The arrival of fresh technology often ushers in a new kind of criminal looking to capitalize on it. Think about how hacking took off with the internet's birth or how phone scams sprouted with the spread of landlines.
You might expect a similar scenario for cryptocurrency, but surprisingly, old-school tactics still prove most effective for those targeting crypto users.
Apart from the occasionally publicized crypto hacks, the general security of cryptocurrency remains robust against hacking efforts – provided that users adopt wise practices.
However, a recent wave of kidnappings has shown us that when it comes to swiping cryptocurrency, some individuals still resort to the good old brute force approach.
13 Year Old Boy Kidnapped for Bitcoin
On May 20thof this year, thirteen year old Katlego Marite was seized while enjoying time near his residence in Witbank village, South Africa.
Three men drove up, snatched the child in plain sight, and sped away – but not without leaving a ransom note along with a crypto wallet address.
The note demanded the family hand over 15 BTC or face not seeing their boy again. The deal required 1 BTC to be delivered the following day, with the rest expected within the week.
The child's family was overcome with worry, especially because they didn't even know what Bitcoin was or how to ensure their son's safe return.
Thankfully, the boy made it home unharmed a few days later. Whether the ransom was met remains known only to South African authorities, who refuse to disclose further information.
#sapsMP #SAPS PC Lt General Zuma was relieved that Katlego Marite (13) from Tasbet Park in Witbank, abducted by anonymous individuals on 20/05, had been found. Gen Zuma praised the efforts of SAPS, the community, and family in securing Katlego's return. https://t.co/5btr0nOFTF pic.twitter.com/hR4g8trIjG
— SA Police Service ???????? (@SAPoliceService) May 24, 2018
If the BTC was indeed deposited into the wallet, it might have already jump through several pre-made addresses; laundered through countless currency exchanges using privacy coins, landing in an exchange somewhere, before being acquired by an unsuspecting crypto enthusiast.
EXMO Exchange Analyst Nabbed for $1 Million
On December 26thin 2017, an EXMO cryptocurrency exchange analyst in Ukraine was forcibly dragged into a vehicle and whisked away by masked men. ransom demand demanded $1 million worth of Bitcoin for his freedom. They then waited.
By May 29thAfter the ransom transaction, the analyst, Pavel Lerner, was set free. Yet, the identity of those who paid for Lerner's liberation remains a mystery. The presumption was that Lerner was targeted due to his supposed access to extensive funds, though in reality, he didn't have such access.
Pavel Lerner, Image from DW.com
EXMO, Lerner's employer, issued a statement emphasizing that no action was taken by them, making it clear their operations were unaffected by the incident.
Keep Your Friends Close…
The line distinguishing ally from aggressor can blur significantly when money is on the table. One individual learned this the hard way last December when an acquaintance misled him into a supposedly legit minivan claiming it was an Uber, then brandished a gun and demanded his Ledger Nano S , along with the 24-word wallet phrase.
The victim, whose identity remains concealed, was holding over a million dollars’ worth of Ether when ambushed.
The attacker, Louis Meza, aged 35, acquired the hardware wallet and the access phrase but blundered with two grave missteps.
Firstly, he was caught on nearby security cameras escorting his victim to retrieve the wallet, incidentally revealing his identity to the authorities.
And perhaps the most fatal error, he transferred the crypto directly to an exchange, converting it to Bitcoin, a move that left an obvious trail for law enforcement. Meza was apprehended, and it makes you wonder why he didn't just secure the Ether on his own hardware wallet.
Louis Meza appears in court, Image from Bitcoin.com
Meza pieced together information about the Ethereum stash due to the victim's overly boastful conversation at a bar. Next thing, he's in a faux taxi with a weapon at his head.
Curiously, upon converting Ether to Bitcoin, the latter's value surged quicker than Ethereum's, resulting in the victim receiving back more than what was purloined initially.
Ransomware
Some ways of extracting crypto from unaware individuals are more understated, yet rely on age-old strategies.
Ransomware has been a scourge, extorting money from people since its inception. late 80’s It typically manifests as malicious software that encrypts personal data, demanding payment for its return.
Recently, cryptocurrency users have encountered ransomware surprises, where the scammer, or an automated script, preys on private keys.
In 2013, the infamous CryptoLocker A particular botnet executed this tactic. The CryptoLocker program threatened its victims with a three-day pay window via Bitcoin, Ukash, or a pre-paid voucher, else their private key would vanquish.
Estimates of individuals who've paid up vary wildly, with some reports suggesting 40%, while others report fewer than 1% succumbed financially. Nonetheless, once addresses associated with the scammer became public, they indicated an overall movement of approximately $27 million.
By the time affected users reclaimed their funds, albeit with law enforcement aid, the scammer pocketed around $3 million, destined not to be seen again.
Conclusion
For all the benefits cryptocurrency provides over traditional banking – and they are numerous – it suffers from a singular flaw that banks don’t: security.
If someone shoves a gun in your face demanding your bank card, you can hand it over, then simply cancel it once safe. Even if they managed to use it, traced transactions are almost inevitable. Ultimately, chances are high that even if a thief spent your money, banks are insured and would likely reimburse you promptly upon verifying the theft.
With cryptocurrencies, the onus lies on the user for safeguarding their finances, with all the inherent challenges. In essence, the human element remains the weakest link in crypto security, rendering factors like two-factor authentication moot in the face of immediate threats like a kidnapping or gunpoint coercion.
It’s worth mentioning that these sporadic crypto kidnappings only began garnering attention since late 2017 – a period coincident with rapid market bullishness.
It appears that both investors and criminals are equally attuned to market movements.
