Author: Bailey Reutzel / Source: CoinDesk
White hat hackers, it seems, are being stripped of their accounts on Coinbase.
Less than a year ago, Vinny Troia, CEO and principal security consultant of Night Lion Security and a certified white hat hacker, was sent a compliance form by US bitcoin exchange Coinbase, where he had an account.
Coinbase wanted to know how Troia was using bitcoin and his account.
“I told them I run a security firm. I pay for ransoms and buy documents on the dark web when clients request it,” Troia told CoinDesk.
The ransoms Troia helps his clients pay are those stemming from ransomware attacks, which have surged in number over the past few years. Many, like the well-publicized WannaCry attack, are asking for bitcoin. And the documents?
“We do breach investigations a lot of times. If a fraudster is saying they’re selling my client’s stolen documents, the only way to make sure they have what they say they have is to buy those documents.”
According to Troia, Coinbase “did not like that at all”.
Coinbase then asked the IT expert whether he had a letter from the Department of Justice giving him permission to do those things. No, Troia said. Upon further research, Troia has not found that any such permission exists.
But, “I have my clients authorizing me to do this,” he said.
Coinbase sent Troia back an email explaining that those actions were against the exchange’s rules and shut down his account. Troia then tried setting up an account with his wife’s information, but that too was shut down. Then he tried his brother. Shut down. Then his mother. Shut down.
“My entire family is blocked from Coinbase,” he said.
The only option?
The problem is ransomware attacks are on the rise, and the prevalence of those attackers requesting bitcoin over bags of cash (or even wired fiat funds) is also up.
Black hat hackers love bitcoin, primarily because its wallets don’t have to be registered with a central intermediary, and with the use of anonymizing mixers and tumblers, the movement of that money can be hard to track.
Last month, several publications reported companies stockpiling bitcoin in preparation for future ransomware attacks. According to Citrix Systems, in 2016, about one-third of British companies were hoarding a store of “digital monies” to recover critical data in the event of an attack.
Sometimes, it’s the only option.
Troia, who is based in St Louis, worked with a local vendor in early October 2016 who was hit with a ransomware attack performing full disk encryption. In this case, full disk encryption meant the hackers had encrypted all the data held on the company’s hard drive storage. And according to Troia, almost no companies, including the one he was called to help at 2:00 am on a Sunday morning, keep full disk backups.
Troia scrambled around looking for ways to purchase bitcoin quickly and get the attackers paid. His solution: pooling money from company executives and purchasing bitcoin through a bitcoin ATM in the Galleria Mall in the…
Click here to read more