For Ransom, Bitcoin Replaces the Bag of Bills
In the old days, ransom payments were made with briefcases full of unmarked bills. These days, the virtual currency Bitcoin is the preferred method.
Around the world, in their quest for Bitcoins, hackers have seized files on millions of computers, taken down websites and even threatened physical harm. The victims – who have ranged from ordinary computer users to financial firms and police departments – are told the only way out is through a Bitcoin payment that is sometimes more than $20,000.
One set of attackers, believed to be in Russia and Ukraine, collected about $16.5 million in Bitcoins in a little over a month, primarily from victims in the United States, according to the security firm Sophos.
Criminals like the virtual currency because it can be held in a digital wallet that does not have to be registered with any government or financial authority – and because it can be easily exchanged for real money. A single Bitcoin can be sold online or on the street for around $290.
Bitcoin, which was released by an anonymous creator in 2009, has recently been gaining mainstream appeal. Start-ups in the industry have won investments from big names like Goldman Sachs and the New York Stock Exchange, which have praised the technology as a faster, more efficient way to complete financial transactions.
But the proliferation of ransom demands has provided an unhappy reminder of the virtual currency’s continuing appeal to the criminal underworld, long after the authorities shut down the online drug bazaar, Silk Road, where heroin and cocaine were sold using Bitcoin.
The latest reminder of Bitcoin’s underbelly came in July with the arrest of two Florida men. Theauthorities saidvictims of malware were steered toCoin.mx, a site run by the two men, to buy the Bitcoins to pay the ransom demanded by the malware. In a separate set of recent cases, security experts said, several financial firms were attacked by a criminal, or circle of criminals, going by the name DD4BC, who have threatened to overwhelm the firms’ public websites with message traffic unless a Bitcoin payment was made. These corporate victims are generally asked to pay about $10,000, the security experts said, and the attacks have shown no signs of abating.
“Do not ignore me, as it will just increase the price,” DD4BC said in one email that was public. “Once you pay me you are free from me for the lifetime of your site.”
Ted Weisberg, the president of the brokerage firm Seaport Securities, said his firm did not pay the ransom and repelled the bombardment of traffic with the help of one of its technical providers.
Bitcoin is run by a decentralized network of computers that collects no personal information about users. What’s more, Bitcoin transactions are designed to be irreversible, so victims cannot reclaim their money as they could with a credit card or PayPal transaction.
In late 2013, the first version of Bitcoin-fueled ransomware, known as CryptoLocker, began to spread around the globe.
The software encrypted all of the files on a computer and offered a key to unlock the files in exchange for a Bitcoin payment.
When an alliance of international authorities took down CryptoLocker in mid-2014 and identified the mastermind as a 30-year-old Russian named Evgeniy Bogachev,the group saidthat the software had spread to 234,000 computers. Since then, much more virulent strains havepopped up, most of them under the name CryptoWall.
In late 2014, Dell SecureWorks said CryptoWall had infected over 800,000 computers. New versions of the malware, going by names like TorrentLocker and Dirty Decrypt, have popped up frequently since then.
A police department in Durham, New Hampshire, that was hit by CryptoWall in June 2014, refused to hand over the ransom and wasable to revertto backup files. But more recently, police departments inDickson County, Tennessee, andTewksbury, Massachusetts, have said that they chose to pay the roughly $500 ransom.
Extortionists went after two longtime Bitcoin advocates last year. When one of the men, Hal Finney, refused to pay, the assailant called the local police and reported a murder at Mr. Finney’s home, resulting in a SWAT team taking over the home, thefamily has said. The other victim, Roger Ver, threw off his attacker byoffering a Bitcoin bountyof roughly $20,000 for his attacker’s arrest.
Some prominent supporters of Bitcoinhave suggesteddigitally marking any coins used for ransom payments, similar to how dollar bills used in hostage situations are marked with invisible dye.
But such solutions have been held up because of the value that many Bitcoin believers have put in the virtual currency’s unfettered free movement.
出處:紐時摘譯：網駭勒贖 比特幣是首選 - 打開聯合報 看見紐約時報 - udn城市http://city.udn.com/50132/5360386#ixzz40L8saKa8