Key Points:
- Ransomware payments dropped 35% in 2024 to $813 million due to stronger law enforcement, international collaboration, and more victims refusing to pay.
- Attackers shifted tactics with rebranded ransomware strains and faster extortion methods while incidents increased, but payments lagged.
Ransomware payments saw a sharp decline in 2024, dropping 35% to $813 million from the record $1.25 billion in 2023, according to blockchain analytics firm Chainalysis.
Read more: Schneider Electric Hit By Hellcat Ransomware In Data Breach
Ransomware Payments Drop Amid Stronger Enforcement
The downturn in ransomware payments is attributed to increased law enforcement actions, stronger international cooperation, and a growing number of victims refusing to comply with extortion demands.
Despite the decline in total payments, ransomware operations adapted, with cybercriminals shifting tactics. Attackers employed new ransomware strains derived from rebranded, leaked, or purchased code.
Ransomware-as-a-service (RaaS) groups, nation-state actors, and independent operators intensified their efforts, with negotiations now often starting within hours of data theft. Among notable incidents, a cloud service provider, Snowflake, was targeted by a data theft extortion group.
Chainalysis’ 2025 crypto crime report noted that ransomware attackers appeared poised for another record-breaking year in early 2024, as payments in the first half rose 2.4% compared to 2023. This included a $75 million ransom paid by an undisclosed victim to the Dark Angels group. However, a steep decline in payments during the latter half of the year resulted in an overall drop.
Crackdown on Crypto Laundering Hampers Attackers
Cybercriminals faced growing difficulties in laundering illicit funds as authorities took action against cryptocurrency exchanges that facilitate such transactions. Sanctions on the Russia-based Cryptex exchange and the German Federal Criminal Police’s seizure of 47 Russian-language non-KYC crypto exchanges significantly hindered ransomware actors’ ability to convert crypto into fiat currency.
A positive trend highlighted by Chainalysis is the widening gap between ransom demands and actual payments. By the second half of 2024, there was a 53% disparity, indicating that while ransomware incidents increased, fewer victims capitulated. Those who did pay typically sent between $150,000 and $250,000, regardless of the attackers’ initial demands.
| DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing. |
Other Posts
Latest
Monad Testnet Reaches 218 Million Addresses Amid Rising Interest
Press Release
Blocksquare and Vera Capital Are Set to Tokenize $1 Billion in United States Real Estate
BYDFi Officially Launches On-Chain Trading Tool MoonX, Ushering in the Era of CEX + DEX Dual Engines
