An anonymous reader quotes a report from Ars Technica: While bitcoin leaves a visible trail of transactions on its underlying blockchain, the niche “privacy coin” monero was designed to obscure the sender and receiver, as well as the amount exchanged. As a result, it has become an increasingly sought-after tool for criminals such as ransomware gangs, posing new problems for law enforcement. “We’ve seen ransomware groups specifically shifting to monero,” said Bryce Webster-Jacobsen, director of intelligence at GroupSense, a cyber security group that has helped a growing number of victims pay out ransoms in monero. “[Cyber criminals] have recognized the ability for mistakes to be made using bitcoin that allow blockchain transactions to reveal their identity.”
Russia-linked REvil, the notorious ransomware group believed to be behind the attack this month on meatpacker JBS, has removed the option of paying in bitcoin this year, demanding monero only, according to Brett Callow, threat analyst at Emsisoft. Meanwhile, both DarkSide, the group blamed for the Colonial Pipeline hack, and Babuk, which was behind the attack on Washington DC police this year, allow payments in either cryptocurrency but charge a 10 to 20 percent premium to victims paying in riskier bitcoin, experts say. Justin Ehrenhofer, a cryptocurrency compliance expert and member of the monero developer community, said that at the beginning of 2020, its use by ransomware gangs was “a rounding error.” Today he estimates that about 10 to 20 percent of ransoms are paid in monero and that the figure will probably rise to 50 percent by the end of the year.