Ransomware authors are profiting from the rise of the cryptocurrency -- but it 's also bringing some unexpected problems for them and other dark web operators . The value of bitcoin has soared in recent days : at the one point the cryptocurrency was worth almost $ 19,000 before it dropped back to around $ 16,500 , where it has roughly remained since . It 's almost impossible to predict what will happen next . The price of bitcoin could rise again or it could crash -- but , for now at least , a single unit of the cryptocurrency is worth a significant amount of money . Bitcoin has become the popular payment method for ransomware over the last two years , as the digital currency provides cybercriminals with a means of collecting ransoms Attack.Ransom , while also making it difficult to get the ransom-collectors ' identities , thanks to the level of anonymity it offers . WannaCry Attack.Ransom , the biggest ransomware event of the year , for example , hit Attack.Ransom hundreds of thousands of PCs around the globe , encrypting files and demanding a payment Attack.Ransom of $ 300 in bitcoin for the safe return of what was stored on the machine . In this instance , the ransomware code itself was poorly written and the vast majority of victims were able to restore their systems without giving into the demands Attack.Ransom of the cyber-attackers . However , by the time those behind WannaCry Attack.Ransom had withdrawn funds from the associated Bitcoin wallets -- a full three months after the attack -- it meant the 338 payments Attack.Ransom victims had made were worth around $ 140,000 , which was an increase in value of just under $ 50,000 compared to when the majority of payments were made Attack.Ransom . If those behind WannaCry Attack.Ransom have held onto their illicit investment , they could now be sitting on over $ 1m of bitcoin . But the sudden spike in bitcoin could actually be problematic for some cybercriminals . Before the surge in value , 1 or 0.5 bitcoin was a common ransom demand Attack.Ransom , with the idea that if the fee was low enough -- back then the ransom value worked out at a few hundred dollars -- this would encourage the victim to pay up Attack.Ransom . Even as the value of bitcoin steadily rose during the summer , some attackers were still using the standard amounts of cryptocurrency as their ransom demand Attack.Ransom . For example , Magniber ransomware demanded a payment Attack.Ransom of 0.2 bitcoin ( $ 1,138 in mid-October ) , rising to 0.4 bitcoin ( $ 2,275 in mid-October ) if the payment wasn't received Attack.Ransom within five days . Two months later , 0.2 bitcoin is currently worth $ 3,312 while 0.4 bitcoin is up to $ 6,625 . Many forms of ransomware already ask for the payment Attack.Ransom of a specified amount of dollars to be made in bitcoin . While it pins hopes on victims being able to buy a specific amount of bitcoin and successfully transfer the payment -- which some criminal gangs get around by manning help desks providing advice on buying cryptocurrency -- it 's more likely to result in the victim paying up Attack.Ransom , especially if the figure is just a few hundred dollars . `` I imagine the volatility of bitcoin pricing has been an unexpected problem for cybercriminals . The average ransom demand Attack.Ransom has remained somewhere between $ 300 to $ 1000 , and normally the ransom note will specify a USD amount , '' Andy Norton , director of threat intelligence at Lastline , told ZDNet . It is n't just ransomware distributors who might be faced with the problem of valuing items in pure bitcoin : a Dark Web vendor -- whether they are selling malware , weapons , drugs , or any other illegal item -- might find that setting their price in pure bitcoin will quickly result in them pricing themselves out of the market . With bitcoin prices continuing to rise , sophisticated cybercriminal operators can likely react to it , altering prices on a day-to-day basis to ensure that they 're able to sustain their business . Criminals are trying out alternative pricing models for ransomware already . Some criminals already operate around the idea that they charge Attack.Ransom victims just enough so that they do n't see the ransom Attack.Ransom as too much to pay Attack.Ransom -- and that often depends on the country the victims are in . The Fatboy ransomware payment scheme charges Attack.Ransom victims in poorer countries less than those in richer ones . Meanwhile , those behind Scarab ransomware have started asking Attack.Ransom victims to suggest a payment amount Attack.Ransom for receiving the encryption key for their files .