Ransomware revenue for hackers falls 40% as victims think twice


Fin is a former junior editor at TechForge.

Ransomware attacks may be coming less effective, as revenue from ransomware fell by 40% to $456 million (£368m) in 2022.

Blockchain analytics firm Chainlaysis shared the data as part of its upcoming 2023 Crypto Crime Report, emphasising that the reduced revenue doesn’t necessarily mean the number of ransomware attacks has fallen.

What has changed is that companies have been upping their cybersecurity measures and ransom victims are becoming less willing to pay up to hackers.

In 2021, revenue from ransomware was recorded at $602 million (£486m) when Chainalysis published last year’s Crypto Crime Report. The total figure reached $766 million (£618m) as additional illicit crypto wallets were identified throughout the year.

Chainalysis says that blockchain is helping to stop ransomware attackers from rebranding themselves and harming more victims:

“Despite ransomware attackers’ best efforts, the transparency of the blockchain allows investigators to spot these rebranding efforts virtually as soon as they happen.”

The report found that there was a rise in ransomware attacks using centralised crypto exchanges to reallocate funds stolen from victims, up 9% from 2021.

Chainalysis also found that the use of mixer protocols, like the now-sanctioned Tornado Cash, rose from 11.6% to 15% in 2022.

Allan Liska, a threat intelligence analyst at Recorded Future, told Chainalysis that in the US, potential sanctions from the Office of Foreign Assets Control may be contributing to the fall in revenue.

“With the threat of sanctions looming, there’s the added threat of legal consequences for paying [ransomware attackers],” he said.

Since 2019, the percentage of victims who have had paid their attackers has fallen from 76% to 41%, according to analysis by Coveware CEO Bill Siegel.

Cybersecurity insurance has also become tighter in terms of its standards. Liska said:

“Cyber insurance has really taken the lead in tightening not only who they will insure, but also what insurance payments can be used for, so they are much less likely to allow their clients to use an insurance payout to pay a ransom.”

The revenue drop came despite an explosion in the number of unique ransomware strains in circulation, according to cybersecurity firm Fortinet.

Siegel pointed out that although competition in the ransomware space appears to be increasing, many of these new strains originate from the same organisations:

”The number of core individuals involved in ransomware is incredibly small versus perception, maybe a couple hundred. It’s the same criminals, they’re just repainting their get-away cars.”

Chainalysis explained that accurate totals for its ransomware figures will continue to grow throughout 2023 as it discovers more crypto addresses controlled by ransomware attackers.

Blockchain Expo World Series

Want to learn more about blockchain from industry leaders? Check out Blockchain Expo taking place in Amsterdam, California and London.

Explore other upcoming enterprise technology events and webinars powered by TechForge here.

Tags: , , ,

View Comments
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *