Tracking Bitcoin Wallets as IOCs for Ransomware
Bitcoins have become quite popular as a safe payment method for many over the last 2-3 years. However, not many know that this cryptocurrency has been in the dark for some time and is used mostly for ransomware and cyber extortion by people acting anonymously in the system. Most cyber criminals use Bitcoin primarily because it provides anonymity when making payments, acts as a global currency, and is an easy way of receiving and transferring. It has also been seen that careful tracking of bitcoin transactions can actually reveal correlations between various attacks.
That is why tracking bitcoin wallets as Indicators of Compromise (IOC) ads a lot of value. Tracking bitcoin wallet addresses as IOC has enabled to connect the dots between ransomware, shared infrastructure, TTPs (tactics, techniques, and procedures), wallet addresses, and attribution
Moreover, tracking bitcoin wallets as IOCs also helps in knowing whether the bitcoins in a transaction are going to a specific wallet address. This helps in narrowing down the wallet address. Thought using this approach may not give the exact reasons for an online ransomware, but tracking bitcoin wallets as IOCs can help in knowing the connections between ransomware.
Leave a Reply
You must be logged in to post a comment.