As cryptocurrency transactions continue to grow, it’s no surprise that crypto crime has also seen a huge upswing. In 2021, illicit addresses raked in $14 billion, up nearly 80% compared to 2020.

Still, the backstories here are even more intriguing. For example, why isn’t crypto crime growth even larger given the rapid adoption of cryptocurrency overall? Is taking payment in Bitcoin a surefire way for threat actors to fly under the radar? How does law enforcement catch crypto criminals? Also, what’s going on with regulation that might make things more difficult for threat actors?

Explosive Growth in Crypto

Across all the cryptocurrencies tracked by Chainalysis, total transaction volume grew to $15.8 trillion in 2021, up 567% from the prior year. Meanwhile, the percent of illicit action shrunk to a mere 0.15%. Still, $14 billion in losses is concerning, to say the least.

While skeptics make noise about the lack of security surrounding crypto, keep in mind there was a 70% increase in conventional fraud attacks in 2021 compared to 2022. Since nothing is 100% secure, some feel it’s safer to invest in Bitcoin, Ethereum and other blockchain-based coins. Advocates also cite transparency, anonymity and lack of government control as reasons to favor crypto over fiat money.

In any case, cryptocurrency continues to gain ground in overall transaction volume, which may be the ultimate test of legitimacy.

Crypto-Malware Versus Ransomware

Two different kinds of threats menace crypto, and there’s some confusion about the difference between them. When crypto-malware infects a computer, it uses the device’s computing power (without the owner’s knowledge) to mine cryptocurrency. Using a device to do this without authorization is called cryptojacking. Meanwhile, ransomware infects a computer and seizes its files. Threat actors then demand a ransom (payable in crypto coin) to unlock the files.

While both crypto-malware and ransomware are criminal actions, ransomware gets much more attention from law enforcement. Why? Ransomware is more aggressive and disruptive towards its victims. Meanwhile, cryptojacking is a theft of resources that device owners may not even notice.

The difference between crypto-malware versus ransomware opens up the nuances of crypto crime. Some threat actors crack wallets and directly steal funds. Others may set up crypto projects that look honest, only to disappear into thin air and leave investors with nothing. Meanwhile, ransomware involves the payment of a ransom in cryptocurrency.

Is Regulation the Answer?

An intense debate surrounds regulation in this area. If you value fiscal autonomy and freedom from government decisions, then regulation is bad. If you want protection against malware attacks or you want to recover a ransomware payment, then it’s good.

Given the threat to critical infrastructure and government agencies, crypto-based crime has risen to the level of national security. It’s worth mentioning that tracking crypto payments does not, by nature, stop malware attacks. It only strikes at the form of payment. But if you cut off funding, crime rates are likely to fall.

Recently, Megan Stifel, Chief Strategy Officer at the Institute for Security and Technology, spoke on a podcast about regulating cryptocurrency and how it could reduce incidents.

Stifel summed it up like this:

“If we want to see cryptocurrencies become more commonplace… as a safe way to exchange money, then… regulatory measures and the application of existing financial regulations to this particular type of currency is a way to do so. So things like anti-money-laundering regulations, customer requirements, the filing of suspicious activity reports, etc… can be a first step toward actually providing more confidence in that particular marketplace.”

The Battle for Privacy

Another factor to consider in the pros and cons of crypto security is this: Bitcoin blockchain is a public ledger. Anyone can consult a blockchain explorer and find a record of all the Bitcoin transactions ever processed.

For some, this transparency is one of Bitcoin’s strengths, while others consider it a privacy flaw. That’s why some clients turn to coin mixers (or tumblers) to hide the details. These tools mix up an amount of Bitcoin in private pools before dividing them up again.

By scrambling Bitcoins together, it makes it much harder to trace transactions. The explorer will only show that someone sent coins to the tumbler, while the final recipient and amounts remain obscured.

Some may have real privacy concerns, but these mixers are also a haven for money launderers seeking to hide ransom payments. It’s no wonder that mixers are often a source of criminal investigation.

For example, Roman Sterlingov, a Swedish/Russian citizen, was arrested for allegedly founding the cryptocurrency mixing service Bitcoin Fog. Sterlingov was charged with three felonies that involved a decade of money laundering using mixing services, totaling $335 million.

Seizing Illicit Crypto Funds

No matter how much regulation the government puts into place, crypto criminals will always be a threat. Ransomware attacks demand payment in Bitcoin because it’s anonymous. However, there are methods that can link a wallet to its owner. Blockchain forensics, IP address monitoring and convincing or cracking crypto exchanges can reveal bank account data.

Some recent successful investigation results include:

Commenting on the Bitfinex case, Assistant Attorney General Kenneth A. Polite Jr. of the Justice Department’s Criminal Division said, “Today, federal law enforcement demonstrates once again that we can follow money through the blockchain, and that we will not allow cryptocurrency to be a safe haven for money laundering or a zone of lawlessness within our financial system.”

Yes, crypto crime is in high gear. But those looking to put a stop to it are also hard at work.

More from Risk Management

Operationalize cyber risk quantification for smart security

4 min read - Organizations constantly face new tactics from cyber criminals who aim to compromise their most valuable assets. Yet despite evolving techniques, many security leaders still rely on subjective terms, such as low, medium and high, to communicate and manage cyber risk. These vague terms do not convey the necessary detail or insight to produce actionable outcomes that accurately identify, measure, manage and communicate cyber risks. As a result, executives and board members remain uninformed and ill-prepared to manage organizational risk effectively.…

The evolution of ransomware: Lessons for the future

5 min read - Ransomware has been part of the cyber crime ecosystem since the late 1980s and remains a major threat in the cyber landscape today. Evolving ransomware attacks are becoming increasingly more sophisticated as threat actors leverage vulnerabilities, social engineering and insider threats. While the future of ransomware is full of unknown threats, we can look to the past and recent trends to predict the future. 2005 to 2020: A rapidly changing landscape While the first ransomware incident was observed in 1989,…

Defense in depth: Layering your security coverage

2 min read - The more valuable a possession, the more steps you take to protect it. A home, for example, is protected by the lock systems on doors and windows, but the valuable or sensitive items that a criminal might steal are stored with even more security — in a locked filing cabinet or a safe. This provides layers of protection for the things you really don’t want a thief to get their hands on. You tailor each item’s protection accordingly, depending on…

The evolution of 20 years of cybersecurity awareness

3 min read - Since 2004, the White House and Congress have designated October National Cybersecurity Awareness Month. This year marks the 20th anniversary of this effort to raise awareness about the importance of cybersecurity and online safety. How have cybersecurity and malware evolved over the last two decades? What types of threat management tools surfaced and when? The Cybersecurity Awareness Month themes over the years give us a clue. 2004 - 2009: Inaugural year and beyond This early period emphasized general cybersecurity hygiene,…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today