Digital Currency and Getting Paid In The Underground

Digital Currency and Getting Paid In The Underground
Digital Shadows Analyst Team
Read More From Digital Shadows Analyst Team
January 6, 2016 | 3 Min Read

It’s been said that money makes the world go round.  People expect to be paid for their time, goods, and services, and cyber criminals are no different. Cyber criminals expect to be paid for their efforts and will go to great lengths to see their payoff and, consequently, the development and maturity of cyber criminal markets continues at an alarming rate.

Getting paid in the underground has significantly changed over the course of the last two decades. Traditional payment systems, such as wire transfers, began giving way to digital currency in the mid to late 1990s. These new digital currencies afforded the users – criminal and non-criminal alike – the opportunity to continue to buy and sell goods and services in relative anonymity and safety, while encouraging ease of use and the ability to convert digital currency into other forms of currency. Nowadays, it is commonplace to see criminals offering illegal goods and services in return for payment using digital currencies. As an example, items such as those contained in Figure 1, a botnet known as Kronos, can be purchased anonymously on various market places within the Internet.

Kronos Banking Trojan

Figure 1: Example of Kronos Botnet Which Can Be Acquired Anonymously Using Bitcoin

Digital currencies can be transacted in a variety of ways.  They may be converted for other forms of currency – such as in the case of Webmoney or PerfectMoney.  Many digital currencies rely on blockchain cryptography and have come to be known as cryptocurrencies for this reason. Services have been established that provide enhanced anonymization of digital currencies . Some of these services are known as tumblers. There are even examples of services that intentionally launder money through other cryptocurrencies such as Darkcoin (now known as Dash). Digital currencies can be cashed out with relative ease by moving money through payment systems such as WebMoney or PerfectMoney or through other forms of exchange depending on the type of digital currency in question (cryptocurrencies, such as BitCoin or Dash for example). There are four common ways to cash out:

  1. Direct trade with another person (intermediary)
  2. Online exchanges (via anonymous exchanges like CoinChimp
  3. Peer-to-peer trading marketplaces where Bitcoins are exchanged for discounted goods via others who want to obtain the cryptocurrency with credit/ debit cards
  4. Selling Bitcoin in person

CoinChimp

Figure 2 provides an example of an online anonymous exchange where Bitcoin users can cash out their currency.

Digital currency continues to evolve quickly, and Digital Shadows has counted more than 23 digital currencies, a significant proportion of which are cryptocurrencies. Their appeal continues to grow due to the flexibility offered to users through centralized and decentralized marketplaces.  The benefits of the anonymity and privacy afforded by some currencies make them attractive to many people, and especially to cyber criminals. Ongoing currency innovation is driving ease of use for the cyber criminal – for paying, being paid and for cashing out. This complicates matters for security researchers and law enforcement, but does not deter our efforts in tracking and observing criminals and their activities.

Related Posts

3 Phishing Trends Organizations Should Watch Out For

3 Phishing Trends Organizations Should Watch Out For

May 20, 2020 | 16 Min Read

It’s only May, and is it just me, or has this...
The 2020 Verizon Data Breach Investigations Report: One CISO’s View

The 2020 Verizon Data Breach Investigations Report: One CISO’s View

May 19, 2020 | 6 Min Read

Sadly, Marvel’s Black Widow release date was...
A NEW DECADE OF CYBER THREATS: LOOKING BACK AT THE TRENDING CYBER TOPICS OF Q1 2020

A NEW DECADE OF CYBER THREATS: LOOKING BACK AT THE TRENDING CYBER TOPICS OF Q1 2020

May 14, 2020 | 10 Min Read

Q1 2020 was packed full of significant...
BitBazaar Market: Deception and Manipulation on the Dark Web

BitBazaar Market: Deception and Manipulation on the Dark Web

May 12, 2020 | 8 Min Read

It's a BitBazaar that they thought they...