Sean Sullivan’s research into the “customer portal” of a family of cypto-ransomware known as “Spora” reveals that the criminals run their operations like an actual business with regularly scheduled spam runs to lure in new victims and while the crooks are flexible about deadlines, the method of payment is non-negotiable: it must be in Bitcoin.
Bitcoin, the world’s first digital currency may have the potential to transform the financial world but it has also drawn much criticism for being an attractive payment method for criminals, due to the anonymity it provides.
A recent report by Finnish cyber security and privacy company, F-Secure, says that the easy availability of Bitcoin has made crypto-ransomware’s business model viable and profitable, feeding an online crime wave that has seen new extortion-enabling malware families at least double each year since 2012.
Ransomeware is a malicious software designed to block access to a computer system until a sum of money is paid. It encrypts files stored on the user's computer or mobile device and renders it unreadable by the user or the device. In order to restore it for normal use, a decryption key is needed to unlock the file.
Sean Sullivan, Security Advisor at F-Secure, did some digging into the "customer portal" of a family of cypto-ransomware known as "Spora" and got to know that the criminals run their operations like an actual business with regularly scheduled spam runs to lure in new victims. And while the crooks are flexible about deadlines, the method of payment is non-negotiable: it must be in Bitcoin.
"We should be thankful that there are at least some limits on purchasing Bitcoin. If it were any easier to do so, very little else would check the growth of crypto-ransomware’s business model," Sullivan says.
"The malware technology to encrypt data has been possible for many, many years; the bigger challenge has always been getting paid," he adds.
There was one known ransomware family variant in 2012, according to F-Secure’s State of Cyber Security 2017 report. By 2015, there were 35, which exploded to 193 in 2016.
Lack of government regulation around the buying and selling of bitcoins have also left it open to misuse. For regulators virtual currencies present a series of challenges relating to taxation, money-laundering and terrorist financing and ransomware demands but it is necessary to lay down a set of rules under which cryptocurrencies exist and function in the economy as killing off the technology would also lay waste to the benefits that it promises to give.
US and European officials could make a major dent in the availability of Bitcoin with a relatively simple change, F-Secure says.
"Bitcoin exchange accounts could be required to be tied to a physical address," Sullivan says.
Currently it takes just minutes – or seconds – to open a Bitcoin account in a third-party market. This requirement would require an activation code that’s mailed to you before an account can be opened. While this wouldn’t affect criminals who do business out of Russia and China, it would make their attacks far less profitable.
"The exchanges would hate it. But given the hundreds of millions of dollars being extorted every few months, it seems appropriate," Sullivan says. "Barring this or a similar step, exponential growth of malware families delivering these threats seems to be the only other option."
But time is of the essence, Sullivan stresses.
"Ethereum is now trading at similar trajectory as Bitcoin," he says. "If governments don’t act now to come up with a strategy for dealing with digital currencies, it’s not going to get any easier."Follow @shukla_05sid