Newsletter

The Dark Side of Cryptocurrency

The unfamiliarity and confusion surrounding cryptocurrency make it easier for cybercriminals to prey on their victims. Before explaining how a cybercriminal can exploit people for cryptocurrency, it helps to have a basic understanding of the technology.

Bitcoin is one form of cryptocurrency in the same way that the Euro is one form of government-issued currency. Cryptocurrency is any digital currency designed as a medium of exchange that operates independently from a central banking authority. Due to its decentralization, transactions are peer-to-peer, quick, and nearly anonymous. Transactions are validated by mining. Here is a breakdown of these terms.

  • Digital There are no physical coins, bills, or notes. Everything exists on computers.
  • Independent There is no central bank or server. Transaction validation is distributed across a network of computers.
  • Peer-to-peer Currency is exchanged directly between sender and receiver. There is no third party like there is with Venmo or Zelle.
  • Quick– The average confirmation time of a Bitcoin transaction is “approximately 10 minutes” (Bhalla, 2022).
  • Nearly Anonymous Owners and users of cryptocurrency do not have to disclose any personal information. Anyone can own and use cryptocurrency.
  • Mining It is essentially the auditing process for transactions. The audit involves computers solving an extremely complicated math problem. As a reward for doing this calculation, the miner will receive some cryptocurrency.

Enter the Cybercriminal

Two popular ways for a cybercriminal to obtain cryptocurrency are extorting a victim for their data and mining cryptocurrency on a victim’s computer.

The first method is called ransomware. Ransomware is what criminals used during the attack on the Colonial Pipeline Company in May of 2021 (U.S. Department of Energy). In a nutshell, it is when malicious software prevents a user from accessing their computer files. Afterward, the attacker demands that their victim pay a ransom – usually in cryptocurrency – to unlock their files.

The second method is called Cryptojacking. It happens when a cybercriminal infects the victim’s computer with malicious software that mines on the attacker’s behalf. The victim’s computer’s processing power is hijacked, and the attacker reaps the reward.

How can you avoid these attacks?

  • Keep your operating system, software, and applications up to date.
  • Set your anti-virus software to auto-update and scan regularly.
  • Avoid downloading software from suspicious sites. When possible, stick to using trusted app stores like Google Play, the Apple App Store, and the Microsoft Store.
  • Do not click suspicious links sent to you via email or text message.

Additional Reading:

If you are a victim of ransomware:

References