Continuing from our earlier post, it is no surprise that hackers demand that ransomware be paid in Bitcoin. Since wallets do not require users to share their identities, Bitcoin is untraceable so long as a hacker keeps his ransom in Bitcoin form. And since the blockchain only shows amounts and wallet account numbers, there is no way to tell why Bitcoin was paid for any given transaction. The appeal to criminals is obvious: simply viewing the blockchain does not reveal whether Bitcoin was paid for a legitimate reason or for illegal purposes like purchasing drugs, funding terrorist activities or paying off a ransomware attack.
Other appealing features of Bitcoin for criminals include:
•lack of central authority overseeing the transactions. This means that Bitcoin can be used in any country without fear of authorities attempting to freeze Bitcoin accounts that may be suspected of funding illegal activities;
•even though the blockchain is public, the lack of a central authority means only the user with a private key matching a specific wallet can access the Bitcoin;
•because Bitcoin transactions are processed without a bank or other authority–all that is required is the ten-minute verification process by miners;
•each transaction is non-reversible and final so a hacker is guaranteed to keep any ransom payment without fear of confiscation.
•”Bitcoin-to-other” currency exchanges are paid to launder Bitcoins. They convert hundreds of Bitcoin transactions to other forms of currency while ignoring the identity of the criminal seeking the exchange.
Bitcoin was not created for criminal enterprise, but it is clear why it has become a perfect vehicle for ransomware attacks. Bitcoin has many benefits, but as long as it remains untraceable, ungoverned by a central authority and with irreversible transfers, ransomware hackers will continue to exploit its virtues.