For cybercriminals looking to launder illicit profits, bitcoin has long been the preferred payment method. But another cryptocurrency is coming to the fore, promising to help dirty money disappear without a trace.
While bitcoin leaves a visible trace of transactions on its underlying blockchain, the monero “privacy coin” niche was designed to hide the sender and receiver, as well as the amount exchanged.
As a result, it has become an increasingly sought-after tool by criminals such as ransomware gangs, posing new problems for law enforcement.
Monero’s rise comes as authorities rush to crack down on cybercrime in the wake of a series of audacious attacks, most notably the attack on the Colonial Pipeline, a major oil artery that supplies the US East Coast.
“We have seen groups of ransomware that have specifically moved to monero,” said Bryce Webster-Jacobsen, chief intelligence officer for Groupsense, a cybersecurity group that has helped a growing number of victims pay ransoms in monero. “[Cyber criminals] have recognized the ability to make mistakes with bitcoin that allow blockchain transactions to reveal their identity. ”
Russia-linked REvil, the notorious ransomware group believed to be behind the attack earlier this month on meatpacker JBS, removed the option to pay in bitcoin this year, demanding only monero, according to analyst Brett Callow. threat from Emsisoft.
Meanwhile, DarkSide, the group blamed for the Colonial Pipeline hack, and Babuk, which was behind the attack on Washington DC police earlier this year, allow payments in any of the cryptocurrencies, but charge a premium. 10 to 20 percent to victims who pay the most bitcoin, experts say.
Justin Ehrenhofer, a cryptocurrency compliance expert and member of the monero developer community, said that in early 2020, its use by ransomware gangs was “a rounding error.” Currently, he estimates that between 10 and 20 percent of ransoms are currently paid in monero, and that the figure will likely rise to 50 percent by the end of the year.
Monero was launched as an open source project in 2014 by a user of a bitcoin forum under the pseudonym “thankful_for_today”. His original white paper argued that bitcoin’s traceability was a “critical flaw”, adding that “privacy and anonymity are the most important aspects of electronic cash.”
Ehrenhofer is among those who argue that the visibility of bitcoin should be rejected in favor of a fully private financial system. “The main objective is the indistinguishable of the transactions: to make private and fungible money,” he said. “We want monero to be as close to cash as possible, where one $ 10 bill is the same as another and the merchant doesn’t know where they come from.”
While the coin has enjoyed a more than five-fold price spike since the start of 2020, following the broader rally in the cryptocurrency, its overall market capitalization is still a sliver of that of bitcoin – nearly $ 5 billion. compared to $ 727 billion, according to data from Coinmarkcap.
Still, it has inspired a loyal following among privacy idealists and anti-establishment crypto buffs like Ehrenhofer, who are dedicated to maintaining their code and using advanced math to try to ensure their transactions remain untraceable. You now have the third largest community of the developers of any cryptocurrency, behind bitcoin and ethereum, show the data.
But monero has also been controversial since its inception, thanks to its association with illicit payments and money laundering. Dr. Tom Robinson, chief scientist and co-founder of blockchain intelligence group Elliptic, said that an increasing number of markets on the dark web now exclusively accept monero for the sale of everything from guns to drugs. “That has been a big change over the past year,” he said.
Meanwhile, ransomware negotiators, who are often hired by victims to help handle extortion payments, have also started contacting Monero developers to understand how the cryptocurrency works, according to Ehrenhofer. Negotiators aim to “build the liquidity relationships” necessary to facilitate payment in the event of a monero rescue demand, he said.
The absence of a digital trail for monero is proving increasingly problematic for law enforcement agencies, who typically work with private sector cryptocurrency analysis groups to track suspicious transactions in the bitcoin digital ledger.
Europol in 2020 report placed privacy coins among the factors that have made cryptocurrency investigations more challenging and [that] we can hope that these will occupy a more prominent place in future research. “
In September of last year, the US Internal Revenue Service. offered a reward of $ 625,000 for any contractor capable of developing tools to help track Monero. Has since awarded the contract with crypto forensic group Chainalysis and data analysis group Integra FEC.
Other crypto forensic groups have also quietly tried to do the same. CipherTrace CEO Dave Jevans said his company had started working on the coin more than two years ago under a contract with the US department of homeland security and had filed patent applications as part of the job, but did not want to share more details.
Some experts say that ransomware gangs are unlikely to switch to exclusively demanding monero, as the difficulty in obtaining it could make victims less likely to pay.
Many point to challenges around their liquidity and availability, which means that only smaller transactions may be possible. “If you choose a coin that is too dark, just buying the coin can make [it] more expensive to buy. That creates levels of unpredictability in a negotiation, ”said Eric Friedberg, co-chair of the Aon-owned cybersecurity group, Stroz Friedberg.
Others point out that, given their opacity, it is impossible to determine whether or not their transactions are with sanctioned entities, which could run the risk of severe penalties.
Multiple experts say that US lawmakers are moving a long way from singling out a particular cryptocurrency when drafting the relevant legislation. Still, many large cryptocurrency exchanges have shied away from listing privacy coins for fear of attracting regulatory scrutiny as authorities increasingly insist on higher standards of customer awareness and money laundering.
As a result, some ransomware negotiators remain nervous about any involvement with monero.
“If a client wants to do something in a privacy coin, we don’t support it,” said Bill Siegel, chief executive of Coveware, one of the most popular bailout negotiating firms. “We understand what the attitude is from a regulatory point of view and we want to be helpful for law enforcement.”