- Ransomware operators are attacking bigger targets and stealing more funds than ever, Chainalysis says.
- Gangs are using more third-party tools such as proxy services, email attacks, and stolen data.
- In 2021, Chainalysis identified over $602 million of ransomware payments, though this is likely an underestimate.
A report from blockchain data firm Chainalysis found that ransomware gangs are going after increasingly larger targets — and getting better at extorting big sums of cryptocurrency.
The surge in payment sizes, according to the Chainalysis, is due to the growing sophistication of ransomware groups. Attacks have become more precise and efficient as hackers have leveraged third-party tools to take on a "big game hunting" strategy to make larger attacks on bigger targets.
As of January 2022, Chainalysis identified over $692 million in ransomware payments from 2020 — double its initial estimate of the same timeframe a year ago. For 2021, Chainalysis has identified over $602 million worth of ransomware payments, though it said this is likely an underestimate.
Ransomware criminals have been demanding more money from their targets. According to Chainalysis, the average ransomware payment size has increased from $25,000 to $118,000 in cryptocurrency between 2019 and 2022.
Ransomware operators in 2021 used third-party tools such as proxy services, email attacks, stolen data such as passwords and IDs, and malware programs more than ever. Among funds sent by ransomware operators, 16% was spent on tools and services to enable more effective attacks, up from 6% in 2020.
Last year also saw more active individual ransomware strains than any other year, with at least 140 in 2021 compared to 119 the year before.
It named Conti — a ransomware-as-a-service operation believed to be based in Russia — as the top ransomware gang of 2021. It extorted "at least $180 million from victims," according to Chainalysis's report. Darkside, another gang, came in second in funds extorted from victims.
An earlier Chainalysis report found that laundering surged 30% in 2021, and the organization Cybercrooks laundered $8.6 billion worth of dirty crypto. Some $33 billion in crypto has been laundered since 2017, primarily through centralized exchanges.