In a recent analysis, blockchain forensics company Chainalysis found that payments related to ransomware were down by 40.58 percent. Chainalysis issued a research claiming ransomware attackers stole at least $456.8 million in 2022, down from the $765.6 million they stole in 2021. Unfortunately, the true numbers are probably greater since many bitcoin addresses owned by attackers have yet to be recognised on blockchain networks and included in Chainalysis’ statistics.
Although revenues dropped, attacks still were attempted at a high rate. There were over 10,000 different types of ransomware in the first half of 2022, which is almost double the number seen in the second half of 2021. The number of distinct ransomware strains has exploded in recent years, and on-chain data supports this trend. Attackers in 2022 sought to hide their tracks by using many virus strains, cutting the average lifetime of each kind in half to 70 days.
That doesn’t mean attacks are down, or at least not as much as the drastic dropoff in payments would suggest. Instead, we believe that much of the decline is due to victim organizations increasingly refusing to pay ransomware attackers.The Report stated
Ransomware attacks in which cybercriminals demand Bitcoin or the other cryptocurrency as payment have long been a blemish on the crypto sector, and have been used as a club to advocate for tougher regulation or outright bans on digital assets by policymakers. The Biden administration pledged a more robust effort in monitoring bitcoin transactions and other measures against hackers in June 2021.
According to Chainalysis, the number of individuals in the ransomware ecosystem is likely to be minimal, despite the fact that several variants are still actively spreading. This is due to the fact that partners launch assaults across various variants, giving the impression that there are a large number of attackers despite the fact that they all utilise the same wallet addresses.
Chainalysis claims that in 2022, funds that were taken from ransomware attacks were laundered via centralised exchanges, gambling websites, or coin mixers.
The share of ransomware funds going to mainstream exchanges grew from 39.3% in 2021 to 48.3% in 2022, while the share going to high-risk exchanges fell from 10.9% to 6.7%, coin mixer usage increased from 11.6% to 15.0%.The Report Stated
Although Bitcoin has been the currency of choice for cybercriminals to demand in ransomware attacks, a separate report from cybersecurity firm Kaspersky claims that privacy coins like Monero and ZCash are gaining favour among cybercriminals due to their underlying technology’s additional privacy features.