Featured Article; Covid-19 and Crypto Crime: Cybercriminals Taking Advantage of the Crisis

Featured Article; Covid-19 and Crypto Crime: Cybercriminals Taking Advantage of the Crisis

This article was originally published on April 2nd 2020 by the Chainalysis team

This has been an incredibly difficult month for nearly everyone on the planet, and our thoughts are with those who have been directly impacted by COVID-19. As we adjust to the new normal of working from our living rooms and meeting via screens, we want to tell you — our customers, partners, and anyone else who cares about cryptocurrency — that Chainalysis is more focused than ever on your compliance and investigation needs. Crime doesn’t stop for a pandemic, and unfortunately, we’re seeing opportunistic criminals attempting to use the COVID-19 crisis for their own gain. That’s why we’re sending this note. 

Scammers appear to be taking advantage of the crisis to try and trick people into sending them cryptocurrency (as is usually their end goal). Some claim to be representatives of charities or organizations like WHO and ask for cryptocurrency donations to fund the purchase of masks and other medical supplies. Others claim to be selling supplies, or lists of infected individuals in the target’s area.

The good news is that based on the transaction activity of addresses we’ve investigated, these scams don’t appear to be very successful so far. In fact, scams as a whole took in less money in March than in previous months, suggesting that while Covid-19 provides a new narrative for scammers to use to try and fool victims, it isn't making them more successful. Still, we will be monitoring the situation and publishing more information on these scams as needed. We also anticipate that scammers may increase their efforts to target ordinary people, especially the vulnerable, when governments begin sending citizens relief funds, such as those outlined in the U.S. stimulus package passed last week. 

The other major threat right now is ransomware. Ransomware attackers have always targeted healthcare organizations due to their need to remain operational 24/7, and aren’t letting up now. Earlier reports that ransomware providers are “taking a break” due to the pandemic appear to be false, as hospitals in the U.S. and Europe have been targeted by attacks from ransomware strains such as Ryuk, Maze, Netwalker, and others. Employees of healthcare organizations must remain vigilant against phishing emails and make sure their operating systems are updated with the latest security patches.

We also call on everyone in the cryptocurrency industry — especially exchanges — to band together against these criminals’ efforts, as many of their counterparts in cybersecurity have done. Now more than ever, exchanges must enforce strict KYC and transaction monitoring policies. Denying cybercriminals the ability to liquidate illegally obtained cryptocurrency is the only surefire way to destroy their incentive to commit these crimes. We also recommend that exchanges warn their users of the scams we’ve described above.

In the meantime, please don’t hesitate to reach out to us if you have any questions or concerns. Please report any scams or ransomware attempts you see to us at flag-cluster@chainalysis.com, with addresses if possible. And finally, we encourage you to attend our upcoming webinars on the trends we’re seeing in cryptocurrency markets and criminal activity to learn more. Thank you, and please stay safe!


Read more about Chainalysis Reactor for investigations and KYT for transaction monitoring on the Chainalysis website.