As the Trump administration gets increasingly keen on crypto, some security pros see both potential benefits and drawbacks for ransomware adversaries.
Crypto news from the White House so far includes an announcement of a Bitcoin Reserve, the appointment of David Sacks as a “crypto czar,” and an SEC dismissal of enforcement actions against the Coinbase exchange. There’s even a “$TRUMP” memecoin, and a new dollar-backed stablecoin.
Whether ransomware adversaries thrive or take a dive under a more crypto-friendly federal administration will likely depend on regulations against the virtual currencies that have provided ransomware perps plenty of profit and anonymity, two security pros told us.
“I think, ultimately, it’s going to come down to what the regulatory environment looks like there. If it’s an adjustment and a change to how we track these things, then there’s new [enforcement] opportunities. If it’s blanket cutting there, I do not see that as hindering ransomware payments so much as keeping them at the status quo,” Jason Baker, managing security consultant for threat intelligence at GuidePoint Security said.
Anon factor. Cryptocurrency, with its decentralized digital ledger known as the blockchain, has been tough for law enforcement to track, according to Johnathon Miller, VP of security operations at managed detection and response company Lumifi Cyber.
“There’s not a single authority that really controls it, and since they’re reported inside of the blockchain and the identity is not really tracked for the parties that are involved, it essentially keeps this layer of protection for those threat actors,” Miller said.
Cryptocurrencies like Bitcoin operate on a pseudonymous system, meaning currencies are associated with wallet addresses instead of personal identities.
“There’s no real-world identity that’s really connected to those accounts,” Miller told us.
Tales from the crypto. Costs of hacking cryptocurrency platforms reached $2.2 billion in 2024, according to findings from Chainalysis—a year over year increase of over 21 percent. Crypto-related scam revenue also grew between 2023 and 2024.
Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
In the first half of 2024, the average extortion demand per ransomware attack reached over $5.2 million, according to an October 2024 report from TRM Labs.
On March 21, the US Treasury removed sanctions on Tornado Cash—a virtual currency mixer that the department, in 2022, said allowed DPRK-based Lazarus Group threat actors to launder millions.
Open for business. Stablecoins, in theory, are pegged to assets like gold and the insurer commits to fully collateralizing the claim. The currencies have caught the attention of facilities like Bank of America and the president himself. World Liberty Financial, a cryptocurrency venture launched by Trump last year, announced plans to release USD1, a stablecoin reportedly tied to the dollar.
Miller has faith that an openness to stablecoins will lead to a crackdown on threat actors.
“As they become more integrated within the national financial systems, [they’re] likely going to face increased scrutiny and regulations from government, because they’re going to want to ensure that they’re not being used for illegal activities, including money laundering, tax evasion, and ransomware attacks,” Miller said.
IRS requirements for 2025, for example, have called for some digital asset sales or exchanges to be reported.
As the value of cryptocurrency increases,, the attractiveness of performing ransomware operations that pay out in cryptocurrency does too, Baker said.
“If I’m going to get paid today for a ransom, and then tomorrow, that ransom that I got paid is going to keep going up in value? That’s a heavy incentive for a financially motivated threat actor.”