As cryptocurrency transactions continue to grow, it’s no surprise that crypto crime has also seen a huge upswing. In 2021, illicit addresses raked in $14 billion, up nearly 80% compared to 2020.

Still, the backstories here are even more intriguing. For example, why isn’t crypto crime growth even larger given the rapid adoption of cryptocurrency overall? Is taking payment in Bitcoin a surefire way for threat actors to fly under the radar? How does law enforcement catch crypto criminals? Also, what’s going on with regulation that might make things more difficult for threat actors?

Explosive growth in crypto

Across all the cryptocurrencies tracked by Chainalysis, total transaction volume grew to $15.8 trillion in 2021, up 567% from the prior year. Meanwhile, the percent of illicit action shrunk to a mere 0.15%. Still, $14 billion in losses is concerning, to say the least.

While skeptics make noise about the lack of security surrounding crypto, keep in mind there was a 70% increase in conventional fraud attacks in 2021 compared to 2022. Since nothing is 100% secure, some feel it’s safer to invest in Bitcoin, Ethereum and other blockchain-based coins. Advocates also cite transparency, anonymity and lack of government control as reasons to favor crypto over fiat money.

In any case, cryptocurrency continues to gain ground in overall transaction volume, which may be the ultimate test of legitimacy.

Crypto-malware versus ransomware

Two different kinds of threats menace crypto, and there’s some confusion about the difference between them. When crypto-malware infects a computer, it uses the device’s computing power (without the owner’s knowledge) to mine cryptocurrency. Using a device to do this without authorization is called cryptojacking. Meanwhile, ransomware infects a computer and seizes its files. Threat actors then demand a ransom (payable in crypto coin) to unlock the files.

While both crypto-malware and ransomware are criminal actions, ransomware gets much more attention from law enforcement. Why? Ransomware is more aggressive and disruptive towards its victims. Meanwhile, cryptojacking is a theft of resources that device owners may not even notice.

The difference between crypto-malware versus ransomware opens up the nuances of crypto crime. Some threat actors crack wallets and directly steal funds. Others may set up crypto projects that look honest, only to disappear into thin air and leave investors with nothing. Meanwhile, ransomware involves the payment of a ransom in cryptocurrency.

Is regulation the answer?

An intense debate surrounds regulation in this area. If you value fiscal autonomy and freedom from government decisions, then regulation is bad. If you want protection against malware attacks or you want to recover a ransomware payment, then it’s good.

Given the threat to critical infrastructure and government agencies, crypto-based crime has risen to the level of national security. It’s worth mentioning that tracking crypto payments does not, by nature, stop malware attacks. It only strikes at the form of payment. But if you cut off funding, crime rates are likely to fall.

Recently, Megan Stifel, Chief Strategy Officer at the Institute for Security and Technology, spoke on a podcast about regulating cryptocurrency and how it could reduce incidents.

Stifel summed it up like this:

“If we want to see cryptocurrencies become more commonplace… as a safe way to exchange money, then… regulatory measures and the application of existing financial regulations to this particular type of currency is a way to do so. So things like anti-money-laundering regulations, customer requirements, the filing of suspicious activity reports, etc… can be a first step toward actually providing more confidence in that particular marketplace.”

The battle for privacy

Another factor to consider in the pros and cons of crypto security is this: Bitcoin blockchain is a public ledger. Anyone can consult a blockchain explorer and find a record of all the Bitcoin transactions ever processed.

For some, this transparency is one of Bitcoin’s strengths, while others consider it a privacy flaw. That’s why some clients turn to coin mixers (or tumblers) to hide the details. These tools mix up an amount of Bitcoin in private pools before dividing them up again.

By scrambling Bitcoins together, it makes it much harder to trace transactions. The explorer will only show that someone sent coins to the tumbler, while the final recipient and amounts remain obscured.

Some may have real privacy concerns, but these mixers are also a haven for money launderers seeking to hide ransom payments. It’s no wonder that mixers are often a source of criminal investigation.

For example, Roman Sterlingov, a Swedish/Russian citizen, was arrested for allegedly founding the cryptocurrency mixing service Bitcoin Fog. Sterlingov was charged with three felonies that involved a decade of money laundering using mixing services, totaling $335 million.

Seizing illicit crypto funds

No matter how much regulation the government puts into place, crypto criminals will always be a threat. Ransomware attacks demand payment in Bitcoin because it’s anonymous. However, there are methods that can link a wallet to its owner. Blockchain forensics, IP address monitoring and convincing or cracking crypto exchanges can reveal bank account data.

Some recent successful investigation results include:

Commenting on the Bitfinex case, Assistant Attorney General Kenneth A. Polite Jr. of the Justice Department’s Criminal Division said, “Today, federal law enforcement demonstrates once again that we can follow money through the blockchain, and that we will not allow cryptocurrency to be a safe haven for money laundering or a zone of lawlessness within our financial system.”

Yes, crypto crime is in high gear. But those looking to put a stop to it are also hard at work.

More from Risk Management

Water facilities warned to improve cybersecurity

3 min read - United States water facilities, which include 150,000 public water systems, have become an increasingly high-risk target for cyber criminals in recent years. This rising threat has demanded more attention and policies focused on improving cybersecurity.Water and wastewater systems are one of the 16 critical infrastructures in the U.S. The definition for inclusion in this category is that the industry must be so crucial to the United States that “the incapacity or destruction of such systems and assets would have a…

Working in the security clearance world: How security clearances impact jobs

2 min read - We recently published an article about the importance of security clearances for roles across various sectors, particularly those associated with national security and defense.But obtaining a clearance is only part of the journey. Maintaining and potentially expanding your clearance over time requires continued diligence and adherence to stringent guidelines.This brief explainer discusses the duration of security clearances, the recurring processes involved in maintaining them and possibilities for expansion, as well as the economic benefits of these credentialed positions.Duration of security…

Remote access risks on the rise with CVE-2024-1708 and CVE-2024-1709

4 min read - On February 19, ConnectWise reported two vulnerabilities in its ScreenConnect product, CVE-2024-1708 and 1709. The first is an authentication bypass vulnerability, and the second is a path traversal vulnerability. Both made it possible for attackers to bypass authentication processes and execute remote code.While ConnectWise initially reported that the vulnerabilities had proof-of-concept but hadn’t been spotted in the wild, reports from customers quickly made it clear that hackers were actively exploring both flaws. As a result, the company created patches for…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today