This is part of "Blockchain Decoded," a series looking at the impact of blockchain, bitcoin and cryptocurrency on our lives.
The Winklevoss twins aren't the only ones getting rich off cryptocurrency. Criminals are raking it in too.
Thanks to the meteoric rise of bitcoin over the past year, you've probably heard of cryptocurrency, or digital money that uses blockchain encryption technology for transaction security. By mid-December, the value of one bitcoin reached more than $19,000. It's since fallen below $7,000, though it's recovered some ground over the past week.
Bitcoin is the best-known cryptocurrency on the market. However, there are more than 1,500 cryptocurrencies out there, some with goofy names like Dogecoin, PinkDog and Californium.
Before you get too excited about using or trading this new form of money, be aware that cryptocurrencies are rife with criminal activity. Cryptocurrency, for instance, is the preferred form of payment when hackers lock up your computer for ransom, such as in last year's widespread WannaCry attack. Likewise, there are viruses that turn computers into slave machines mining for cryptocurrency. Hackers have also created malware disguised as cryptocurrency apps, tricking folks who think they're cashing in on the trend.
"It's usually being used for something illegal," said Steve McGregory, the application and threat intelligence director at security firm Ixia. He estimates that 99 percent of illegal activities online use cryptocurrency.
This is cryptocurrency's dark side, which sometimes gets lost in the hype over the rocketing value of
and its brethren. But just as digital currency has turned into a hot new investment vehicle, it's given hackers and cybercriminals new opportunities for exploitation.
Even old-school cons have taken a new blockchain twist, with consumers excitedly buying new forms of cryptocurrency only to find they're little more than hot air and false promises.
"With cryptocurrency, it's like choose-your-own adventure," said Rick Holland, a cybercrime researcher at security company Digital Shadows. "People can pick so many routes to target victims now."
Hide the money
The reasons that cryptocurrency has become a trusted, valued form of money are the same reasons it has become an invaluable asset for cybercriminals, who want to get paid for their efforts.
All cryptocurrency transactions use a mix of public and private keys to keep payments secure and, in some scenarios, completely secret. You can see where the money goes and which wallets its headed to. But if you can't link the wallet to a person, the identity remains secret.
Watch this: Cryptojacking: The hot new hacker trick for easy money
"The cryptocurrency world allowed bad guys to start collecting in ways that made them less vulnerable to being identified or caught," said Michael Kaiser, the former executive director of the National Cyber Security Alliance.
That cover has helped boost the ranks of cybercriminals, despite the nascent efforts of governments to crack down. For example, the European Union and the UK are working to crack down on the anonymous nature of cryptocurrency, out of concern that it helps terrorist groups and their money-laundering efforts.
"We should be looking at these very seriously precisely because of the way they can be used, particularly by criminals," British Prime Minister Theresa May told Bloomberg last month.
Botnets, a mass of hijacked computers under the control of a hacker, were once primarily used to fire off spam emails or initiate distributed denial-of-service attacks, which essentially block a website by overwhelming it with traffic.
But with cryptocurrency, hackers found another purpose for botnets: making money.
Cryptocurrency is bought and sold, but it must also be mined, or verified, with immense computing power. Given the processing chops needed to mine cryptocurrency, the cost of the electricity to run the machines can be higher than the mining revenue. But if you're not using your own computer, there's little expense eating into your profits. When the Mirai botnet hit in 2016, hackers took control of thousands of connected devices around the world.
"We were expecting DDoS attacks, but then we started seeing loads of people dropping bitcoin-mining payloads on the routers and cameras," McGregory said. "If you get thousands of these, you can make money off of someone else's machine and it's easy pickings."
McGregory spotted malware designed to stay hidden on hacked machines and mine for cryptocurrency in the background. If you owned one of these computers, the effect would be a dramatic slowdown in performance. And that wasn't even a sophisticated attack.
McGregory said mining apps in the Google Play Store have been downloaded more than 10 million times. He's found them in fake puzzle games, crosswords and tic-tac-toe apps. He's also spotted one called Reward Digger, in which the player earns virtual coins but in actuality is helping hackers mine bitcoin.
If you can't mine cryptocurrency or get a botnet to do it for you, there's always the old-fashioned way: stealing it.
Because of the anonymity of transactions, a victim doesn't know what happened until it's too late. Since Kaspersky discovered it, the trojan has stolen 23 bitcoins, now worth around $210,000.
"Lately, we've observed an increase in malware attacks targeted at different types of cryptocurrencies, and we expect this trend to continue," Sergey Yunakovsky, malware analyst at Kaspersky Lab, said in a statement.
In December, NiceHash, another cryptocurrency mining marketplace, said it had been hacked to the tune of $62 million. And unlike money stolen from a bank, police can't find it and victims won't ever get it back.
Old crimes, new tech
The connection between cryptocurrency and crime is only going to get worse as investments continue to boom.