February 17, 2023 By Mike Elgan 4 min read

Some rare good news in the world of cyber crime trends: Certain crimes declined in 2022 after years of constant rises. Should we credit crypto?

Some estimates say that cryptocurrencies have lost $2 trillion in value since November 2021. During that time, the costs associated with cyber crimes, such as ransomware payouts and financial scams, declined.

Pop the champagne! The crypto crash is also crashing cyber crime, right? Well, not so fast.

How cryptocurrencies enable cyber crime

There are four major categories of cyber crime that lean heavily on, or fully require, the use of cryptocurrencies like Bitcoin, Ethereum and Monero: ransomware, DDoS extortion, cryptojacking and crypto theft.

Ransomware is usually facilitated by cryptocurrency, for example. The scam typically involves malware-encrypted files, which perpetrators say they’ll unlock when the victim pays the ransom. Paying in crypto allows criminals to maintain anonymity and non-traceability. (In the increasingly common “double extortion” variant, malicious actors also threaten to expose the files publicly if victims don’t pay.)

DDoS extortion is similar to ransomware. Instead of gaining access to and encrypting files, however, cyber attackers launch a sustained DDoS attack until a ransom in crypto is paid.

Another major crime is illegal cryptocurrency mining, called cryptojacking. Malicious hackers gain access to computing power owned by others, usually via special malware. They then use it to mine crypto illegally.

Unlike most kinds of computer-related crimes, cryptojackers don’t steal money or data directly or demand ransom payments. Instead, they steal computer resources. This translates to higher energy costs, lower performance for users and accelerated declines in battery performance.

Cryptojacking actually rose in 2022. An Atlas VPN analysis found that instances of cryptojacking grew 3.8 times in the third quarter of 2022. (Interestingly, the number of victims declined.)

Analysts assume that cryptojackers are anticipating growth in crypto after it hits bottom and are illegally mining aggressively in the hopes of profiting.

Finally, crypto theft is the hacking of crypto exchanges and other platforms to steal coins directly from their rightful owners. This kind of attack has been reduced because the crypto exchanges themselves were going out of business with the crash in the value of cryptocurrencies.

How falling prices have affected cyber crime

Cyber criminals use dark web exchanges because they don’t check user identities. These don’t typically store currencies but merely enable the exchange of crypto from one service to another, often at inflated fees. These exchanges operate in many ways like legitimate businesses. They need to spend big on advertising, for example, in part to engender trust among malicious actors who themselves don’t want to get ripped off.

Crashing cryptocurrency prices are squeezing dark web exchanges. This reduces incentives for threat actors because it reduces income, makes vulnerability purchasing more expensive and cuts revenue needed to fund Malware-as-a-Service organizations. In other words, falling crypto prices kneecapped the purchasing power of organizations using crypto for illegal activities.

During the rapid declines in early 2022, exchanges tried to convert their crypto to fiat currencies, such as the U.S. dollar (a currency issued by a government not backed by a physical commodity, such as gold or silver), but the value after conversion wasn’t enough to sustain the business.

Advertising for dark web exchanges nearly stopped in the Spring of 2022. Many went bankrupt or out of business.

The cryptocurrency value drop radically slowed financial crimes, including illegal dark web transactions. Losses for the first half of 2022 were way down, according to blockchain data company Chainalysis. Scammer income dropped by two-thirds — 65% — for the first seven months of the year.

Why we can’t draw a direct line from crypto crash to crime reduction

It’s easy to conclude that the drop in the value of cryptocurrencies directly caused the decline in scam revenue. But that would be a mistake.

This drop wasn’t due entirely to the drop in cryptocurrency, according to the report. Both potential victims and police chalked up notable successes in countering such scams. In other words, the general defense against some of these crimes has improved, and credit there is due.

Another point to consider is that total annual scam revenue is usually determined by a very small number of very large scams. One massive scam could upend these numbers and reverse the trend.

In addition, the crash caused cryptocurrency transaction volumes — both legitimate and illegal — to fall. So it reduced “good” transactions in equal measure as “bad” ones.

Also, ransomware gangs likely don’t care if the value of cryptocurrencies is low. They demand ransoms typically in U.S. dollar amounts in the form of whatever quantity of cryptocurrencies are equivalent at the time of demand. While there may be a disincentive to strike while crypto is rapidly declining, once it hits bottom, that disincentive is removed. Volatility in one direction (down) disincentivizes ransomware temporarily. Unfortunately, ransomware is here to stay.

Most importantly, however, it would also be a mistake to assume that cryptocurrency valuations will stay low, or that reductions in crimes that rely on cryptocurrencies will stay low. The consensus among experts is that such crimes will come roaring back to life.

Be prepared for a new wave of cyber crime

The crypto declines that began in late 2021 and continued for more than a year did, in fact, disrupt everything that depended on crypto — the good, the bad and the ugly. But there’s no question that complacency is the wrong response to this brief semi-respite.

As crypto-using criminal gangs regroup, retool and re-think their operations, they will no doubt come roaring back to attack legitimate organizations with new scams and new crimes.

More from Risk Management

Protecting your digital assets from non-human identity attacks

4 min read - Untethered data accessibility and workflow automation are now foundational elements of most digital infrastructures. With the right applications and protocols in place, businesses no longer need to feel restricted by their lack of manpower or technical capabilities — machines are now filling those gaps.The use of non-human identities (NHIs) to power business-critical applications — especially those used in cloud computing environments or when facilitating service-to-service connections — has opened the doors for seamless operational efficiency. Unfortunately, these doors aren’t the…

Cybersecurity dominates concerns among the C-suite, small businesses and the nation

4 min read - Once relegated to the fringes of business operations, cybersecurity has evolved into a front-and-center concern for organizations worldwide. What was once considered a technical issue managed by IT departments has become a boardroom topic of utmost importance. With the rise of sophisticated cyberattacks, the growing use of generative AI by threat actors and massive data breach costs, it is no longer a question of whether cybersecurity matters but how deeply it affects every facet of modern operations.The 2024 Allianz Risk…

Adversarial advantage: Using nation-state threat analysis to strengthen U.S. cybersecurity

4 min read - Nation-state adversaries are changing their approach, pivoting from data destruction to prioritizing stealth and espionage. According to the Microsoft 2023 Digital Defense Report, "nation-state attackers are increasing their investments and launching more sophisticated cyberattacks to evade detection and achieve strategic priorities."These actors pose a critical threat to United States infrastructure and protected data, and compromising either resource could put citizens at risk.Thankfully, there's an upside to these malicious efforts: information. By analyzing nation-state tactics, government agencies and private enterprises are…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today