Ransomware Hackers Switched to Monero (XMR) Over Bitcoin Due To Increased Anonymity

Future victims of the crew behind the Sodinokibi Ransomware will have to pay with Monero, instead of Bitcoin, the group announced. They noted that combining the privacy coin with TOR will make the payments almost impossible to trace.

Hacker Group Replaces BTC With XMR

The infamous group behind the Sodinokibi Ransomware is now accepting the privacy coin Monero as a primary payment method instead of Bitcoin. According to a recent report, the crew believes that utilizing XRM will make it harder for law enforcement agencies to trace them. The ransomware operators had reportedly posted the transition to a hacker and malware forum:

“Due to CryptoNote and the obfuscation added to the protocol, passive mixing is provided: all transactions in the system are anonymous, and all participants in the system can use plausible denial in case of capture.

The combination of an anonymous browser Tor and Monero can quite successfully make a person’s financial activity completely invisible to the police and government agencies. We are extremely worried about the anonymity and security of our adverts, so we began a “forced” transition from the BTC to Monero.”

They will soon remove Bitcoin as means of payment entirely as well, the post explained. Also, future victims have to learn more about how Monero operates, how they can purchase it, and how to transfer it, when needed.

Interestingly enough, the popular cryptocurrency proponent, John McAfee, recently said that criminals are already utilizing privacy coins. This is “excellent” news since they are the “first to use every valuable technology.”

It’s also worth noting that on new year’s eve the same crew initiated a malware system attack on the London-based company, Travelex. Consequently, the foreign exchange firm had to pay nearly $2.3 million in Bitcoin.

By carrying out Sodinokibi, or REvil, attacks, the ransomware operators infiltrate organizations and encrypt sensible information. Later, they request the victim to pay a ransom, generally via cryptocurrencies, to receive access to the data.

TOR And Privacy Coins

Last year, Europol conducted a webinar on the exact combination between the open-source software TOR and privacy coins and warned about their united efficiency in another investigation:

“Since the suspect used a combination of TOR and privacy coins, we could not trace the funds. We could not trace the IP addresses. Which means, we hit the end of the road. Whatever happened on the Bitcoin blockchain was visible, and that’s why we were able to get reasonably far.

But with Monero blockchain, that was the point where the investigation has ended. So this is a classic example of one of several cases we had where the suspect decided to move funds from Bitcoin or Ethereum to Monero.”