We are living in a technologically advanced era. The technology at hand has significantly impacted every aspect of our lives. In this technologically progressive era, data has become an invaluable commodity. Datasets are now being sold and purchased for big sums of money for various purposes, such as targeted marketing. Like every precious thing is vulnerable to attacks when left unguarded, data is also bound to get stolen, be changed and in some cases that have recently surfaced, held captive until ransom is paid.
The innovation of the century, Bitcoin and Blockchain have brought about a safer and transparent means of carrying out transactions among various users, but it has a dark history of being an instrument to carry out criminal activities. Allegedly, people are being paid in cryptocurrencies in exchange for illegal services on the dark web. The anonymity and transparency provided by blockchain and bitcoin transactions are being used so it is harder for the authorities to trace out the parties responsible for orchestrating crimes.
One recent case in which a malicious ransomware was employed to collect Bitcoin (BTC) reportedly, amassed 705.08 Bitcoins, which equates almost 3.7 million dollars. The ransomware had been dubbed as Ryuk, a fictional character from animes that throws a Death Note into the world of men out of sheer boredom.
It had appeared that the ransomware had spread using a banking virus name Trickbot. The virus was hooked to an email spam and it seemed that those emails had been randomly sent to an enormous group of people but later on, larger enterprises also made the list. Among the victims of this virus were the Los Angeles Times, San Diego Union Tribune, the Wall Street Journal and New York Times as well as a Canadian restaurant chain Recipe Unlimited.
Apparently, a band of Russian cybercriminals have been behind the whole criminal activity, however the masterminds of these attacks were first assumed to have been North Korean state sponsored actors. The hackers were misinterpreted due to the fact that there had been multiple similarities between these attacks and the ones of Hermes. Hermes was a ransomware that had been integrated by North Korean state sponsored actors for other purposes.
McAfee and Crowdstrike, the cyber security research teams have discovered through their efforts that this ransomware, Ryuk appears to be a variation of Hermes 2.1, which had been on sale. The malicious software could have been purchased from an underground forum. The researchers have reasons to believe that GRIM SPIDER, a Russian threat actor group is responsible for this crime, because it was preliminarily advertised that Hermes would not work on Russian, Ukrainian or Belarusian-language systems. It is alleged that GRIM SPIDER is just a part of a much larger threat group WIZARD SPIDER.
Last year in August it was estimated that around 705 BTC in ransom had been accumulated through the use of Ryuk malware. Crowdstrike went on to mentioning that over 52 transactions across 37 BTC addresses were carried out through which GRIM SPIDER made a whopping $3.7 million.
In a nutshell, cryptocurrencies have many advantages over the fiat, but those advantages are also being misused for many illegal purposes. Criminals can launder money, move their assets overseas and avoid getting persecuted. But it is not possible to outrightly ban them, because rather than to be eliminated, the technology needs to evolve. Governments should let go of the common distrust, and take the initiative to regulate by drawing up legal framework so there are laws and regulations set in place to keep these activities in check. It has merely been a decade, since cryptocurrencies were first introduced, so there is certainly room for improvement which would certainly be made in due time.
