The Bitcoin Virtual Currency changes the economics of crime by providing encrypted fraud, an almost anonymous payment system independent of any central bank. The victim of ransomware – a malicious software that encrypts files and requires payment for their unlocking – receives a unique account affected by bitcoins. After getting some ransoms, some gangs pour bitcoins into the main wallet. Transaction monitoring, and all bitcoin are public, lets you see how the gigantic amounts of cybercriminals gain access.
“We are seeing some of these portfolios and we see millions of bitcoins worth millions. Looking at such huge untaxed amounts, I wonder if there are any cybercriminal unicorns, “says Mikko Hyppönen, F-Secure Research Director.
Unicorn is a term used in economics, which means a private technology company valued at more than one billion dollars, Uber, AirBNB or Spotify. For cybergangs the logic of action is similar, but there are differences such as lack of investors, administration and supervision.
Illegal business is profitable enough that some gangs provide customer service comparable to that of start-ups: cyberbots have their own site, FAQs, and even consultants.
Cybergang business model
Can the cyber-business model be compared to start-ups? Probably not. It is difficult to imagine selling cyber criminal business and finding investors. This would not be a problem in a Uber-like start-up, after which the queue is set up. Gangas ransomware, however, have to constantly look for ways to exchange earned bitcoins into cash.
“Hackers buy prepaid cards and sell them for example on Ebay,” says Mikko Hyppönen. Many gangs feast money in online casinos, but it is more complicated. Even if two gang members set up a game between them so that one of them loses all the money, then when the big sums count, the casino may consider acting suspicious and blocking the payout. That’s why gangs have started to use bots that play realistically, but they still lose – though not so clearly “- adds Mikko Hyppönen.
Prosecution of criminals
Law enforcement agencies are aware of the temptation of earning ransomware. Only in 2015, the FBI’s Internet Crime Complaint Center received “2,243 ransomware fraud complaints with a loss of more than $ 1.6 million”.
One example may be a loud attack on a Presbyterian medical center in Hollywood, which to recover their files paid a 40 bucks worth of ransoms worth $ 17,000.
“Officially, the FBI does not advise whether to pay a ransom or not,” said Sean Sullivan, F-Secure’s security advisor. “If the victims did not take proper precautions, then in many cases paying the ransom seems the only alternative to recovering files.”