Bitcoin has done what regulators haven’t been able to accomplish — getting cybercriminals to lay off of cryptocurrencies as the ransom payment du jour in malware attacks.
Bitcoin’s price swings over the past few days — from below $10,000 24 hours ago to more than $11,500 today — have stoked emotions ranging from fear of a bubble bursting to euphoria for a buying opportunity. But recent volatility has also unearthed an unlikely trend, causing cybercriminals to forego the sci-fi effect in ransomware demands and name their price in local currency rather than bitcoin.
It’s not that bad actors have stopped developing malware, but due to an inability to properly value the cryptocurrency amid the wild ride between Q4 2017 and this week, they’re increasingly turning to more stable fiat money instead to protect their bottom line, according to a Proofpoint report. The below chart reflects activity for the 90-day period leading up to mid-December.
While it may not be commonplace to think of cybercriminals as running a business, that’s what they’re attempting to do, albeit on the dark side. And like any business owner, they must attach a value to the nefarious services they are engaged in — but a volatile bitcoin price makes it difficult for them to do so. The pendulum began to shift from demanding bitcoin to government-issued currency in November with the Sigma virus, whose ransomware was denominated in US dollars.
That was only the beginning, as the volatility in the bitcoin price only became more pronounced in December. As a result, there was a 75% drop-off in bitcoin-denominated ransomware demands in Q4 2017. This was in stark contrast to the trend over the past two years during which time cyber thieves mostly held data ransom in exchange for bitcoin.
According to the report:
“Denominating ransoms in a government-issued currency—even if the actual payment is made in the form of Bitcoin—has two big benefits for an attacker. It allows the threat actors to maintain pricing stability and still accept their payments anonymously, and in a currency that, for the moment, continues to appreciate quickly.”
Meanwhile, the bitcoin volatility over the Christmas holiday was no joke, with the bitcoin price approaching $20,000 and falling below $11,000 all in a matter of days, but this month’s trading activity could bring cyber thieves back. According to the Proofpoint report, making demands in traditional currency instead of cryptocurrency is a reflection of a rising bitcoin price. “The trend,” they say, “may reverse if bitcoin falls back to earth.” Ultimately, bad actors are after one thing — “show me the money,” whether it’s fiat money or cryptocurrency that inflates their bottom line.
Featured image from Shutterstock.