Bitcoin is still the cryptocurrency that is ‘most abused’ by criminals, despite the introduction of privacy coins such as Monero, according to a new report from the Europol Internet Organized Crime Threat Assessment.

The report found that Bitcoin (BTC) is the asset most demanded by ransomware groups for their payment—presumably due to the ease with which non-savvy users can procure Bitcoin over assets like Monero (XMR).

Still, criminals tend to convert Bitcoin to stablecoins to avoid market volatility, especially when obtained through investment fraud, the Europol unit found. Law enforcement agencies are concerned with how effectively their persecution efforts are thwarted by non-compliant virtual asset service providers, especially when they are offshore-based.

AD

The report’s authors also shared concerns that the approval of spot Bitcoin ETFs could create new opportunities for scammers. The reasoning is that people with less crypto experience will likely gain access to Bitcoin-related investments that they do not fully understand, writes Europol. And the Bitcoin ETFs make the firms managing such investment products large-scale centralized targets.

“Companies issuing cryptocurrency ETFs will also have to hold large reserves in cryptocurrency, which might make them valuable targets for fraudsters,” they wrote.

Monero, crypto crime’s rising star

While Bitcoin remains the cryptocurrency most widely accepted by ransomware groups, the report explicitly mentions Monero as a sometimes accepted alternative. Europol describes Monero as a privacy coin and notes that other cryptocurrencies are often swapped for XMR to leverage its privacy features and facilitate the concealment of funds.

The report highlighted increased usage of crypto swap services for money laundering purposes. The Europol mentions swapping for Monero and other privacy coins as a modus operandi.

The report also mentions a cryptojacking scheme uncovered in Jan. 2024 in Ukraine that covertly mined over €1.8 million ($1.95 million) of cryptocurrencies, including Monero, Ethereum (ETH), and Toncoin (TON).

AD

Crypto crime trends

Financial crimes remain the primary illicit crypto use, especially investment fraud and money laundering. Europol claims that rising cryptocurrency prices and media attention have exacerbated the prevalence of investment fraud cases. Cryptocurrencies are the most reported product offered in fraudulent investment schemes.

United States dollar-pegged stablecoin Tether (USDT) on the Tron (TRX) is increasingly involved in crypto crime—presumably due to the network’s low fees. Overall, altcoin use for illicit activities is seemingly growing as well, says Europol.

Crypto laundering involves underground banking increasingly often. Crypto debit cards for quick conversion to cash at automated teller machines (ATMs) are also gaining popularity.

Privacy as an obstacle

Europol explicitly mentions privacy laws as an impediment to law enforcement agencies. The report reads:

“Mainstream E2EE [end-to-end encryption] communication platforms are increasingly used by offenders,” the agency writes. “The current regulatory framework regarding the protection of personal communications via E2EE creates challenges for LEAs [law enforcement agencies] lawful access to criminal communications.”

The report went on to highlight that Web3 emphasis on decentralization will lead to communications that are “neither controlled nor regulated by governments or private companies.

Peer-to-peer (P2P) networks and blockchains are wholly owned and controlled by their users— which Europol notes makes them fertile environments for crime.

“Decentralization, blockchain technology and P2P networks will continue to provide opportunities for cyber offenders as they make it easier to carry out transactions anonymously and out of sight of the authorities,” the authors wrote.

AD

These statements follow a 2022 report in which Europol spokespeople claimed that cryptocurrencies provide a new tool to law enforcement agencies. Representatives of the agencies pointed to the pseudonymous nature of most blockchain networks and the ability to track—to a certain extent—cryptocurrency transactions “offer an unprecedented opportunity” to investigate organized crime and money laundering networks and to eventually recover stolen funds.

While at first those statements may appear to starkly contrast with the new concerns over increasing internet decentralization, they are not. Rather, it shows that decentralization cuts both ways. Europol doesn’t mind when criminals use pseudonymous, but public, blockchains like Bitcoin’s and encrypted, but not end–to–end instant messaging services, like most social media.

Those tools leave plenty of traces on public blockchains and servers that investigators can later pick apart while building their cases. Still, a firm can’t answer a subpoena with user messages protected by E2EE because by definition they don’t have them. And there’s no unencrypted transaction data that can be found on blockchains like Monero’s.

This is proving to be a major obstacle for law enforcement, writes Europol.

Decentralized services can also prove borderline impossible to stop, which means that even when uncovered, law enforcement has no tools to bring some illegal operations to a halt. One good example of such a service is Tornado Cash, which despite being an Office of Foreign Asset Control-sanctioned entity has seen almost $2 billion of inflows this year and is still fully operational.

Edited by Stacy Elliott.

Daily Debrief Newsletter

Start every day with the top news stories right now, plus original features, a podcast, videos and more.