The word 'crypto
' is derived from the Ancient Greek word "krupt's
which means 'hidden, secret
' and the word currency is derived from the Latin word
"currēns" which means 'to flow
.' Hence, the meaning of crypto currency is a form
of currency which is secured by cryptography. So, it can be defined as a type of
digital currency that serves as a means of exchange over a computer network and
is not backed or regulated by any centralized authority like a bank or the
Cryptocurrency does not exist in the physical form i.e., in the form of coins or
paper notes. It is an alternative payment method developed using encryption
methods. By employing encryption technology, cryptocurrencies can act as both a
medium of exchange and a virtual accounting system. Cryptocurrency mining is the
process by which new digital coins or crypto can be created.
One needs a cryptocurrency wallet to use cryptocurrencies. These wallets can be
software that is installed to your PC, mobile device, or the cloud. Your
encryption keys, which validate your identity and connect to your cryptocurrency,
are saved in the wallets.
Cybercrime can be defined as "unlawful actions where the computer is either a
tool or a target or both."
It is generally divided into two categories and defined as follows:
- The narrow definition of cybercrime (also known as computer crime) is any
unlawful activity directed through electronic means that threatens the safety of
computer systems and the data they process.
- Cybercrime, (or computer-related crime), is defined broadly as any illegal
activity carried out with the help of or in relation with a computer system or
network, including crimes like illegal possession and the offering or
distribution of information via a computer system or network.
The popularity of cryptocurrencies and the rate of cybercrimes in this field
have a positive relation. With the increase in the use of cryptocurrency, there
is a sharp rise in the crimes taking place in the virtual world regarding this.
According to Chainanalysis , a software tracking the cybercrime rate, Indian
customers visited cryptocurrency scam websites more than 9.6 million times in
2021. Coinpayu.com, adbtc.top, hackertyper.net, dualmine.com, and coingain.app
are the most common scam websites that were frequently visited by Indians.
Origin Of Cryptocurrencies:
The use of cryptography can be dated back to 1939 when World War II took place.
It was used extensively for radio communications and radio interception. Both
the parties tried to analyze and decode the encrypted message sent via radio
transmissions. They used code-language to send messages to their own group which
was known to them so that the other side eavesdropping on the conversation do
not understand the message sent and received.
With the development in the cryptography protocol and software, the benefits of
crypto were understood. In 2009, the first cryptocurrency was invented by
Satoshi Nakamoto who named the currency as BitCoin. Satoshi Nakamoto  is the
pseudonymous name used for the actual developer of Bit Coin. He never came in
front of eyes of the public. He used the word 'crypto' very well in his real
life by keeping his identity a secret.
Bit Coin started getting popular with the passage of time and hence to give
competition to this several crypto currencies were launched in the market.
Types of Cryptocurrencies:
Bitcoin was the first cryptocurrency to be released in 2009. It started gaining
popularity over the years as it is mined with advanced computer networks by
solving difficult math equations.
The success of Bitcoin lured the others to launch their improvised versions of
Bitcoin which are collectively known as Altcoins. These currencies are easier to
mine when compared to Bitcoin, but these involve a greater risk.
It was launched in 2011. It uses "scrypt" as proof of work that can
be decoded with consumer-grade CPUs and is based on a global open-source payment
network that is not controlled by a central authority.
It was launched in 2013 and uses "scrypt" technology. The production
of Dogecoin is unlimited and hence it is more easily accessible and fit for
It was launched in 2014 and provides more anonymity as it works on a
decentralized network which makes transactions untraceable. This can be mined
using a CPU or GPU.
Why are Cryptocurrencies attracting cyber criminals?
As the concept of cryptocurrency is relatively new and the major nations of the
world have still not legalized it, it has grabbed the attention of cyber
criminals. Besides, it is not regulated or controlled by a centralized authority
which makes its existence and use questionable.
The following are the other
reasons besides these:
- The identity of the users dealing with cryptocurrency and their addresses
remain anonymous. Crypto accounts and their transactions are not linked to true
identities. It typically works with digital strings. Therefore, using crypto
makes it much simpler for thieves to mask their identities. On the dark web,
cryptocurrencies are the most widely used form of payment as they enable buyers
and sellers to maintain their anonymity.
- Cryptocurrency is a global standard, in contrary to real money, which is
restricted to a single country or region. Anyone from any part of the world
accepts it. The vulnerability of cryptocurrencies is increased by their simple
accessibility to multiple locations.
- When money is sent from one person to another via cryptocurrency, it cannot be
reversed. The transaction is beyond your control, like using cash. Moreover,
hackers can easily escape the scene of an attack like ransomware without being
Cybercrimes and Cryptocurrencies:
Having discussed the meaning of cryptocurrency and its types and how cybercrimes
take place in general, let us look into how cybercriminals target
cryptocurrencies and get success in doing so.
Here are some of the following cybercrimes regarding crypto:
By encrypting user data, ransomware attempts to extort money from its victims.
Typically, this kind of malware shows an on-screen message threatening to allow
access again if the victim pays a ransom. Cybercriminals frequently demand
payment in Bitcoin or other forms of digital money. The culprit cannot be
located or linked to data from the real world.
In 2017, the WannaCry and NotPetya ransomware attacks brought down numerous
(The figure shows a device infected by WannaCry, along with the instructions to
pay the ransom)
A specific instance of crypto-based ransomware was carried out by the North
Korean cybercriminal organisation known as Maui. A medical center in Kansas was
the target of these hackers, who made the institution pay a ransom to recover
its data. The FBI was able to locate the payment owing to Chinese-based
crypto-laundering services. Federal officials succeeded in recovering the cash
as well as additional money from other ransomware group victims through their
Hackers execute this attack by secretly generating cryptocurrency on a hacked
device using its processor. The variety of gadgets that are vulnerable to crypto
jacking goes further than just cellphones, servers, and desktops. IoT devices
can also catch a virus. Device slowdowns, overheated batteries, higher energy
consumption, unusable gadgets, decreased productivity, and device failure are
the main consequences of crypto jacking for users.
According to studies, crypto jacking malware can replicate and spread over a
network like a worm virus by being "file-less."
Crypto jacking shot the cryptocurrency market in 2017 and 2018. The surge in
cryptocurrency prices and the overall revival of the crypto market are due to
Illegal cryptocurrency mining (generation) is done by crypto mining. Active and
Passive mining of cryptocurrencies are the two distinct methods of generating
crypto. The processing power of the victim is exploited by using either method
without the owner's consent.
Malware developers initially used Bitcoin-based crypto miners, but as Bitcoin
got more difficult to mine on standard computers, they shifted to other
cryptocurrencies. Monero gradually became a favored cryptocurrency among
cybercriminal organizations as it encourages to maintain more anonymity.
- DDoS Extortion:
DDoS extortion (or RDoS) campaigns are when a cybercriminal targets a company by
threatening to disrupt their website or service until they pay a huge sum in the
form of Bitcoins. Since they make payments using cryptocurrencies, it is tough
for investigators to track the money as it passes from victims to criminals.
DD4BC (short for "DDoS for Bitcoin"), a well-known group that engaged in
extensive activity using the "DDoS-as-an-extortion" technique, first appeared in
2014 and was arrested by Europol in 2016.
This type of malware attempts to steal data from the victim's cryptocurrency
service accounts (e.g., wallets). To transfer cryptocurrency assets from the
victim's account to the fraudster's, crypto loggers seek to obtain the private
key of the owner. They frequently act as a transparent interface while the users
search for password files or browse the web.
- Cryptocurrency Hacks:
For cybercriminals, cryptocurrency is an extremely attractive target. Attacks
and fraud that previously targeted paper currency, banks, and conventional
payment systems have been modified to also include cryptocurrencies. Attacks on
different cryptocurrency assets, such as cryptocurrency exchanges or private
cryptocurrency wallets, are now common.
More than $1 billion worth of cryptocurrencies were stolen from exchanges and
platforms in 2018 because of multiple cryptocurrency hacks.
- Fake Wallet:
Users can configure, send, and receive cryptocurrency using wallet services.
Users may come across wallet scams in this situation, which display a variety of
corrupt behavior. For instance, some wallets would randomly steal the entire
amount, while others would only take a small proportion of the daily deposit.
- Laws in India:
Having seen the various kinds of cybercrimes that take place with cryptocurrency,
let us now look at what are the legal remedies that are available to a victim of
In India, cryptocurrency is still not legalized so there is no separate law that
deals only with offences related to crypto. But owing to crimes that take place
and to protect the rights of the citizens, the following laws seek to protect a
victim from the wrong he has faced.
Indian Penal Code, 1860 :
Section 420. Cheating and dishonestly inducing delivery of property.�Whoever
cheats and thereby dishonestly induces the person deceived to deliver any
property to any person, or to make, alter or destroy the whole or any part of a
valuable security, or anything which is signed or sealed, and which is capable
of being converted into a valuable security, shall be punished with imprisonment
of either description for a term which may extend to seven years, and shall also
be liable to fine.
The Information Technology Act, 2000 :
Section 65. Tampering with computer source documents.�Whoever knowingly or
intentionally conceals, destroys or alters or intentionally or knowingly causes
another to conceal, destroy or alter any computer source code used for a
computer, computer programme, computer system or computer network, when the
computer source code is required to be kept or maintained by law for the time
being in force, shall be punishable with imprisonment up to three years, or with
fine which may extend up to two lakh rupees, or with both.
For the purposes of this section, "computer source code" means
the listing of programmes, computer commands, design and layout and programme
analysis of computer resource in any form.
Income Tax Act, 1961 :
Section 2 (47A). "Virtual Digital Asset":
A virtual digital asset has been defined as any information or code or number or
token (not being Indian currency or foreign currency), generated through
cryptographic means or otherwise, by whatever name called, providing a digital
representation of value exchanged with or without consideration, with the
promise or representation of having inherent value, or functions as a store of
value or a unit of account including its use in any financial transaction or
investment, but not limited to investment scheme; and can be transferred, stored
or traded electronically. Non-fungible token and any other token of similar
nature are included in the definition
- In 2018, Reserve Bank of India issued a circular  which barred Banks
and other financial institutions from facilitating transactions involving cryptocurrencies. Thereby declaring transactions involving cryptos as illegal.
The Supreme Court in the case of Internet and Mobile Association of India vs
Reserve Bank of India  quashed the RBI's ban on cryptocurrency trade.
- The Finance Bill, 2022  proposed to include virtual digital assets
within the scope of movable assets. Thus, after the amendment, Section
56(2)(x) shall apply to the following movable properties: Shares and
securities; Jewelry; Archaeological collections; Drawings; Paintings;
Sculptures; Any work of art; Bullion; and Virtual Digital Assets.
- On November 23rd, 2021, The Cryptocurrency and Regulation of Official Digital
Currency Bill, 2021  was introduced to the Lok Sabha with the objective 'to
create a facilitative framework for creation of the official digital currency to
be issued by the Reserve Bank of India and to prohibit all private
cryptocurrencies in India, with some exceptions.' Due to some lack of
technicalities and intricacies involved in the concept of Cryptocurrency and
India's backwardness in the development of digital currency, the bill has not
been passed by both the houses of parliament.
Fancy Bear Ddos Extortion Case :In 2019, a group of criminals called 'Fancy Bear' launched DDoS attacks against
companies in the financial sector and demanded ransom payments. According to a
copy of the ransom letter, the group is asked for payments of 2 bitcoin, which
was about $15,000 then.
One of the spokespersons of the victim company, Pohle said the DDoS attacks
don't target companies' public website, but their backend servers, which were
not protected by DDoS mitigation systems.
Bitconnect Scam Case :A company by the name of BitConnect Coins offered an investment option for its
clients, who were assured daily interest of 1% and a 100-day interest rate hike.
The foundation was formed by Satish Kumbhani and Divyesh Kumar Dhansukhlal Darji.
The Surat CID team, who have been investigating into the case in India, claimed
that it is valued INR 41,000 Cr, of which Darji received a 10% share. BitConnect
founder Satish Kumbhani was charged in February 2022 by the San Diego District
Court with "orchestrating" a massive cryptocurrency Ponzi scam. He was accused
of conspiring to commit wire fraud, price manipulation, running an illegal money
transmission business, and conspiring to launder money abroad.
Morris Fraud Case :In this scam, a website promoting a fake cryptocurrency called Morris coin was
accused of scamming over 900 investors out of Rs 1,200 crore. They had
subscribed to the bogus cryptocurrency's "initial offering." The fake
cryptocurrency pretended to be listed on the Coimbatore-based exchange for
cryptocurrencies, and it attracted investors with a guarantee of a daily return
of Rs 270 for 300 days in exchange for a minimum deposit of Rs 15,000 that was
expected to be invested in Morris coin.
It was later found that the digital
currency was not registered with any exchange, which made trading impossible.
The main suspect in the Morris coin scam, Nishad, was taken under arrest by
Delhi Crypto Scam Case :In 2022, a group of individuals have been reported to have committed a
cryptocurrency scam worth Rs. 500 crores. They promised the investors a 200%
return on their investments on the newly launched cryptocurrency owned by them
and holiday trips to Dubai besides assured returns and profits. They showed a
random building which was under-construction in Dubai to make the investors
believe that their office was under construction.
They also claimed to run a
co-operative society in Maharashtra which was false. One of the investors who
was scammed for Rs. 1.47 crores stated that they were told that the value of the
new crypto currency would be equivalent to 2.5 USD and the value would skyrocket
with the passage of time. The police are searching for the accused but as of now
they are said to have fled to another country.
With the days passing and the boom in the digital currency market of
cryptocurrency, it has now become the need of the hour to make proper laws
particularly for crypto. The wronged person in these crimes is still uncertain
as to under what provisions his case needs to be filed. As to whatsoever is the
situation, the cyber criminals do not stop committing the crime. So, it will be
in the best interest of the public and the government to kindle make laws
regarding crypto so that the crime rates are minimized.
completely on the government to come forward and take up the path of action, the
customers or users of cryptocurrency should also take precautions to avoid the
chances of getting trapped into the hands of cyber criminals. So, it can be
concluded that yes, cryptocurrencies are a threat both for the real world people
as well the virtual world identities as the crimes including cybercrimes is
taking place is regardless of the identities existing and the world in which
As rightly said 'Prevention is better than cure' so we need to take
precautions to keep a check on the increasing cybercrimes in the field of crypto
currency. Here are a few precautions that when followed will minimize the risk
of cybercrime regarding cryptocurrency.
- Use a trustworthy and secure wallet. You must safeguard your cryptocurrency
wallet to a level consistent with your investment if you decide to manage it
locally on your computer or mobile device. Avoid using a lesser-known or unknown
wallet to store your crypto, use a reliable wallet if you intend to avoid
- Have a backup plan. Consider what would occur if your computer or mobile
device were stolen, lost, or if you didn't have access to it anyway. Without
a backup plan, your investment could be lost.
- Avoid clicking on unknown websites, opening suspicious email
- Installing "free" applications from places other than the Google Play
Store or the App Store should be avoided.
- For desktops, smartphones and IoT devices, and Wi-Fi networks, use strong
- Corporations should implement network visibility and control that can
identify and restrict access to crypto websites, apps, and protocols as well
as other dangerous software that can act as hidden routes for cybercriminal activity.