In context: The crypto winter is impacting more than just investors, miners, and businesses; it’s also making cybercriminals rethink their ransomware tactics, often pushing them towards other forms of computer crime such as traditional malware attacks and phishing scams that net them dollars rather than digital currency.
Cryptocurrency prices have crashed over the last couple of months. The biggest of them all, Bitcoin, which hit a record of almost $68,000 late last year, is now hovering around $20,000. The crash has been felt by companies that deal in digital assets, cryptominers, and even entire countries.
The falling price of crypto is also being noticed by ransomware gangs who demand it as payment from victims. As reported by CNET, Mark Lance, vice president of cyberdefense and a ransomware negotiator at GuidePoint Security, writes that the criminals now have to ask for more crypto so they receive the same amount when it’s converted into dollars. That can often make the demands look even larger, even though the dollar amount asked is the same.
Like legitimate companies that deal with cryptocurrencies, dark web crypto exchanges are also feeling the pressure. Israel-based threat intelligence firm Cybersixgill writes that around 30 of these exchanges have closed since April, when Bitcoin was about $47,000.
The situation has led some ransomware gangs expanding into other, more traditional forms of cybercrime, including remote-banking trojans, credential-stealing malware, and phishing attacks, all of which result in dollar cash—rather than crypto—gains for the perpetrators.
Lance does note that many ransomware attacks these days don’t get as much coverage unless the target is particularly high profile, like AMD, Foxconn, or Nvidia. “Ransomware is still as prevalent as it ever was,” he said, “and still making a ton of money.”
In May, the FBI warned workers to be wary of business email compromise (BEC) attacks estimated to have stolen $43 billion in five years.