You are currently viewing Blockchain and cryptocurrencies, unintentional allies of cybercriminals ?

The blockchain and cryptocurrencies are garnering increasing interest across various sectors, but their adoption is still hindered by security concerns. This mistrust is exacerbated by past incidents, such as cyberattacks and hacking scandals, which have tarnished their reputation. Despite these challenges, these technologies have continued to evolve and gain legitimacy.

Reluctance due to security concerns

Blockchain and cryptocurrencies, often associated although blockchain has a broader application scope, are frequently perceived by a portion of the public as tools facilitating illegal activities. These technologies are frequently linked to the purchase of drugs or weapons on the Darknet, money laundering, financing terrorism, or tax evasion. This perception undermines users’ trust in these technological innovations. However, it’s essential to remember that any form of currency can be used for illegal purposes. Moreover, technological advancements pave the way for new forms of attacks and scams. The blockchain, which underpins cryptocurrencies, faces a real security challenge as its goal is to strengthen user trust and promote broader adoption.

However, the vast majority of cryptocurrency transactions are carried out legally. An analysis by the blockchain-specialized company, Chainalysis, revealed that in 2023, only 0.34% of the total cryptocurrency transaction volume, around $24.2 billion, was sent to illicit cryptocurrency addresses. This figure is also down from 0.42% in 2022. It’s important to note that these data are based on identified illicit cryptocurrency addresses, and not all illegal transactions are detected.

Origins of the tarnished reputation of blockchains and cryptocurrencies

The question arises as to where this negative reputation associated with blockchain and cryptocurrencies comes from. Since their inception, these technologies have been marred by numerous scandals, including cyberattacks and hacks. The Silk Road case in 2013 is a well-known example. Silk Road was a platform accessible only via the Dark Web offering a multitude of illicit products, from drugs to assassination services, pirated software, and fake IDs. Bitcoin was the only accepted payment method, guaranteeing user anonymity. The media coverage of this story significantly reinforced Bitcoin’s negative reputation.

On the other hand, Mt. Gox was the first platform known for reliable bitcoin exchange against traditional currencies. However, in 2014, it suffered a loss of 744,000 bitcoins. Subsequently, in 2016, $72 million was stolen from the Bitfinex platform. Despite their innovative potential and promising applications, these events seriously contributed to the public’s lack of trust in Web 3.0 technologies. 

Evolution of cyberattacks in the era of blockchain and cryptocurrencies

The advent of blockchains and cryptocurrencies has opened new technological possibilities while posing new cybersecurity challenges.

Indeed, cybercriminals have quickly exploited blockchains to enhance their attack methods. Ransomware attacks, which have known significant growth, are a perfect example. While the blockchain is not directly involved in these attacks, it often facilitates ransom payments in cryptocurrencies. Moreover, phishing increasingly targets cryptocurrency holders to steal credentials, access victims’ funds, or encourage fraudulent transactions. Furthermore, platforms similar to Silk Road have emerged and evolved, with servers hosted in countries with more permissive laws, making cybercriminal tracing more complex.

These technological innovations have also been used to create new forms of illicit activities. The increasing adoption of cryptocurrencies has led to a rise in thefts because many users do not adequately secure their digital assets. Cybercriminals exploit these vulnerabilities to access victims’ accounts and steal their funds through malware. Additionally, cryptojacking has emerged as a cyberattack technique where a device’s computing resources are used without the owner’s knowledge to mine cryptocurrencies, allowing cybercriminals to generate profits undetected.

Reasons why cybercriminals choose these technologies

Cybercriminals use blockchain and cryptocurrencies for their illicit activities for several reasons. First, the legal framework for these emerging technologies remains ambiguous, complicating legal proceedings and investigations. Moreover, the decentralized nature of the blockchain facilitates illicit activities by allowing smoother and faster transactions without traditional banking controls. Thus, unlike bank transactions which can be subject to various checks and delays, cryptocurrency exchanges are more direct.

Furthermore, the use of blockchain and cryptocurrencies gives cybercriminals a sense of anonymity. However, this perception is deceptive because, in line with the fundamental transparency principle of the blockchain, most cryptocurrencies rely on public blockchains where transactions are not encrypted. Thus, it’s possible to trace the origin of a transaction and follow it back. If cryptocurrencies are exchanged for fiat currency, it becomes possible to trace back to the bank and identify the individual behind the criminal activity.

Despite security challenges, blockchain and cryptocurrencies have gained the trust of many large companies. Since 2021, PayPal has allowed its users to buy, hold, and sell cryptocurrencies from their accounts. Meanwhile, Tesla invested $1.5 billion in bitcoin in 2021, and Google’s parent company, Alphabet, invested $1.506 billion in blockchain companies between 2021 and 2022. Faced with these advancements, in 2021, the Republic of El Salvador even made bitcoin an official currency, marking a significant milestone in cryptocurrency acceptance.

However, to become the future of the Internet, blockchain and cryptocurrencies must continue to strengthen public trust by addressing security challenges.

Lucie Speyser

Master 2 Cyberjustice – Promotion 2023-2024

Sources : 

Laisser un commentaire

Ce site utilise Akismet pour réduire les indésirables. En savoir plus sur comment les données de vos commentaires sont utilisées.