European law enforcement group Europol has released a report stating that cryptocurrencies are still being used to facilitate payments for internet-based crimes.
The Internet Organised Crime Threat Assessment (IOCTA) report was published on October 5, giving in-depth insights into the most prolific cybercrime threats being perpetrated through the use of the internet in Europe.
Crypto used for criminal payments
According to the report the ‘abuse’ of cryptocurrencies continues as a means of facilitating payments for all varieties of cybercrime.
This is mainly due to the common characteristics of various cryptocurrencies, which the report highlights as the reliability of these systems, the irreversibility of the transactions due to their decentralized nature and the varying degrees of anonymity afforded to users making transactions with cryptocurrencies.
This has led to cryptocurrencies becoming the go-to choice for transactions both for victim-to-criminal payments associated with ransomware attacks as well as criminal-to-criminal payments across Darkweb platforms and other criminal networks.
The report makes mention of this modus operandi harking back to the days of one of the earliest Darkweb marketplaces, Silkroad, back in 2011 as well as the Cryptolocker ransomware and its emergence in 2013.
“At that time, more than 20% of transactions were directly attributable to criminal activity. Although the level of criminal abuse has grown substantially, the legitimate use of cryptocurrencies grew at a much faster rate.”
Fast forward to 2019 and the report highlights how the use of cryptocurrencies like Bitcoin is dominated by investment and trading activity – with only around 1.1% of these transactions now linked to criminal activity. This includes the use of cryptocurrencies for Darkweb trading, theft and ransomware payments.
The report states that cryptocurrencies continue to be the payment option of choice for cybercriminals carrying out extortion practices through Ransomware attacks while more recent methods have included ‘sextortion’, theft of data or COVID-19 related threats.
Europol IOCTA also acknowledges that the burgeoning cryptocurrency sector has also attracted cybercriminals to try and hack exchanges and users’ private wallets. It pointed to 10 major hacks of exchanges in 2019 which resulted in the theft of over €240 million worth of assets.
Privacy wallets a top threat for policing Darkweb
The latter section of the report delves into the various threats posed by Darkweb marketplaces, which it notes have waned somewhat over the past two years. Nevertheless the IOCTA said the space is still difficult to keep in check as ‘developments are often challenging to anticipate’.
The use of privacy-enhancing wallet services is identified as a top threat for law enforcement. ‘Coinjoin’ concepts like Wasabi and Samurai wallets as well as centralised mixers are mentioned specifically as tools used by cybercriminals on the Darkweb.
In the past Darkweb marketplaces predominantly used Bitcoin as the preferred means of payment but the emergence of a number of privacy coins has seen that change.
These marketplaces now offer various cryptocurrency token options for payment which includes Litecoin, Ethereum, Monero, Zcash as well as Dash.
Monero in particular is identified as the most used privacy coin for Darkweb transactions followed by Zcash and Dash.