The Islamic State of Iraq and Syria (ISIS) has been called the world’s richest terror group. While the group generates the majority of its funds through oil fields seized in northern Iraq and Syria, it still relies on a number of other ways to secure financing. Donations from wealthy sympathizers greatly helped ISIS when it was first established. However, now that global governments are aware of ISIS and actively look to track and block all funding efforts through banking channels, donations have become harder to receive. These difficulties have not stopped ISIS from seeking ways to bypass sanctions and money-laundering filters, however. The group has begun to use cryptocurrencies such as Bitcoins as it looks for anonymous and untraceable ways to transfer money.

Bitcoins

Virtual currency is an electronic cryptocurrency used to purchase both virtual and actual goods and services. It is not contractually backed by assets or legal currency laws, it is not controlled by a central authority and it is not a tangible good. Bitcoins can be sent to anyone who has an Internet connection.

The first step in dealing in this type of currency is to set up a virtual wallet where Bitcoins and their transaction history are stored. According to CoinDesk, the wallet houses a file of secure digital keys used to access your public Bitcoin address and sign transactions. They are traded by sharing a wallet’s anonymous private identification number with the merchant or peer.

Wallets are a way to store the digital documentation of the Bitcoin value and grant access to users to spend them. There are many kinds of virtual wallets, with the most popular forms being desktop wallets, Web-based wallets and mobile wallets.

  • Desktop Bitcoin Wallets: Desktop wallets offer the most security and anonymity. This type of wallet is a software program that is downloaded onto a user’s computer. Desktop wallets process user transactions, allow users to create new addresses and store the user’s private key.
  • Web-Based Bitcoin Wallets: Web-based wallets store a user’s private key online via a main computer or server that is connected to the Web. Web-based wallets allow for more flexibility as they connect to a user’s desktop wallet and mobile device wallet. However, Web-based wallets have greater risks than desktop wallets. According to Bitcoin Reporter, these wallets hold user keys, leaving users vulnerable to any difficulties the service experiences, such as hackings, regulatory problems and technical issues.
  • Mobile-Based Bitcoin Wallets: Mobile wallets work via smartphones. Users must download an app to access their virtual currencies. These apps are simple vehicles into your wallet that you can use on your smartphone. They only use a subset of the block chain and rely on other networks to ensure all the correct information is there for the transaction to take place.

The ISIS-Bitcoin Nexus

Like most forms of technology, fraudsters, criminals and terror groups will find ways to exploit them for nefarious uses — Bitcoin is no different. Due to its anonymity and untraceabilitiy, it is used for criminal activities such as laundering money, buying and selling illegal goods and services and transferring money to support criminal or terror activities. Al-Khilafah Aridat: The Caliphate Has Returned, a pro-ISIS blog, discusses how Bitcoins can be used to fund the caliphate. The post states that they are untraceable by Western governments and, therefore, they will not be stopped by regulatory screening processes. The blog then discusses the decentralized nature of virtual currencies, specifically stating that they are able to access markets that cross all borders and nation-state regulations to send money instantly and in a way that is untraceable by “Kafir” governments.

In an additional step to keep the senders’ and receivers’ identities secret, the blog post discusses the use of dark wallets. Dark wallets offer Bitcoin users more protection in relation to privacy and identity. It is also widely known that dark wallets may enable serious crimes such as murder, child pornography, drug and weapon sales and terror group financing.

According to the blog, Bitcoins are an entirely anonymous donation system that could send millions of dollars instantly from the United States, United Kingdom, South Africa, Ghana, Malaysia and Sri Lanka.

On Oct. 13, Reddit’s Bitcoin forum discussed how the ISIS blog site was accepting Bitcoin as a form of payment on the Swedish/Latvian conversion site Yourserver.se. The blog claims the payments are strictly for maintenance and hosting the website. Reports indicate that Yourserver.se closed the account, claiming it has a strict terms and conditions policy that prohibits using its service for illegal activities. Yourserver.se lists its terms of service on its site and bans the following:

  • Anything forbidden by Swedish law;
  • Spamvertising websites;
  • Malicious software such as mail and network bombers, spam, virus operation software and control centers;
  • Scam and phishing websites such as fake eBay, PayPal and bank login forms;
  • Network abuse (i.e., network scanning).

Analyst Comments

It is not surprising that ISIS would begin to adapt to using cryptocurrencies as a way to receive funds; the group has proven to be quite skillful with technology and social media. ISIS has been known to spread propaganda, recruit individuals and seek funds through tools such as Twitter, Facebook, YouTube and Ask.fm.

There are some challenges with how ISIS would turn Bitcoins into physical currency in the states in which it operates. Many ISIS-controlled territories do not have the technology to extract high amounts of Bitcoins for cash. However, nearby Turkey, Israel and Dubai all have a small but flourishing Bitcoin community, with a few Bitcoin ATMs available. Bitcoin ATMs work just like bank ATMS and are electric communication devices that allow Bitcoins to be exchanged for cash without the need for a cashier. It is important to note that some models only allow for the purchasing of Bitcoins. When a Bitcoin ATM is not available, users can sell them online; however, this type of sale often requires users to verify their identity.

More from Banking & Finance

Black Friday chaos: The return of Gozi malware

4 min read - On November 29th, 2024, Black Friday, shoppers flooded online stores to grab the best deals of the year. But while consumers were busy filling their carts, cyber criminals were also seizing the opportunity to exploit the shopping frenzy. Our system detected a significant surge in Gozi malware activity, targeting financial institutions across North America. The Black Friday connection Black Friday creates an ideal environment for cyber criminals to thrive. The combination of skyrocketing transaction volumes, a surge in online activity…

What’s up India? PixPirate is back and spreading via WhatsApp

8 min read - This blog post is the continuation of a previous blog regarding PixPirate malware. If you haven’t read the initial post, please take a couple of minutes to get caught up before diving into this content. PixPirate malware consists of two components: a downloader application and a droppee application, and both are custom-made and operated by the same fraudster group. Although the traditional role of a downloader is to install the droppee on the victim device, with PixPirate, the downloader also…

Exploring DORA: How to manage ICT incidents and minimize cyber threat risks

3 min read - As cybersecurity breaches continue to rise globally, institutions handling sensitive information are particularly vulnerable. In 2024, the average cost of a data breach in the financial sector reached $6.08 million, making it the second hardest hit after healthcare, according to IBM's 2024 Cost of a Data Breach report. This underscores the need for robust IT security regulations in critical sectors.More than just a defensive measure, compliance with security regulations helps organizations reduce risk, strengthen operational resilience and enhance customer trust.…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today