How Cryptocurrency Gave Birth to the Ransomware Epidemic

Ransomware gangs are targeting everyone from large and small businesses and government agencies to hospitals and schools.

This article is a writeup of the sixth episode of CRYPTOLAND, Motherboard’s documentary series about how cryptocurrency is affecting culture, politics, the environment, and our shared future. Watch it on Motherboard’s YouTube.

Ransomware has become an epidemic on the internet, targeting businesses, government agencies, hospitals, and schools, with hackers attempting to extort victims.

Advertisement

It’s a decades old problem, but it has become prevalent in the last few years, when dozens of cybercriminal gangs have started developing their own ransomware, or creating affiliate programs where the ransomware creators share the code with others in exchange for a cut of the proceedings. Initially, hackers targeted individuals, asking for a few hundred dollars in Bitcoin, but now they go after bigger targets, which they can extort for larger amounts, and which cannot afford to remain without access to their computers and servers, such as Colonial Pipeline

Affton High School in Missouri is just one of around 1,000 U.S. schools hacked last year with ransomware. On Feb. 24, 2021, all the school’s systems were affected by a ransomware attack. 

On that day, Adam Jasinski, the director of technology for the school’s district, woke up to an email from a teacher that contained a screenshot of a ransom note. 

“I knew something was wrong right away because I can see that the screen I use on the desktop and it was blue,” Brian Esselman, a teacher at the school, told Motherboard. “It said some very rude things of course and I realized right away that this was a problem.”

Jasinski rushed to work, “panicking the entire time” he was driving, he said.

He then checked the server room, while the superintendent called off the school day. 

Advertisement

“Every byte on any types of your devices was encrypted. Don’t try to use backups because it were encrypted too,” the ransom note read. “To get all of your data back. Contact us.”

Jasinski said he quickly concluded that the hackers had stolen data from the school district’s HR department containing social security numbers and other personal data of around 1,000 people.   

Luckily, the school’s backups were not impacted. So Jasinski did not even have to contact or engage with the hackers at all. 

When ransom payments do happen, companies like Chainalysis can track the Bitcoin through the blockchain, identifying the hackers’ wallets and collaborating with law enforcement in an attempt to recover the funds or identify the hackers themselves. 

Subscribe to our cybersecurity podcast, CYBER. Subscribe to our new Twitch channel.

Tagged:

cybersecurity, hackers, Infosec, crypto, ransomware, worldnews, cryptoland

More
like this
Russia Released a Ukrainian App for Hacking Russia That Was Actually Malware
European Cops Helped 1.5 Million People Decrypt Their Ransomwared Computers
Meet the Vigilantes Who Hack Millions in Crypto to Save It From Thieves
Discord Is the World’s Most Important Financial Messenger, and a Hotbed for Scammers
Hackers Say They Can Unlock and Start Honda Cars Remotely
Hacker Advertises ‘Crappy’ Ransomware on Instagram
Apple Announces 'Extreme' Privacy Mode for Targets of Government Spyware
Meet the Blockchain Detectives Who Track Crypto’s Hackers and Scammers