How can ransomware be so prevalent when there is such a clear money trail to the attackers?

They use alternative methods from traditional credit card/wire transactions, namely prepaid cards and crypto-currency like bitcoin. This is because it's much easier to stay hidden this way.

This article outlines more information if you're interested: TeslaCrypt: Following the Money Trail and Learning the Human Costs of Ransomware


The nefarious attackers do not leave a trail because they ask for payment using these methods:

  1. Bitcoin: you can pay without without needing an intermediary - banks. Even if it is true that Bitcoin payments can be traced via the transaction chain that remains stamped on the currency thanks to the block chain, which includes IP address information (not reliable since Bitcoin relies on the Tor network), there are methods for cleaning Bitcoins to make them anonymous. Note that systems quivalent to Bitcoin exist and can be used for the same purpose.

  2. Prepaid Gift Cards (Starbucks, Best Buy, Target, Macy’s ... and even Amazon): you can buy them in person with cash.

  3. Prepaid Credit cards which can make many purchases online as they are just as valid as a credit card (Visa, MasterCard ...)

Note that CryptoWall (ransomware) used for example as payment tool MoneyPak.

Tags:

Ransomware