While it would make the basis of a good book – and maybe some day will – the use of Bitcoin as part of the hack of Colonial Pipeline – i.e. as the currency that the hackers asked to be paid in – has clearly demonstrated how cryptocurrency can be ably used by criminals. It also raises some big questions for cryptocurrencies that, while they are valued for their privacy benefits, facilitate illegal activity.
Hacker group DarkSide was paid a ransom of US$4.4m for the Colonial Pipeline hack – in Bitcoin. However Monero is being used by some criminal syndicates because of its privacy benefits, a trend noted by members of the Monero Space Workgroup themselves and cyber security specialists Digital Shadows. There is an expectation in some quarters that criminals may turn away from Bitcoin and start asking for payment in Monero instead.
This is partly because the FBI has retrieved over half of the ransom paid by Colonial Pipeline by getting access to one of the wallets being used by DarkSide. Exactly how this was achieved is still open to question, and it is unlikely that either the FBI or DarkSide will ever tell us. But it may cause criminals to explore other opportunities.
The leading cryptocurrency for privacy
Monero has set out its stall as the leading cryptocurrency focused on private and censorship resistant transactions. Its creators argue that competitor currencies rely on highly transparent blockchains that make it much easier to be linked to real world identities. Every user of Monero is anonymous by default.
It should be noted that only a tiny fraction of the users of Monero are actually criminals. Interestingly though, the issue raises the question of whether law enforcement can really treat a digital currency like a financial institution – e.g. a rogue offshore bank. After all, the US dollar has been used to pay ransoms to criminals, and many criminals hold millions of dollars in cash, yet nobody blames the US Treasury for this.
But Monero also feels like a company in other respects – for example, over $500,000 was recently donated to the Monero project to help fund development. The donation was made to the Monero General Fund, which is managed by the currency’s Core Team, and will be used to further develop the technology and infrastructure that underpins the project. This could include web hosting, ARM buildbots and to pay the salary of at least one contractor. Monero continues to receive funding from a network of over 500 developers all over the world. In this respect, it sounds like a tech company. Where do you draw the line?
How is Monero able to remain so private?
Because Monero is prized for the additional privacy it offers, thanks to the use of so-called stealth addresses. Individual transactions are mixed together making it very hard to track the spending patterns of an individual on the network. This could well prove to be attractive for criminals. One of the key problems crooks face – whether it is collecting money from ransoms, or moving illegal money around the world (e.g. profits from narcotics transactions) – is a lack of anonymity and the difficulties they face transferring cash into reputable banks.
One FBI agent once explained it to me as the challenge of turning a mound of cash in Colombia into something you can take out of an ATM in Miami. That task is far more difficult now than it was when I was covering money laundering and organised crime on a regular basis.
Will Monero’s use by crime syndicates pose a systemic problem for the currency? At this stage I would say not. Much will depend on the degree to which it is being used versus other alternatives. like Bitcoin. The recent Colonial Pipeline incident will have hackers revising their views on Bitcoin and asking just how the FBI managed that clawback. That could make them consider Monero as an alternative. But law enforcement would in turn need to be satisfied that significant criminal activity was concentrating in just one place to justify moving against it. Monero would be vulnerable if that were to happen, but right now criminals still have plenty of other options in the cryptocurrency universe.
The author covered the finance of organised crime in Central America, former USSR and Southeast Asia while co-editor of the Financial Times Fraud Report.