Getty Images
The decline in the value of cryptocurrencies has created a cash rush that is pushing many underground exchanges to their breaking point.
According to research from security company Cybersixgill, cybercriminals are looking to protect their pilfered funds by moving them from cryptocurrencies to fiat currencies, forcing some prominent underground exchanges toward bankruptcy.
Operating on the dark web away from the prying eyes of law enforcement, the exchanges allow criminals to make transactions and potentially launder their ill-gotten gains by shifting the stolen funds from fiat cash to various cryptocurrencies — while paying the exchanges steep transaction fees for their discretion.
Ideally, the exchanges retain a healthy mixture of cryptocurrency and fiat money, without either being too heavily in demand. That, however, has changed amid the larger crash in cryptocurrency prices.
“As crypto prices fell, actors turned to these exchanges to dump it for fiat,” explained Dov Lerner, security research lead at Cybersixgill, in a blog post Thursday. “They quickly ran out of their dollar reserves (or their operators also feared losses from buying more crypto), and they ended operations.”
Cybersixgill analyzed 34 actors operating dark web exchanges this spring and found that none of them were advertising their platforms. While many of the actors were still active on hacker forums, none of them were promoting their exchanges after early April, when many cryptocurrency values plummeted.
Lerner noted that despite operating underground and spreading business by word of mouth in cybercrime forums, launching an underground exchange is no simple task and requires significant resources to get off the ground. As such, replacing the bankrupted exchanges will be no easy task, particularly as cryptocurrency prices continue to decline.
“Actors need to build reserves of several currencies and design mechanisms to accept payments in various platforms,” Lerner wrote. “They also need to market themselves to be discovered and build a reputation so they will be trusted.”
The forum traffic is also key to confirming that the shutdowns are likely to be long term, if not permanent. Lerner noted that many of the exchange operators have also gone quiet in cybercrime forums after years of almost daily postings to advertise their services, suggesting that a rebrand or relaunch is not planned.
“Generally, actors that run shops on the underground will promote them frequently on forums, even daily, to ensure that people know about them,” Lerner told SearchSecurity. “So if they aren’t posting about them anymore, I think it’s safe to say that they’re gone.”
With the exchanges going dark, Lerner said it will be more difficult for cybercriminals to shift their stolen money around. The researcher noted, however, that defenders should avoid getting too excited, as many of the largest and most prolific cybercrime groups will likely be able to continue operations unscathed.
“These exchanges are probably mostly used by less sophisticated actors, who will now be stuck without a way to swap funds,” Lerner said in the blog post. “[The] more advanced cybercrime groups, we imagine, have more complex ways to exchange and launder money and they will undoubtably find ways to continue doing so.”
Cybersixgill isn’t the only vendor to notice significant cryptocurrency activity on the dark web during the spring. Blockchain analytics vendor Chainalysis published a report Thursday on cryptocurrency mixers, which are designed to hide cryptocurrency transactions from governments and law enforcement. Chainalysis found that mixer usage reached an all-time high in mid-April, with a 30-day moving average of $51.8 million in cryptocurrency.
However, that 30-day average quickly fell to less than $20 million. Chainalysis noted that the spike in activity was largely driven by cybercriminals and nation-state threat groups such as North Korea’s Lazarus Group, which used mixers to obscure cryptocurrencies stolen from various victim organizations such as Axie Infinity game developer Sky Mavis.
Juniper has added three features to its AIOps networking assistant to improve troubleshooting and give more insights into the …
A Florida man has been charged with running a counterfeit operation that duped hospitals, schools, government agencies and the …
Vendors are pushing heavily on the benefits of predictive analysis to automatically identify and remediate network issues. But …
The credit union, one of the nation’s largest, is using the Salesforce platform to deploy chatbots that can handle a growing set …
The pandemic has sent many enterprises into survival mode, which altered the scope of the enterprise architect’s role once again,…
Bellabeat is a women’s health company that has added a private key encryption feature for app users to better protect their data.
The PC-as-a-service and device-as-a-service market is still developing and maturing, so organizations should learn who the major …
When organizations consider upgrading to Windows 11, they need to compare the Windows 11 system requirements to their existing …
Hybrid work puts corporate data at risk as employees use various devices to access company resources. Microsoft has worked to …
SaaS licensing can be tricky to navigate, and a wrong choice could cost you. To get it right, examine the different types of …
Walmart built its own cloud platform and tied it to two public cloud providers, creating a multi-cloud architecture that saved …
FinOps promises to help organizations gain more value from their technology spending, especially in the cloud. Do you have the …
Backup and recovery software provider Rubrik now sees itself as a cyber security company that helps organisations recover from …
Veeam is looking to achieve an ‘outsized market-leading position’ by tapping its strengths in data protection and doubling down …
The cyber threat landscape leaves firms with little room for error. In this handbook, focused on backup and recovery software in …
All Rights Reserved, Copyright 2000 – 2022, TechTarget

Privacy Policy
Cookie Preferences
Do Not Sell My Personal Info

source

Write A Comment