As cryptocurrency transactions continue to grow, it’s no surprise that crypto crime has also seen a huge upswing. In 2021, illicit addresses raked in $14 billion, up nearly 80% compared to 2020.

Still, the backstories here are even more intriguing. For example, why isn’t crypto crime growth even larger given the rapid adoption of cryptocurrency overall? Is taking payment in Bitcoin a surefire way for threat actors to fly under the radar? How does law enforcement catch crypto criminals? Also, what’s going on with regulation that might make things more difficult for threat actors?

Explosive growth in crypto

Across all the cryptocurrencies tracked by Chainalysis, total transaction volume grew to $15.8 trillion in 2021, up 567% from the prior year. Meanwhile, the percent of illicit action shrunk to a mere 0.15%. Still, $14 billion in losses is concerning, to say the least.

While skeptics make noise about the lack of security surrounding crypto, keep in mind there was a 70% increase in conventional fraud attacks in 2021 compared to 2022. Since nothing is 100% secure, some feel it’s safer to invest in Bitcoin, Ethereum and other blockchain-based coins. Advocates also cite transparency, anonymity and lack of government control as reasons to favor crypto over fiat money.

In any case, cryptocurrency continues to gain ground in overall transaction volume, which may be the ultimate test of legitimacy.

Crypto-malware versus ransomware

Two different kinds of threats menace crypto, and there’s some confusion about the difference between them. When crypto-malware infects a computer, it uses the device’s computing power (without the owner’s knowledge) to mine cryptocurrency. Using a device to do this without authorization is called cryptojacking. Meanwhile, ransomware infects a computer and seizes its files. Threat actors then demand a ransom (payable in crypto coin) to unlock the files.

While both crypto-malware and ransomware are criminal actions, ransomware gets much more attention from law enforcement. Why? Ransomware is more aggressive and disruptive towards its victims. Meanwhile, cryptojacking is a theft of resources that device owners may not even notice.

The difference between crypto-malware versus ransomware opens up the nuances of crypto crime. Some threat actors crack wallets and directly steal funds. Others may set up crypto projects that look honest, only to disappear into thin air and leave investors with nothing. Meanwhile, ransomware involves the payment of a ransom in cryptocurrency.

Is regulation the answer?

An intense debate surrounds regulation in this area. If you value fiscal autonomy and freedom from government decisions, then regulation is bad. If you want protection against malware attacks or you want to recover a ransomware payment, then it’s good.

Given the threat to critical infrastructure and government agencies, crypto-based crime has risen to the level of national security. It’s worth mentioning that tracking crypto payments does not, by nature, stop malware attacks. It only strikes at the form of payment. But if you cut off funding, crime rates are likely to fall.

Recently, Megan Stifel, Chief Strategy Officer at the Institute for Security and Technology, spoke on a podcast about regulating cryptocurrency and how it could reduce incidents.

Stifel summed it up like this:

“If we want to see cryptocurrencies become more commonplace… as a safe way to exchange money, then… regulatory measures and the application of existing financial regulations to this particular type of currency is a way to do so. So things like anti-money-laundering regulations, customer requirements, the filing of suspicious activity reports, etc… can be a first step toward actually providing more confidence in that particular marketplace.”

The battle for privacy

Another factor to consider in the pros and cons of crypto security is this: Bitcoin blockchain is a public ledger. Anyone can consult a blockchain explorer and find a record of all the Bitcoin transactions ever processed.

For some, this transparency is one of Bitcoin’s strengths, while others consider it a privacy flaw. That’s why some clients turn to coin mixers (or tumblers) to hide the details. These tools mix up an amount of Bitcoin in private pools before dividing them up again.

By scrambling Bitcoins together, it makes it much harder to trace transactions. The explorer will only show that someone sent coins to the tumbler, while the final recipient and amounts remain obscured.

Some may have real privacy concerns, but these mixers are also a haven for money launderers seeking to hide ransom payments. It’s no wonder that mixers are often a source of criminal investigation.

For example, Roman Sterlingov, a Swedish/Russian citizen, was arrested for allegedly founding the cryptocurrency mixing service Bitcoin Fog. Sterlingov was charged with three felonies that involved a decade of money laundering using mixing services, totaling $335 million.

Seizing illicit crypto funds

No matter how much regulation the government puts into place, crypto criminals will always be a threat. Ransomware attacks demand payment in Bitcoin because it’s anonymous. However, there are methods that can link a wallet to its owner. Blockchain forensics, IP address monitoring and convincing or cracking crypto exchanges can reveal bank account data.

Some recent successful investigation results include:

Commenting on the Bitfinex case, Assistant Attorney General Kenneth A. Polite Jr. of the Justice Department’s Criminal Division said, “Today, federal law enforcement demonstrates once again that we can follow money through the blockchain, and that we will not allow cryptocurrency to be a safe haven for money laundering or a zone of lawlessness within our financial system.”

Yes, crypto crime is in high gear. But those looking to put a stop to it are also hard at work.

More from Risk Management

Are we getting better at quantifying risk management?

4 min read - As cyber threats grow more sophisticated and pervasive, the need for effective risk management has never been greater. The challenge lies not only in defining risk mitigation strategy but also in quantifying risk in ways that resonate with business leaders. The ability to translate complex technical risks into understandable and actionable business terms has become a crucial component of securing the necessary resources for cybersecurity programs.What approach do companies use today for cyber risk quantification? And how has cyber risk…

Cybersecurity Awareness Month: Cybersecurity awareness for developers

3 min read - It's the 21st annual Cybersecurity Awareness Month, and we’re covering many different angles to help organizations manage their cybersecurity challenges. In this mini-series of articles, we’re focusing on specific job roles outside of cybersecurity and how their teams approach security.For developers, cybersecurity has historically been a love-hate issue. The common school of thought is that coders are frustrated with having to tailor their work to fit within cybersecurity rules. However, many companies are embracing a security-first approach, and some developers…

Spooky action: Phantom domains create hijackable hyperlinks

4 min read - According to a recent paper published at the 2024 Web Conference, so-called "phantom domains" make it possible for malicious actors to hijack hyperlinks and exploit users' trust in familiar websites.The research defines phantom domains as active links to dot-com domains that have never been registered.Here's what enterprises need to know about how phantom domains emerge, the potential risks they represent and what they can do to disrupt phantom attacks. There are two common types of phantom domains: Errors and placeholders.Domain errorsErrors…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today