Last week, the alleged kidnappers of Anne-Elisabeth Hagen, the wife of the Norwegian multi-millionaire real estate investor Tom Hagen, demanded a ransom of €9 million worth of Monero (XMR), a cryptocurrency known for allowing blockchain transactions that are exceptionally private, and therefore extremely difficult to trace.
Earlier that week, the alleged kidnappers of a nine-year-old girl South African girl named Linathi Titshala demanded payment of 5 BTC (bitcoins) in a similar fashion. The kidnappers said her family had 48 hours to respond, or all communications would cease. South African anti-crime website and Facebook group Western Cape Gangwatch received the ransom demand, along with a bitcoin wallet address and instructions. The wallet address provided was “1Bk4TQzDXhxGgMwrXcaFhViSyoT9GLk2kN” (if that sounds like techno nonsense to you, just think of a wallet address as an email address to which you may send cryptocurrency over the Internet). At the time of writing – well over 48 hours past the time the original message was sent – this wallet had only recorded two transactions: one transaction in which it received 0.01686698 BTC from the wallet address “bc1q6whav0eww9djwfrcyj4q4cv2ktmdr9hg6yq226,” and one in which it sent 0.0168602 BTC to a wallet with the address “3NnF1RTgvUXUhZ2oABVoTXeGut23TsSpdS.”
There has been an increasing number of cases like these in the past few years. In 2017 Pevel Lerner, an executive of a U.K.-registered cryptocurrency exchange called Exmo, was kidnapped by an armed gang in Ukraine in 2017. He was freed after he paid a $1 million ransom worth of bitcoin. Last year in January, a man from Moulsford, Oxfordshire was held up at gunpoint in his own home and ordered to transfer all of his bitcoins to an address presumably owned by the robbers.
Crypto-related hacking attacks are up as well. Cybercriminal attacks against Internet users have been increasing since 2016, with criminals remotely and anonymously extorting cryptocurrency from Internet users through malicious emails and ads on websites, phishing attacks, or other means. After the massive spike in crypto prices in late 2017, there was a 600 percent increase in crypto ransomware attacks compared to 2016, according to data from Symantec’s ISTR 23 report. Many of the attacks responsible for the marked increase were due to a practice called “cryptojacking,” in which hackers hijack the computing power of someone’s device in order to mine cryptocoins. The victim gets stuck with a slow machine and a rising electricity bill, while the hacker benefits from essentially free bitcoin mining (or free Monero mining, as the case may be). According to the same report, this coincided with an increase in mining activity that year – when people started mining bitcoin more, cryptojacking attacks increased by 8,500 percent.
So, why is all of this happening? Well, part of it is because cryptocurrency does exactly what it’s designed to do – transact digitally in ways that are usually difficult to track. It turns out that this is an extremely attractive feature for criminals. Go figure.
As for kidnapping and ransoming human beings with crypto, the unfortunate reality is that cryptocurrency has revolutionized crime. In the days before bitcoin, it was much harder to conduct a ransom. In addition to the risks of kidnapping someone, exchanging the money necessitated the kidnappers putting themselves in a vulnerable position – someone had to pick up the suitcase full of cash, after all. Now, there is no suitcase. There isn’t even any cash.
Being a cybercriminal has never been easier. That said, profiting from mining is getting harder, which means profiting from cryptojacking is also getting harder – especially as cybersecurity firms beef up software to catch and destroy known cryptojacking software.
Perhaps this is the reason why digital crime is crossing over into the real world. Unfortunately, that means that crypto crime has begun to cause more damage than lost bitcoins or software issues. Now, the consequences could be life threatening.