Source Code: Your daily look at what matters in tech.

fintechfintechauthorBenjamin PimentelNoneGet access to the Protocol | Fintech newsletter, research, news alerts and events.f6ea366a38
×

Get access to Protocol

Your information will be used in accordance with our Privacy Policy

I’m already a subscriber
Protocol | Fintech

Bitcoin’s star is rising. Cybercriminals are looking to cash in.

Even with the crypto market's recent pullback, bitcoin's value has more than tripled in a year. And the wave of novices entering the field are attractive targets.

Handcuffs next to bitcoins

Crypto crime is rising along with the surge in the value of digital currencies.

Photo: Bermix Studio/Unsplash

Bitcoin and other cryptocurrencies reached new heights of popularity this year, propelled by Elon Musk's tweets, Coinbase's blockbuster IPO and bitcoin's growing acceptance as an investment and store of value.

But a new report points to a downside: Criminals are trying to cash in on the growing interest in bitcoin and crypto. In fact, as the price of bitcoin has risen, so has the number of cyber attacks, a report published Tuesday by Barracuda Networks said.

"The danger is absolutely out there," Fleming Shi, Barracuda's chief technology officer, told Protocol. "That correlation between attacks and cryptocurrency value is stunning."

The Barracuda report focused mainly on bitcoin, whose value soared by more than 500% between October 2020 and April 2021. In that same period, the number of crypto-related attacks, including phishing impersonations and business email compromise incidents, jumped 192%, the security software company said.

The report used natural language processing technology to track online threats related to bitcoin and other cryptocurrencies. Threats related to non-bitcoin currencies was "a small portion of overall attacks," most of which cited bitcoin, the company said.

Bitcoin's price has fluctuated since mid-April, when it peaked near $65,000 around the time Coinbase shares began trading. In October, it traded around $10,600. Bitcoin's price was around $34,000 on Monday, according to CoinMarketCap.

That rally coincided with bitcoin's rising profile, pushed higher by news like Tesla's decision to take bitcoin as payment for cars, since reversed over concerns about bitcoin's environmental impact.

All that attention triggered more trading volume, which criminals quickly saw as an opportunity to strike, Shi said: "That drives the criminals to think, 'OK, now I can actually do a mass phishing campaign. I can get people to click on things more easily.' …As it becomes more popular, as it becomes more mainstream, they're leveraging that."

In general, bitcoin and other cryptocurrencies are considered "a perfect currency for criminal activity" since they are "unregulated, difficult to trace and increasing in value," the report said. Cybercriminals have sent emails to employees of specific organizations to entice them "to purchase bitcoin, donate to fake charities or pay a fake vendor," the report said.

Cryptocurrency advocates dispute the idea that bitcoin and other digital currencies are uniquely suited for crime, arguing that cash is harder to trace and used for more illicit transactions.

To the chagrin of crypto enthusiasts, though, bitcoin has emerged as the payment of choice in ransomware attacks. This was underscored in June when the FBI and the Justice Department announced they had recovered $2.3 million in bitcoin ransom paid to DarkSide, the criminal group that hacked Colonial Pipeline.

The Barracuda study offered insights into ransomware, which Shi said is definitely on the rise. The typical ransom demand has also been rising sharply, from "a few thousand dollars to $2 million" in 2019, to up to more than $20 million in 2021, the report said. "A majority of them are over $10 million ransom asks," Shi said.

He speculated that the spike in ransomware attacks was based on the belief of criminals that bitcoin and crypto offer them total anonymity. "When blockchain and cryptocurrency came out, it felt very secure for the bad guys," he said.

But as the Colonial Pipeline case demonstrated, he said, "While cryptocurrencies are hard to trace, they're not untraceable. With enough effort, you will get there."

And the trend toward higher ransom demands suggests "fewer organizations are actually paying the ransom and choosing to take the hit," the report said. This has led criminals to make bigger ransom demands, which has also prompted more ransomware targets to turn to law enforcement for help, Shi said.

Protocol | Fintech

Amazon wants a crypto play. Its history in payments is not encouraging.

It missed chances to be PayPal, Square and Stripe — so is this its chance to miss being Coinbase, too?

Amazon wants to be a crypto player.

Image: NurPhoto/Getty Images

The news that Amazon was hiring a lead for a new digital currency and blockchain initiative sent the price of bitcoin soaring. But there's another way to look at the news that's less bullish on bitcoin and bearish on Amazon: 13 years after Satoshi Nakamoto's whitepaper appeared on the internet, Amazon is just discovering cryptocurrency?

That may be a bit unkind, but the truth is sometimes unkind. And the reality is that Amazon has a long history of stumbles and missed opportunities in payments, which goes back more than two decades to the company's purchase of internet payments startup Accept.com.

Keep Reading Show less
Owen Thomas

Owen Thomas is a senior editor at Protocol overseeing venture capital and financial technology coverage. He was previously business editor at the San Francisco Chronicle and before that editor-in-chief at ReadWrite, a technology news site. You're probably going to remind him that he was managing editor at Valleywag, Gawker Media's Silicon Valley gossip rag. He lives in San Francisco with his husband and Ramona the Love Terrier, whom you should follow on Instagram.

Over the last year, financial institutions have experienced unprecedented demand from their customers for exposure to cryptocurrency, and we've seen an inflow of institutional dollars driving bitcoin and other cryptocurrencies to record prices. Some banks have already launched cryptocurrency programs, but many more are evaluating the market.

That's why we've created the Crypto Maturity Model: an iterative roadmap for cryptocurrency product rollout, enabling financial institutions to evaluate market opportunities while addressing compliance requirements.

Keep Reading Show less
Caitlin Barnett, Chainanalysis
Caitlin’s legal and compliance experience encompasses both cryptocurrency and traditional finance. As Director of Regulation and Compliance at Chainalysis, she helps leading financial institutions strategize and build compliance programs in order to adopt cryptocurrencies and offer new products to their customers. In addition, Caitlin helps facilitate dialogue with regulators and the industry on key policy issues within the cryptocurrency industry.
Protocol | Enterprise

How Google Cloud plans to kill its ‘Killed By Google’ reputation

Under the new Google Enterprise APIs policy, the company is making a promise that its services will remain available and stable far into the future.

Google Cloud CEO Thomas Kurian has promised to make the company more customer-friendly.

Photo: Michael Short/Bloomberg via Getty Images 2019

Google Cloud issued a promise Monday to current and potential customers that it's safe to build a business around its core technologies, another step in its transformation from an engineering playground to a true enterprise tech vendor.

Starting Monday, Google will designate a subset of APIs across the company as Google Enterprise APIs, including APIs from Google Cloud, Google Workspace and Google Maps. APIs selected for this category — which will include "a majority" of Google Cloud APIs according to Kripa Krishnan, vice president at Google Cloud — will be subject to strict guidelines regarding any changes that could affect customer software built around those APIs.

Keep Reading Show less
Tom Krazit

Tom Krazit ( @tomkrazit) is Protocol's enterprise editor, covering cloud computing and enterprise technology out of the Pacific Northwest. He has written and edited stories about the technology industry for almost two decades for publications such as IDG, CNET, paidContent, and GeekWire, and served as executive editor of Gigaom and Structure.

Amazon job opening points to plan to accept crypto payments

The news sparked a rally in the values of bitcoin and other cryptocurrencies.

Amazon may be planning to let customers pay for orders with cryptocurrencies.

Photo: David Ryder/Getty Images

Amazon is looking to hire a digital currency and blockchain expert suggesting a plan to let customers accept cryptocurrencies as payments.

The tech giant's job opening says Amazon is looking for "an experienced product leader" to help develop the company's "digital currency and blockchain strategy and roadmap" Amazon is looking for product leader with expertise in blockchain, distributed ledger, central bank digital currencies and cryptocurrency.

Keep Reading Show less
Benjamin Pimentel

Benjamin Pimentel ( @benpimentel) covers fintech from San Francisco. He has reported on many of the biggest tech stories over the past 20 years for the San Francisco Chronicle, Dow Jones MarketWatch and Business Insider, from the dot-com crash, the rise of cloud computing, social networking and AI to the impact of the Great Recession and the COVID crisis on Silicon Valley and beyond. He can be reached at bpimentel@protocol.com or via Signal at (510)731-8429.

Protocol | Policy

Big Tech tried to redefine terrorism online. It got messy fast.

The Global Internet Forum to Counter Terrorism announced a series of narrow steps it's taking that underscore just how fraught the job of classifying terror online really is.

Erin Saltman is GIFCT's director of programming.

Photo: Paul Morigi/Flickr

A little over a month after the Jan. 6 riot, the tech industry's leading anti-terrorism alliance — a group founded by Facebook, YouTube, Microsoft and Twitter — announced it was seeking ideas for how it could expand its definition of terrorism, which had for years been more or less synonymous with Islamic terrorism. The group, called the Global Internet Forum to Counter Terrorism or GIFCT, had been considering such a shift for at least a year, but the rising threat of domestic extremism, punctuated by the Capitol uprising, made it all the more clear something needed to change.

But after months of interviewing member companies, months of considering academic proposals and months spent mulling the impact of tech platforms on this and other violent events around the world, the group's policies have barely budged. On Monday, in a 177-page report, GIFCT released the first details of its plan, and, well, a radical rethinking of online extremism it is not. Instead, the report lays out a series of narrow steps that underscore just how fraught the job of classifying terror online really is.

Keep Reading Show less
Issie Lapowsky

Issie Lapowsky ( @issielapowsky) is Protocol's chief correspondent, covering the intersection of technology, politics, and national affairs. She also oversees Protocol's fellowship program. Previously, she was a senior writer at Wired, where she covered the 2016 election and the Facebook beat in its aftermath. Prior to that, Issie worked as a staff writer for Inc. magazine, writing about small business and entrepreneurship. She has also worked as an on-air contributor for CBS News and taught a graduate-level course at New York University's Center for Publishing on how tech giants have affected publishing.

Latest Stories