logo Crisis Solutions

Crisis Solutions

+44(0) 207 965 7319CONTACT US

Bitcoin no longer favoured by cyber-criminals

Are cyber-criminals falling out of love with the original crypto-currency?

It’s not giving away a huge corporate secret to say that most of the crisis simulations we currently run are cyber related. Many of our clients are banks and insurance companies and just mentioning the words cyber-attack is enough to bring executives out in a cold sweat.

Typically, our crisis scenario might fabricate something similar to the Petya or WannaCry attacks; with data encrypted and computer terminals locked. If we need to ramp up the pressure we then introduce the fact (or in our case the fiction) that criminals have seized client data and are threatening to post it online unless a ransom is paid. Bitcoin, the modern criminals crypto-currency of choice, is usually the preferred payment method. But times change.

Outside our simulations and in the real (under)world, illicit financial transactions are undergoing a transformation. Bitcoin, despite its turbo-charged rise, is no longer so favoured by drug dealers and money launderers. Firms such as Chainalysis are now able to trace Bitcoin transactions linked to crime and can help stop ill-gotten gains being turned into cold, hard cash.


Bitcoins’ underlying technology is a digital ledger called the blockchain, which records addresses that send and receive transactions. This includes the exact time and the amount involved.

Match an address to a crime and it’s possible to see funds disappear and reappear in other locations. Digital snoops have developed databases and techniques which can eventually track down the bad guys.

Not surprisingly, crime syndicates are now looking at other crypto-currencies when it comes to transferring their funds.

One such is monero, which is explicitly designed to avoid tracking. Europol, raised the alarm several months back, saying: “other cryptocurrencies such as monero, ethereum and Zcash are gaining popularity within the digital underground.”

Monero is now “one of the favourites, if not the favourite”, according to Matt Suiche, of blockchain security firm Comae Technologies.


In December last year cyber-criminals locked thousands of WordPress sites using ransomware. The ransom came as a monero demand rather than bitcoin.

Started in 2014, monero encrypts a recipient’s address on its blockchain and generates fake addresses to obscure the real sender. It also obscures the amount of the transaction.

In an unguarded moment, Riccardo Spagni of monero said recently: “As a community, we certainly don’t advocate for monero’s use by criminals. (But) I imagine that monero provides massive advantages for criminals over bitcoin, so they would use monero.” Cue a huge sigh of relief from the cyber-villain community.

Monero’s main competitor is Zcash which some say can offer even better privacy protection.

Instead of creating a fake address to hide a sender’s identity, Zcash encrypts their true address. This apparently makes it almost impossible to identify senders by looking for correlations in addresses used in multiple transactions.

So, if you want to keep up with the latest trends in crypto-crime you need to be conversant with bitcoin, Zcash and monero. And this is something we at Crisis Solutions need to look at when it comes to scoping out our next cyber-crisis scenario.