What is the relationship between ransomware and cryptocurrencies?
The most common computer attack in the world of cybersecurity today is undoubtedly ransomware.
They have grown more and more with the ease cryptocurrency in trade and exchanges. ransom payment.
"With the high media coverage of WannaCry, Petya, or more recently Ryuk and Dharma, it's easy to forget that ransomware attacks haven't always been synonymous with ransom paid in bitcoin, monero or other cryptocurrency. The alliance between the two is still quite recent. Matthieu Chassain, a journalist, noted. However, what is at the initiative of this rapprochement between these different computer tools. Let's go back in the story. we remember that the very first computer program with the characteristics of a Ransonware was a Trojan type virus called AIDS. It appeared exactly in 1989. its features were standard to current ransom programs because it was also intended to encrypt the names of folders and files in DOS. But it, unlike the modern program, did not touch the contents of the files. However, it still required the victims affected by this figure to pay the sum of $189 in cash sent to the hacker via a panama-based postal address.
From 2005, an evolution began to be felt in the concept of ransoming by computer attack. It was from there that the real ransomware program as we know it today began to emerge. However, it should be noted that the first crypto currency, bitcoin, will not be real until 2009. But before hackers' interest in cryptographic currency, hackers were already beginning to accept virtual payments through platforms known at the time. These include E-gold and Liberty Reserve. Unfortunately, these platforms will see their purposes announced following lawsuits brought by the U.S. Department of Justice.
It is from 2013 that hackers will start more and more to take an interest in digital currencies such as bitcoin for the payment of their ransom, especially with the software CryptoLocker. He was one of the first to demand payment ransom in bitcoin in order to give the victims the decryption keys of their files. According to an expert in computer security and technology the blockchain, Renaud Lifchitz, this change should not be surprising. in "Traditional cybercrime networks are reaching this level of their limits at the time. In order to function, they had set up organisations vulnerable to police services that were multiplying cooperation to dismantle cybercriminal networks. they needed a lot of time and resources to be effective on the whole line: identifying potential victims, developing and deploying vulnerability operating codes, cleaning and formatting identification of potential buyers, receiving, and bleaching money…"
As a result, since the cryptoLocker program, there has been a gradual break-up of large groups of cybercriminals to give even more groups effective. "It is now much easier and more direct for a cybercriminals to act almost alone by adapting a public operating code and spreading its own ransomware, more or less automating the paying ransoms. Renaud Lifchitz said.
hackers still prefer money cryptographic because of the fluidity it offers. As our expert: "Classical fiduciary currencies pose many problems for cyber criminals, KYC banking regu[…]lations ("Know Your Customer") and AML ("Anti Money Laundering"), which can encourage banks to block or freeze funds in the event of transactions suspicious, with obviously the knowledge of the account owner. »
In other words, cryptographic currencies are a boon for hackers who have specialized in ransomware. In this way, they can go beyond the limits that conventional financial institutions could impose on them: "The cryptocurrency allows its users to truly own their funds, without intermediaries, without arbitrary limits, freely, and with very low fees. ». It's axple. Renaud Lifchitz. He will also add that ransomware attacks have "already had their heyday and heyday: with the integration of anti-ransomware solutions into the market antivirus, and even in Windows 10 itself, it will be increasingly difficult to attack a company's it, customers or servers. »
Now access an unlimited number of passwords: