Ransomware Payments Drop Significantly In 2024

According to Cointelegraph, ransomware payments saw a notable decline of approximately 35% in 2024 compared to the previous year, as reported by blockchain analytics firm Chainalysis on February 5. In 2024, ransomware attackers extorted nearly $815 million from victims, a significant decrease from the $1.25 billion recorded in 2023, which was the highest amount to date. This marks the first reduction in ransomware revenues since 2022. Cryptocurrency payments remain a central component of many ransomware attacks. The decline in ransomware payments is attributed to several factors, including increased law enforcement actions, improved international collaboration, and a growing refusal by victims to pay, according to Chainalysis. In response to these challenges, ransomware attackers are adapting their strategies, such as utilizing new code repositories for attacks and initiating extortion negotiations sooner, often within hours of the initial attack. The report highlights that attackers range from nation-states and ransomware-as-a-service (RaaS) operations to lone wolves and small data theft groups. The overall decrease in ransomware losses in 2024 was particularly evident in the second half of the year. During this period, ransomware payments dropped by approximately 79% compared to the first half, showcasing the effectiveness of international law enforcement collaboration. Interestingly, the number of attempted attacks increased in the latter half of the year, even as overall payments declined, suggesting that more victims were targeted, but fewer chose to pay. This decline in ransomware payments is part of a broader trend of reduced cryptocurrency exploits in 2024. Losses from crypto scams, exploits, and hacks diminished towards the end of the year, with December recording the smallest amount stolen. Blockchain security firm CertiK reported $28.6 million in known losses from exploits, hacks, and scams in December, compared to $63.8 million in November and $115.8 million in October. The primary reason for this reduction was a decrease in major incidents involving losses of $100 million or more, as noted by a CertiK spokesperson in January.