Ransomware Payments Reach Record High of Over $1 Billion in 2023

According to CryptoPotato, ransomware made a significant comeback in 2023, with payments exceeding $1 billion and marking a substantial increase in the scope and complexity of attacks. This is a drastic shift from the decline observed in 2022. The Chainalysis report indicates that the overall trend from 2019 to 2023 shows a growing problem, despite a decrease in ransomware payments in 2022. The blockchain data platform acknowledged that this figure doesn’t cover the full economic impact, including productivity loss and repair expenses incurred by victims. Chainalysis revealed that 2022 was an anomaly and not a trend, with various factors such as geopolitical events like the Russian-Ukrainian conflict likely contributing to the decline in ransomware activities. However, 2023 witnessed a significant escalation in the frequency, scale, and volume of ransomware attacks, carried out by diverse actors ranging from large syndicates to smaller groups and individuals. The rise of Initial Access Brokers (IABs) has facilitated ransomware attacks by providing access to networks, which they then sell to ransomware attackers for a relatively low cost. Monitoring IABs could offer early indicators for potential intervention and mitigation of attacks, as Chainalysis discovered a correlation between funds flowing into IAB wallets and an increase in ransomware payments. Regarding the destination of ransomware funds, centralized exchanges and mixers have consistently been preferred for laundering payments. However, new services for laundering, such as bridges, instant exchangers, and gambling services, gained traction in 2023. This shift is attributed to takedowns disrupting traditional laundering methods, stricter Anti-Money Laundering/Know Your Customer (AML/KYC) policies by some services, and the unique preferences of new ransomware actors. Chainalysis observed significant concentration in the specific services within each category that ransomware actors turn to for laundering, with exchanges showing the least concentration and gambling services, cross-chain bridges, and sanctioned entities exhibiting the highest levels of concentration.