their arrest on Tuesday for allegedly laundering $4.5billion in Bitcoin stolen in the 2016 Bitfinex exchange hack

Morgan, who raps under the name Razzlekhan, (seen in front of Federal Hall on Wall Street in a music video) declared herself the 'Crocodile of Wall Street' in one of her rap songs

Morgan, who raps under the name Razzlekhan, (seen in front of Federal Hall on Wall Street in a music video) declared herself the ‘Crocodile of Wall Street’ in one of her rap songs

In this courtroom sketch, attorney Sam Enzer, center, sits between Heather Morgan, left, and her husband, Ilya 'Dutch' Lichtenstein, in federal court on Tuesday

In this courtroom sketch, attorney Sam Enzer, darkmarket link center, sits between Heather Morgan, left, and her husband, Ilya ‘Dutch’ Lichtenstein, in federal court on Tuesday

‘I’m many things, a rapper, an economist, a journalist, a writer, a CEO, and dark web market list a dirty, dirty, dirty dirty h*,’ she raps in her 2019 single, Versace Bedouin.

‘When she’s not reverse-engineering black markets to think of better ways to combat fraud and cybercrime, she enjoys rapping and designing streetwear fashion,’ her  reads. 

The August 2016 Bitfinex hack itself was one of the largest crypto heists ever recorded – so massive that news of the theft knocked 20 percent off Bitcoin’s value at the time. 

Lichtenstein and Morgan are thus far not charged directly with perpetrating the hack, but rather with receiving and laundering the stolen funds. The case was filed in a federal court in Washington, D.C.

It was unclear who will be representing the couple in the criminal case and whether they had an attorney to speak on their behalf.

They were due to appear in federal court in Manhattan at 3 p.m. on Tuesday. 

The couple is accused of conspiring to launder 119,754 bitcoin that was stolen, after a hacker attacked Bitfinex and initiated more than 2,000 unauthorized transactions.

Morgan, a rapper and former Forbes contributor, describes herself as 'an expert in persuasion, social engineering, and game theory'

Morgan, a rapper and former Forbes contributor, describes herself as ‘an expert in persuasion, social engineering, and game theory’

The couple is accused of conspiring to launder 119,754 bitcoin that was stolen, after a hacker attacked Bitfinex and initiated more than 2,000 unauthorized transactions

The couple is accused of conspiring to launder 119,754 bitcoin that was stolen, after a hacker attacked Bitfinex and initiated more than 2,000 unauthorized transactions

Justice Department officials said the transactions at the time were valued at $71 million in Bitcoin, but with the rise in the currency’s value, it is now valued at over $4.5 billion.

‘As the complaint alleges, the FBI and federal prosecutors were able to trace the movement of Bitcoin from this hack,’ said Matthew Graves, the U.S. Attorney for the District of Columbia.

He added that the money moved through a major darknet market exchange tied to a host of crimes, as well as cryptocurrency addresses tied to child sexual abuse materials.

Lichtenstein and Morgan are facing charges of conspiring to commit money laundering, as well as to defraud the United States.

Prosecutors said on Tuesday the illegal proceeds were spent on a variety of things, from gold and non-fungible tokens to ‘absolutely mundane things such as purchasing a Walmart gift card for $500.’

Bitfinex said in a statement that it was to working with the Department of Justice to ‘establish our rights to a return of the stolen bitcoin.’

‘We have been cooperating extensively with the DOJ since its investigation began and will continue to do so,’ the company said. 

Bitfinex said it intends to provide further updates on its efforts to obtain a return of the stolen bitcoin as and when those updates are available. 

Tuesday’s criminal complaint came more than four months after Monaco announced the department was launching a new National Cryptocurrency Enforcement Team, which is comprised of a mix of anti-money laundering and cybersecurity experts.

The August 2016 Bitfinex hack itself was one of the largest crypto heists ever recorded - so massive that news of the theft knocked 20 percent off Bitcoin's value

The August 2016 Bitfinex hack itself was one of the largest crypto heists ever recorded – so massive that news of the theft knocked 20 percent off Bitcoin’s value

Lichtenstein and Morgan are facing charges of conspiring to commit money laundering, as well as to defraud the United States

Lichtenstein and Morgan are facing charges of conspiring to commit money laundering, as well as to defraud the United States

Morgan is seen rapping with the New York Stock Exchange behind her to the right

Morgan is seen rapping with the New York Stock Exchange behind her to the right

Cyber criminals who attack companies, municipalities and individuals with ransomware often demand payment in the form of cryptocurrency.

In one high-profile example last year, hackers caused a widespread gas shortage on the U.S. East Coast when by using encryption software called DarkSide to launch a cyber attack on the Colonial Pipeline.

The Justice Department later recovered some $2.3 million in cryptocurrency ransom that Colonial paid to the hackers.

Cases like these demonstrate that the Justice Department ‘can follow money across the blockchain, just as we have always followed it within the traditional financial system,’ said Kenneth Polite, assistant attorney general of the department’s Criminal Division. 

Justice Department officials say that though the proliferation of cryptocurrency and virtual currency exchanges represent innovation, the trend has also been accompanied by money laundering, darknet market markets links ransomware and other crimes

‘Today´s arrests, and the Department´s largest financial seizure ever, show that cryptocurrency is not a safe haven for criminals,’ Deputy Attorney General Lisa Monaco said in a statement. 

‘In a futile effort to maintain digital anonymity, the defendants laundered stolen funds through a labyrinth of cryptocurrency transactions. Thanks to the meticulous work of law enforcement, the department once again showed how it can and will follow the money, no matter the form it takes.’  

<div id="external-source-links" class="item"
data-track-module=”am-external-links^external-links”>
Read more: