Cryptocurrency: Cybercrime’s new favourite tool

Prior to cryptocurrency, cybercriminals worked harder and got paid less. It was labour-intensive and time-consuming to convert stolen personal data or credit cards into a paycheck. Most often, they are involved in buying and selling goods, taking part in shady forums, and hiring untrustworthy people to assist them.

Cybercrime identified these problems, innovated, and discovered better methods to solve them, just as legitimate markets did. Cryptocurrency was at the centre of these new methods, so they were more profitable, less risky, and had a greater level of profitability.



Cryptojacking is the act of generating cryptocurrencies using someone else’s computing resources. On the surface, it doesn’t appear to be particularly sinister – crypto mining may cause some performance difficulties, shorten the life of computers, or run up a cloud computing bill.

Cryptojacking is frequently just the most obvious activity. Cryptojacking malware is frequently used to steal credentials. What appears to be a harmless miner could be a prelude to something far more devastating, such as a ransomware attack.

Browser-based – These miners, which are mostly JavaScript-based, are only active when a specific website or browser tab is open. The threat to the device and the organisation is minimal.

Software-based – These miners are installed on devices in the same way malware is installed and will persist and survive reboots via similar methods. They can do greater damage and lead to other forms of attacks by running as a dedicated process on a system.


Cryptocurrency enabled cyber extortion

Ransomware was once fully opportunistic and automated, targeting both individuals and corporations. They’d encrypt files on the direct systems they gained access to. They may encrypt associated storage or neighbouring file servers, but they will usually end there. Ransoms are usually hundreds or thousands of pounds (nearly always to be paid in cryptocurrency).

Extortion tactics have shifted significantly. Attackers increasingly spend more time and effort extorting entire corporations at a time, for a considerably larger payout, rather than opportunistically targeting individuals. These attacks are becoming more common.

For the first phase of the process, cybercriminals used an opportunistic approach, looking for usable credentials, popular weaknesses, or sending phishing emails to millions of addresses. When one of these tactics is successful, the criminals no longer deploy ransomware automatically.


Instead, the rest of the procedure is similar to a penetration test, right down to the tools employed. The attackers investigate the affected organisation to see if it is worth assaulting. They then get careful access to the internal network and spread ransomware throughout.

Only when everything is in place do they kick off the process of encrypting files and sending ransom notes.


The involement of Cryptocurrency in Cybercrime is becoming increasingly prominent, but there are measures you can take to try and avoid an attack.

Click on the link below to find out more or get in touch for assistance 📞


Get in touch