Ransomware -Payments fell 35% by 2024 as more victims refuse to pay: Chainalysis

Leave a Comment / Business

The Ransomware business got a hit in 2024 with payments that fell 35% year-over-years, according to a new report from Chainalysis.

Although the number of ransomware attacks increased by 2024, ransomware gangs earned less money and withdrew $ 814 million compared to 2023’s record high sum of $ 1.25 billion. The Blockchain Analytics company attributes to a number of factors, including an uptick in law enforcement measures and sanctions, as well as a growing rejection of victims to pay their attackers.

Last year, less than half of all recorded ransomware attacked in sacrificial payments. Jacqueline Burns Koven, Chainalysis’s leader of Cyber ​​threat information, Coindesk told that part of the non -payment trend can be attributed to a growing mistrust that complies with the strikers ‘demands that will actually result in the victims’ stolen data being deleted from the attacker’s possession.

In February 2024, the US insurance company United Healthcare paid a $ 22 million ransom to Russian Ransomware -Backcat of Blackcat after one of its subsidiaries was violated and patient data was postponed. But Blackcat imploded shortly after the ransom was paid and the data that healthcare had paid to protect were leaked. Similarly, the dismantling of another Russian ransomware gang, Lockbit, of the United States and British law enforcement in early 2024 revealed that the group did not actually delete the victims’ data as promised.

“What it was stated is that the payment of a ransom is no guarantee of deletion of data,” the COVER said.

The cow added that even if victims of ransomware would pay, their hands are often bound by international sanctions.

“There have been a number of sanctions against various ransomware groups, and for some units it is out of their risk threshold to be willing to pay them because it poses sanction risk,” the cow said.

Chainalyses’ report points to another reason for discounted payments in 2024 – victims attach up. Lizzie Cookson, Senior Director of Event Response at Coveware, a ransomware -event company, Chainalysis said that many victims due to improved cyberhygiene are now better able to withstand strikers’ demands.

“They can ultimately decide that a decrypt tool is their best option and negotiate to reduce the final payment, but more often they find that recovery from recent backups is the faster and more cost -effective path,” Cookson said in the report.

Challenges to deposit

Chainalyses’ report also suggests that ransomware attackers are also struggling with the payment of their poorly achieved winnings. The company found a “significant decline” in the use of cryptomers in 2024, which the report attributed to the “disturbing effect of sanctions and law enforcement measures, such as those against chip mixer, Tornado Cash and Sinbad.”

Last year, several ransomware actors simply held their funds in personal wallets, according to the report.

“Oddly enough, ransomware operators, a primarily financially motivated group, fail to pay more than ever,” said it. “We attribute this to largely increased caution and uncertainty in the midst of what is probably perceived as law enforcement. Services participating in or facilitating ransomware -whale lapsing, resulting in uncertainty among threat actors about where they can safely put their funds. “

Looking forward

Despite the clear influence of law enforcement crashes on ransomware -gangs last year, the forest stressed that it is too early to say whether the downward trend is here to stay.

“I think it’s too early to celebrate because all the factors are there for it to return in 2025, for the big attacks – the big game hunt – to resume,” the cow said.

You can read the full report here about Chainalysis’ blog.

Must Read

Leave a Comment

Your email address will not be published. Required fields are marked *