Monero is undoubtedly a big player in the cryptocurrency game. Whether it is trading, investing or mining, there are many reasons to get involved in this crypto. However, now Monero is being used for more illegal purposes i.e. by cyber criminals. So why is Monero becoming so popular with malicious actors?
What is Monero (XMR)?
Photo credit: beatingbetting.co.uk/flickr
Before we delve into how cybercriminals are using Monero, let’s give a quick overview of what it is.
Launched in 2014 by a group of developers (most unknown) via a Bytecoin hard fork, Monero has always been designed to offer users both privacy and anonymity. This peer-to-peer network can be traded like other major assets like Privacy Coin, XMR, Bitcoin, and Ethereum and uses a proof-of-work consensus mechanism called RandomX.
Since its inception, Monero has risen to become one of the most popular cryptocurrencies in the world, with a current price of around $170 (although it fluctuates constantly). Many people choose to trade and mine Monero to make a profit, but using this crypto can go way overboard.
Why exactly is this coin now being used so widely in the cybercrime industry?
Why is Monero used in cybercrime?
Credit: FXTM Thailand/Flickr
Monero’s proliferation in the cybercrime world is largely due to a key component of its design: anonymity.
Of course, most cyber criminals wish to remain anonymous at all times in order to evade authorities, so these malicious individuals are expected to do whatever they can to disguise their identities. This is where Monero can come in handy.
Today, Bitcoin is the most popular currency used by cyber criminals. Although using bitcoin offers much more privacy than traditional currencies, bitcoin transactions can still be tracked. All transactions are recorded and can be viewed on the Bitcoin blockchain. Recipient addresses can be viewed by the sender, exposing the recipient to search.
Additionally, each bitcoin in circulation is uniquely identifiable via its serial number, making wallet-to-wallet tracking even easier.
The tracking of illegal bitcoin payments was exposed in 2021 when the FBI seized the ransom money taken as part of the Colonial Pipeline ransomware attack. The ransom paid in Bitcoin was captured by Darkside’s ransomware-as-a-service partner, who used this type of ransomware to attack the company and steal its data.
News of the seizure spread quickly, and many malicious actors realized that using Bitcoin wasn’t as anonymous as they once thought. Because of this obvious risk of exposure, cyber criminals have decided to develop more covert methods to evade law enforcement. Using Monero is one way to do this.
Unlike Bitcoin and many other cryptocurrencies, Monero transactions do not share address information with the sender or recipient. Known as ring signature, this feature makes it incredibly difficult to trace the source or destination of Monero funds. This extra layer of anonymity allows cybercriminals to hide more easily.
Because of its potential risks, many exchanges, such as B. Coinbase, Monero not available for trading. This somewhat limits the use of Monero in the board setting above. For example, if a criminal wants to take their Monero earnings and sell them on their exchange, this may not be possible if the platform has delisted them. Other privacy tokens like Dash and ZCash have also been delisted from some exchanges for their involvement in illegal activities.
However, this by no means makes it impossible to profit from Monero. Many major exchanges, like Binance, still allow you to buy Monero, and many offer Monero trading pairs. Unfortunately, cybercriminals can still benefit financially from Monero.
How is Monero used in cybercrime?
More and more malicious individuals and groups are adopting Monero for payments. This includes Revil, one of the world’s most prolific ransomware-as-a-service (RaaS) operators. This dangerous group initially offered discounts to victims who chose to pay the demanded ransom using Monero instead of Bitcoin. But now, Reville demands all of its ransom payments in Monero.
Other ransomware groups are also known to add bonuses to the ransom, which is paid in Bitcoin instead of Monero. In fact, some groups now only accept payments in the form of Monero.
Another malicious entity known as Alphabay also used Monero in the course of their operations. Alphabay was a dark web marketplace operated as an onion service over the Tor network. While Alphabay initially only accepted Bitcoin payments, the service adopted Monero payments in 2016, which actually played a role in increasing the crypto’s popularity in illicit environments.
Monero is also used in cryptojacking. It is an illegal process of hijacking victim’s computer to mine cryptocurrency. This allows malicious actors to profit from crypto mining without incurring any upfront hardware, electricity, or maintenance costs. In many cryptojacking cases, Monero is chosen as the crypto to mine because the XMR rewards an attacker would receive from mining in this way would be unrecoverable.
Monero hard fork
In August 2022, the Monero blockchain underwent a hard fork to further increase the privacy level of the cryptocurrency. The hard fork included an increase in the size of the “rings” used in Monero’s Ring Signature feature. As the ring size increases, more transaction signatures can be merged, increasing each user’s level of anonymity within the network.
While this hard fork is good news for users in general, it also offers an increased level of anonymity for cybercriminals. The better a malicious actor can hide his identity, the more ideal it is for him, therefore, unfortunately, Monero’s privacy developments help these illegal individuals as well as legal users.
The use of Monero in cybercrime continues to increase
While many crypto traders still use Monero for legitimate reasons, there is no denying that its presence in the internet’s criminal underbelly is increasing with time. Given Monero’s high level of privacy and anonymity, it is not surprising that it has become a favorite among cybercriminals and it is likely that we will see increasing adoption in this illicit industry in the future.