Cryptocurrency Ransom Money Recovered: How Should We Scrutinize Its Anonymity and Security?

2021-06-12, 03:01




Preface
Security and anonymity have been one of the main features of cryptocurrencies with Bitcoin and Ethereum leading the way. The anonymity has also made Bitcoin and Ethereum a major source of extortion for hackers, with various ransomware viruses having caused harm to Internet users. Recently, the FBI recovered the ransom money from the hackers. As a result, cryptocurrency enthusiasts expressed concern about the anonymity and security of cryptocurrencies.


From: CoinMarketCap


How Cryptocurrency Security & Anonymity Are Achieved
Two of the main features of crypto coin and blockchain technology are security and anonymity.


In the case of Bitcoin, the process of transferring funds requires the verification of both a "public key" and a "private key", which is achieved through "asymmetric encryption". Suppose A wants to transfer money to B, A will finish encrypting the message with the public key and send it to B, where it is broadcast to the whole network. B will use its own private key to unlock the message after receiving the encrypted message through the public key and broadcast it to the whole network. Everyone can verify whether the message is really from A through A's public key, but only B can decrypt the transfer through the private key, avoiding the possible interception of the funds being transacted.


In blockchain technology, the data exchanged between each node follows a fixed and predetermined algorithm, which will determine by itself whether each transaction is valid according to the algorithm’s rules. In the blockchain network, participants are indeed able to check the status of their transaction through each address. However, since crypto wallets do not require real-name verification and the node's wallet can be used as long as the private key is available, it is generally not easy to verify the real identity of the user.


Anonymity Makes Cryptocurrencies the Preferred Choice for Ransom
On June 9th, 2021, Payment & Clearing Association of China issued a tip on strengthening information sharing in the financial industry to effectively prevent payment risks. These risks include "using virtual currencies and blockchain technology to evade fund traceability, using virtual currencies as a medium for gambling or using virtual currencies for deposit.” The association said that due to the anonymity, convenience and borderless payments of virtual currency transactions, cryptocurrencies gradually turned into an important channel for cross-border money laundering. The illegal and criminal activities involving virtual currency are gradually on the rise. With the help of anonymity, the transfer of the funds involved is concealed through a large number of C2C transactions, making it difficult to trace the transaction of capital.


From: chainalysis.com

According to a Chainalysis report on cryptocurrency crime-related statistics, 2.1% of all cryptocurrency transactions in 2019 (involving $21.4 billion) were related to illegal activities. Although this value decreased in 2020, the amount still reached $10 billion. Since 2018, the amount of money involved in ransomware that uses cryptocurrencies as a payment method has surged by 311%.



WannaCry? One of the Most Notorious Cryptocurrency Ransomware in History
In May 2017, a ransomware called WannaCry (WannaCrypt,"want to cry") infected computers in 99 different countries and regions. This included institutions like Telefonica, the UK NHS, FedEx and the Russian Ministry of Internal Affairs. According to the CERT of China, about 1,011,000 IP addresses were attacked worldwide at that time. After being attacked, the files in the computer systems would be encrypted by the ransomware. After the encryption took place, the system wallpaper would turn into an English pop up, and a ransom note would appear asking the user to pay 300-600 US dollars worth of Bitcoin to a specific wallet Address to get the file decryption tool. WannaCry became one of the most well-known ransomware related to cryptocurrency in one fell swoop.



From: Wikipedia


The FBI Recovered Approximately $2.3 Million in Bitcoin Ransom Money
In May 2021, Colonial Pipeline, the largest U.S. fuel pipeline operator, was hacked by DarkSide. It activated an emergency response that shut down all pipeline operations to protect operational systems. At one point, the U.S. government declared a state of emergency. This move caused panic. In the end, Colonial Pipeline chose to pay a ransom of nearly $5 million in Bitcoin to the hackers. The company's operations were subsequently restored and the government lifted the nationwide state of emergency.


And on June 7th, the U.S. The Department of Justice publicly stated that they had recovered 63.7 Bitcoins from the ransom, currently worth $2.3 million. In the DOJ's statement, it was revealed that they continuously tracked the transfer of Bitcoins through its public ledger and eventually found 63.7 of the ransom paid and transferred to specific wallets. The FBI eventually intercepted the wallet's private key in North Carolina and recovered the Bitcoins.


From: Forbes

Private Key Busted? Panic in the Crypto Market
Although the U.S.Department of Justice and the FBI did not directly announce how they obtained the hacker's private key of the Bitcoin address, it was widely believed that the FBI obtained the private key by cracking the encryption algorithm. There was even panic on the internet that "Bitcoin was cracked by the FBI" and "Bitcoin is no longer safe ". The price of Bitcoin fell sharply that day to a low of $31,716 due to concerns about "Bitcoin's anonymity and its encryption being busted".


But according to some insiders, the FBI simply located the server where the hacker's wallet’s private key was stored via the Internet and blocked the server. They used the private key to retrieve some of the Bitcoins directly. If the FBI had cracked the relevant algorithm, it would be able to recover all the Bitcoin ransom. Not only that, but all the bitcoins were able to be recovered by the FBI.


Anonymity & Security Should not be Exploited by Criminals
Even though anonymity and security have always been a feature of blockchain technology such as Bitcoin, we must recognize that it is a double-edged sword. While many participants use anonymity to protect their privacy, there are also many criminals who use it to evade regulation. In any case, the anonymity of blockchain technology should not be used as a haven for criminals. As relevant government agencies and regulators continue to intervene, we will see more discussions and solutions surrounding blockchain anonymity and security.


Author: Gate.io Researcher: Gazer. C
*This article represents the views only of the researcher and does not constitute any investment advice.
*Gate.io reserves all rights to this article. Reposting of the article will be permitted provided Gate.io is referenced. In all other cases, legal action will be taken due to copyright infringement.
共有
gate logo
Credit Ranking
Complete Gate Post tasks to upgrade your rank