Ransomware Rampage: $1 Billion Was Stolen Via Ransomware in 2023, Chainalysis Report Says

Ransomware Rampage: $1 Billion Was Stolen Via Ransomware in 2023, Chainalysis Report Says
Published on

Key Insights

  • Ransomware attacks surged in 2023, stealing a record-breaking $1 billion in crypto, according to a new Chainalysis report
  • High-profile targets included individuals, institutions, media, hospitals, airlines, and governments.
  • Chainalysis says that new ransomware variants like CL0P targeted companies with "big game hunting" tactics.
  • Hackers used mixers and cross-chain bridges instead of CEXs to launder funds, making tracking difficult.

Blockchain hacks siphoned off nearly $2 billion last year, from defi protocols, according to a report from Chainalysis, a blockchain security firm.

However, in a recent report, Chainalysis has also said that about $1 billion of crypto-related payments made to hackers came from Ransomware.

This high, according to Chainalysis, beats the previous year's record by more than 300%.

Let's see what ransomware is, how the hackers have been able to collect a whole billion on them, and what the crypto community is/should be doing about it.

Ransomware And Its Influence Over The Market

To the unaware, ransomware works exactly as its name implies.

It is a kind of malicious software that infects a computer and encrypts all of the data in it.

This data becomes unusable and inaccessible to the owner, and they have to pay a set amount to the hacker for decryption.

According to Chainalysis, this kind of attack was the most prevalent in 2023.

So much so, that the hackers were able to siphon off a whopping $1 billion from holding the personal data of unsuspecting victims to ransom.

The rise in ransomware attacks
The rise in ransomware attacks

This report from Chainalysis was part of the firm's 2024 "Crypto Crime Report", and reveals that the most obvious targets were high-profile individuals, institutions, media outlets, hospitals, airlines, schools and even some parts of the world government.

The Rise of Ransomware Variants and Strategies

Chainalysis' report cites data and analysis from cybersecurity company, Recorded Future.

According to this data, this rise in Ransomware comes from the appearance of a whopping 538 new ransomware variants, the most notorious of which was CL0P.

These variants differed in their payout, frequency, and methods, and reflected how sophisticated these criminal strategies and motivations are.

50/538 new ransomware variants
50/538 new ransomware variants

The so-called "big game hunting" tactic was used by some ransomware gangs, including CL0P, to target huge companies and demand bigger ransoms.

Some of these attacks including the one that compromised the data of millions of people and hundreds of businesses, including the BBC and British Airways were also caused by CL0P by targeting MOVEit (a file-sharing software).

CL0P was the most notorious
CL0P was the most notorious

CL0P was also used to exploit security flaws called "zero-day vulnerabilities" to access to the victims' data.

However, instead of encrypting the data like most other ransomware, CL0P threatened to expose it publicly unless the ransom was paid.

Ransomware Strategies

While Cl0P threatened to expose the data of its victims publicly, others like Phobos operated what is called a ransomware-as-a-service (RaaS) model.

According to Chainalysis, this ransomware-as-a-service allowed these cybercriminals to carry out attacks, and share a percentage of the profits made with inside men and core operators.

Ransomware groups also rebranded and did some "mix and match" to avoid sanctions, investigations and being caught.

Chainalysis demonstrated how money travelled around the ransomware ecosystem by following the on-chain connections between the wallets of various ransomware strains using blockchain technology.

The Challenge of Tracking and Stopping Ransomware Funds

The hackers were also able to mask their trails by using cross-chain bridges, instant exchangers, mixers, and underground exchanges to hide the source and destination of all of this money in 2023.

The destination of all of this money
The destination of all of this money

These services mentioned, made it easier for cybercriminals to transfer all of the stolen money between different blockchains and platforms, making it harder for law enforcement to track the money.

According to Chainalysis's estimation, in 2023, a mere 7% of ransomware payments were sent to centralized exchanges (CEXs).

The remaining money, on the other hand, was sent to other alternatives that required less KYC and lower responsibility.

Disclaimer: Voice of Crypto aims to deliver accurate and up-to-date information, but it will not be responsible for any missing facts or inaccurate information. Cryptocurrencies are highly volatile financial assets, so research and make your own financial decisions.

Related Stories

No stories found.
Voice Of Crypto
voiceofcrypto.online