February 17, 2023 By Mike Elgan 4 min read

Some rare good news in the world of cyber crime trends: Certain crimes declined in 2022 after years of constant rises. Should we credit crypto?

Some estimates say that cryptocurrencies have lost $2 trillion in value since November 2021. During that time, the costs associated with cyber crimes, such as ransomware payouts and financial scams, declined.

Pop the champagne! The crypto crash is also crashing cyber crime, right? Well, not so fast.

How cryptocurrencies enable cyber crime

There are four major categories of cyber crime that lean heavily on, or fully require, the use of cryptocurrencies like Bitcoin, Ethereum and Monero: ransomware, DDoS extortion, cryptojacking and crypto theft.

Ransomware is usually facilitated by cryptocurrency, for example. The scam typically involves malware-encrypted files, which perpetrators say they’ll unlock when the victim pays the ransom. Paying in crypto allows criminals to maintain anonymity and non-traceability. (In the increasingly common “double extortion” variant, malicious actors also threaten to expose the files publicly if victims don’t pay.)

DDoS extortion is similar to ransomware. Instead of gaining access to and encrypting files, however, cyber attackers launch a sustained DDoS attack until a ransom in crypto is paid.

Another major crime is illegal cryptocurrency mining, called cryptojacking. Malicious hackers gain access to computing power owned by others, usually via special malware. They then use it to mine crypto illegally.

Unlike most kinds of computer-related crimes, cryptojackers don’t steal money or data directly or demand ransom payments. Instead, they steal computer resources. This translates to higher energy costs, lower performance for users and accelerated declines in battery performance.

Cryptojacking actually rose in 2022. An Atlas VPN analysis found that instances of cryptojacking grew 3.8 times in the third quarter of 2022. (Interestingly, the number of victims declined.)

Analysts assume that cryptojackers are anticipating growth in crypto after it hits bottom and are illegally mining aggressively in the hopes of profiting.

Finally, crypto theft is the hacking of crypto exchanges and other platforms to steal coins directly from their rightful owners. This kind of attack has been reduced because the crypto exchanges themselves were going out of business with the crash in the value of cryptocurrencies.

How falling prices have affected cyber crime

Cyber criminals use dark web exchanges because they don’t check user identities. These don’t typically store currencies but merely enable the exchange of crypto from one service to another, often at inflated fees. These exchanges operate in many ways like legitimate businesses. They need to spend big on advertising, for example, in part to engender trust among malicious actors who themselves don’t want to get ripped off.

Crashing cryptocurrency prices are squeezing dark web exchanges. This reduces incentives for threat actors because it reduces income, makes vulnerability purchasing more expensive and cuts revenue needed to fund Malware-as-a-Service organizations. In other words, falling crypto prices kneecapped the purchasing power of organizations using crypto for illegal activities.

During the rapid declines in early 2022, exchanges tried to convert their crypto to fiat currencies, such as the U.S. dollar (a currency issued by a government not backed by a physical commodity, such as gold or silver), but the value after conversion wasn’t enough to sustain the business.

Advertising for dark web exchanges nearly stopped in the Spring of 2022. Many went bankrupt or out of business.

The cryptocurrency value drop radically slowed financial crimes, including illegal dark web transactions. Losses for the first half of 2022 were way down, according to blockchain data company Chainalysis. Scammer income dropped by two-thirds — 65% — for the first seven months of the year.

Why we can’t draw a direct line from crypto crash to crime reduction

It’s easy to conclude that the drop in the value of cryptocurrencies directly caused the decline in scam revenue. But that would be a mistake.

This drop wasn’t due entirely to the drop in cryptocurrency, according to the report. Both potential victims and police chalked up notable successes in countering such scams. In other words, the general defense against some of these crimes has improved, and credit there is due.

Another point to consider is that total annual scam revenue is usually determined by a very small number of very large scams. One massive scam could upend these numbers and reverse the trend.

In addition, the crash caused cryptocurrency transaction volumes — both legitimate and illegal — to fall. So it reduced “good” transactions in equal measure as “bad” ones.

Also, ransomware gangs likely don’t care if the value of cryptocurrencies is low. They demand ransoms typically in U.S. dollar amounts in the form of whatever quantity of cryptocurrencies are equivalent at the time of demand. While there may be a disincentive to strike while crypto is rapidly declining, once it hits bottom, that disincentive is removed. Volatility in one direction (down) disincentivizes ransomware temporarily. Unfortunately, ransomware is here to stay.

Most importantly, however, it would also be a mistake to assume that cryptocurrency valuations will stay low, or that reductions in crimes that rely on cryptocurrencies will stay low. The consensus among experts is that such crimes will come roaring back to life.

Be prepared for a new wave of cyber crime

The crypto declines that began in late 2021 and continued for more than a year did, in fact, disrupt everything that depended on crypto — the good, the bad and the ugly. But there’s no question that complacency is the wrong response to this brief semi-respite.

As crypto-using criminal gangs regroup, retool and re-think their operations, they will no doubt come roaring back to attack legitimate organizations with new scams and new crimes.

More from Risk Management

What should Security Operations teams take away from the IBM X-Force 2024 Threat Intelligence Index?

3 min read - The IBM X-Force 2024 Threat Intelligence Index has been released. The headlines are in and among them are the fact that a global identity crisis is emerging. X-Force noted a 71% increase year-to-year in attacks using valid credentials.In this blog post, I’ll explore three cybersecurity recommendations from the Threat Intelligence Index, and define a checklist your Security Operations Center (SOC) should consider as you help your organization manage identity risk.The report identified six action items:Remove identity silosReduce the risk of…

Obtaining security clearance: Hurdles and requirements

3 min read - As security moves closer to the top of the operational priority list for private and public organizations, needing to obtain a security clearance for jobs is more commonplace. Security clearance is a prerequisite for a wide range of roles, especially those related to national security and defense.Obtaining that clearance, however, is far from simple. The process often involves scrutinizing one’s background, financial history and even personal character. Let’s briefly explore some of the hurdles, expectations and requirements of obtaining a…

Ransomware payouts hit all-time high, but that’s not the whole story

3 min read - Ransomware payments hit an all-time high of $1.1 billion in 2023, following a steep drop in total payouts in 2022. Some factors that may have contributed to the decline in 2022 were the Ukraine conflict, fewer victims paying ransoms and cyber group takedowns by legal authorities.In 2023, however, ransomware payouts came roaring back to set a new all-time record. During 2023, nefarious actors targeted high-profile institutions and critical infrastructure, including hospitals, schools and government agencies.Still, it’s not all roses for…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today