As cryptocurrency transactions continue to grow, it’s no surprise that crypto crime has also seen a huge upswing. In 2021, illicit addresses raked in $14 billion, up nearly 80% compared to 2020.

Still, the backstories here are even more intriguing. For example, why isn’t crypto crime growth even larger given the rapid adoption of cryptocurrency overall? Is taking payment in Bitcoin a surefire way for threat actors to fly under the radar? How does law enforcement catch crypto criminals? Also, what’s going on with regulation that might make things more difficult for threat actors?

Explosive Growth in Crypto

Across all the cryptocurrencies tracked by Chainalysis, total transaction volume grew to $15.8 trillion in 2021, up 567% from the prior year. Meanwhile, the percent of illicit action shrunk to a mere 0.15%. Still, $14 billion in losses is concerning, to say the least.

While skeptics make noise about the lack of security surrounding crypto, keep in mind there was a 70% increase in conventional fraud attacks in 2021 compared to 2022. Since nothing is 100% secure, some feel it’s safer to invest in Bitcoin, Ethereum and other blockchain-based coins. Advocates also cite transparency, anonymity and lack of government control as reasons to favor crypto over fiat money.

In any case, cryptocurrency continues to gain ground in overall transaction volume, which may be the ultimate test of legitimacy.

Crypto-Malware Versus Ransomware

Two different kinds of threats menace crypto, and there’s some confusion about the difference between them. When crypto-malware infects a computer, it uses the device’s computing power (without the owner’s knowledge) to mine cryptocurrency. Using a device to do this without authorization is called cryptojacking. Meanwhile, ransomware infects a computer and seizes its files. Threat actors then demand a ransom (payable in crypto coin) to unlock the files.

While both crypto-malware and ransomware are criminal actions, ransomware gets much more attention from law enforcement. Why? Ransomware is more aggressive and disruptive towards its victims. Meanwhile, cryptojacking is a theft of resources that device owners may not even notice.

The difference between crypto-malware versus ransomware opens up the nuances of crypto crime. Some threat actors crack wallets and directly steal funds. Others may set up crypto projects that look honest, only to disappear into thin air and leave investors with nothing. Meanwhile, ransomware involves the payment of a ransom in cryptocurrency.

Is Regulation the Answer?

An intense debate surrounds regulation in this area. If you value fiscal autonomy and freedom from government decisions, then regulation is bad. If you want protection against malware attacks or you want to recover a ransomware payment, then it’s good.

Given the threat to critical infrastructure and government agencies, crypto-based crime has risen to the level of national security. It’s worth mentioning that tracking crypto payments does not, by nature, stop malware attacks. It only strikes at the form of payment. But if you cut off funding, crime rates are likely to fall.

Recently, Megan Stifel, Chief Strategy Officer at the Institute for Security and Technology, spoke on a podcast about regulating cryptocurrency and how it could reduce incidents.

Stifel summed it up like this:

“If we want to see cryptocurrencies become more commonplace… as a safe way to exchange money, then… regulatory measures and the application of existing financial regulations to this particular type of currency is a way to do so. So things like anti-money-laundering regulations, customer requirements, the filing of suspicious activity reports, etc… can be a first step toward actually providing more confidence in that particular marketplace.”

The Battle for Privacy

Another factor to consider in the pros and cons of crypto security is this: Bitcoin blockchain is a public ledger. Anyone can consult a blockchain explorer and find a record of all the Bitcoin transactions ever processed.

For some, this transparency is one of Bitcoin’s strengths, while others consider it a privacy flaw. That’s why some clients turn to coin mixers (or tumblers) to hide the details. These tools mix up an amount of Bitcoin in private pools before dividing them up again.

By scrambling Bitcoins together, it makes it much harder to trace transactions. The explorer will only show that someone sent coins to the tumbler, while the final recipient and amounts remain obscured.

Some may have real privacy concerns, but these mixers are also a haven for money launderers seeking to hide ransom payments. It’s no wonder that mixers are often a source of criminal investigation.

For example, Roman Sterlingov, a Swedish/Russian citizen, was arrested for allegedly founding the cryptocurrency mixing service Bitcoin Fog. Sterlingov was charged with three felonies that involved a decade of money laundering using mixing services, totaling $335 million.

Seizing Illicit Crypto Funds

No matter how much regulation the government puts into place, crypto criminals will always be a threat. Ransomware attacks demand payment in Bitcoin because it’s anonymous. However, there are methods that can link a wallet to its owner. Blockchain forensics, IP address monitoring and convincing or cracking crypto exchanges can reveal bank account data.

Some recent successful investigation results include:

Commenting on the Bitfinex case, Assistant Attorney General Kenneth A. Polite Jr. of the Justice Department’s Criminal Division said, “Today, federal law enforcement demonstrates once again that we can follow money through the blockchain, and that we will not allow cryptocurrency to be a safe haven for money laundering or a zone of lawlessness within our financial system.”

Yes, crypto crime is in high gear. But those looking to put a stop to it are also hard at work.

More from Risk Management

Third-Party App Stores Could Be a Red Flag for iOS Security

Even Apple can’t escape change forever. The famously restrictive company will allow third-party app stores for iOS devices, along with allowing users to “sideload” software directly. Spurring the move is the European Union’s (EU) Digital Markets Act (DMA), which looks to ensure open markets by reducing the ability of digital “gatekeepers” to restrict content on devices. While this is good news for app creators and end-users, there is a potential red flag: security. Here’s what the compliance-driven change means for…

Defensive Driving: The Need for EV Cybersecurity Roadmaps

As the U.S. looks to bolster electric vehicle (EV) adoption, a new challenge is on the horizon: cybersecurity. Given the interconnected nature of these vehicles and their reliance on local power grids, they’re not just an alternative option for getting from Point A to Point B. They also offer a new path for network compromise that could put drivers, companies and infrastructure at risk. To help address this issue, the Office of the National Cyber Director (ONCD) recently hosted a…

Too Much Caffeine? Phishing-as-a-Service Makes Us Jittery

Recently, investigators at Mandiant discovered a new software platform with an intuitive interface. The service has tools to orchestrate and automate core campaign elements. Some of the platform’s features enable self-service customization and campaign tracking. Sounds like a typical Software-as-a-Service (SaaS) operation, right? Well, this time, it’s Caffeine, the latest Phishing-as-a-Service (PhaaS) platform. A basic subscription costs $250 a month; all you need is an email to sign up. How Caffeine PhaaS is Different PhaaS vendors advertise and sell their…

Everyone Wants to Build a Cyber Range: Should You?

In the last few years, IBM X-Force has seen an unprecedented increase in requests to build cyber ranges. By cyber ranges, we mean facilities or online spaces that enable team training and exercises of cyberattack responses. Companies understand the need to drill their plans based on real-world conditions and using real tools, attacks and procedures. What’s driving this increased demand? The increase in remote and hybrid work models emerging from the COVID-19 pandemic has elevated the priority to collaborate and…