Latest news with #DarkAngels
TECHx
08-02-2025
- Business
- TECHx
Ransomware Payments Drop 35% in 2024 Despite Rising Cyberattacks - TECHx Media Ransomware Payments Drop 35% in 2024 Despite Rising Cyberattacks
Ransomware Payments Drop 35% in 2024 Despite Rising Cyberattacks In a significant shift for cybersecurity, ransomware payments fell sharply by 35% in 2024, even as cybercriminals continued to target victims aggressively. This decline comes after a record-breaking year in 2023, when ransomware gangs extorted $1.25 billion, and a 2.38% year-on-year increase in stolen funds during the first half of 2024. However, the latter half of the year saw a dramatic reversal, with overall ransomware payouts dropping to $813 million, according to the Chainalysis 2025 Crypto Crime Report. The report highlights a record-breaking $75 million ransom paid by an undisclosed victim to the Dark Angels group, showcasing the high stakes of ransomware attacks. Despite this outlier, the broader trend points to growing resilience against cybercriminals. Jacqueline Burns Koven, Head of Cyber Threat Intelligence at Chainalysis, credited the decline to 'the effectiveness of law enforcement actions, improved international collaboration, and a growing refusal by victims to cave into attackers' demands.' One of the most notable trends in 2024 was the widening gap between ransom demands and actual payouts. In the second half of the year, the difference reached 53%, indicating that while attackers continued to target victims, fewer organizations opted to pay. Additionally, despite an increase in ransomware incidents, the number of on-chain payments declined, suggesting that more victims are resisting extortion attempts. When payments were made, ransoms typically ranged between $150,000 and $250,000, regardless of the attackers' initial demands. Cybercriminals also faced challenges in laundering their illicit gains. Law enforcement actions, such as the sanctioning of Russia-based Cryptex exchange and the German Federal Criminal Police's (BKA) seizure of 47 no-KYC crypto exchanges in September 2024, disrupted their ability to convert crypto into fiat currency. Chainalysis data further revealed that ransomware groups are increasingly holding stolen funds in personal wallets, likely due to fears of being traced and prosecuted. While the decline in ransomware payments is a positive development, Chainalysis warns against complacency. The ransomware landscape is now dominated by groups targeting low- to mid-value payments, with smaller businesses increasingly in the crosshairs. Koven emphasized the importance of protecting these organizations, noting that in the UAE, for example, over half a million SMEs contribute 63% of the nation's non-oil GDP. 'Sustained collaboration and innovative defenses are essential to build on the progress made in 2024 and ensure all organizations remain protected,' she said. The findings from Chainalysis highlight the importance of continued vigilance and international cooperation in combating ransomware. While the decline in payments is encouraging, the evolving tactics of cybercriminals underscore the need for robust cybersecurity measures, especially for small and medium-sized enterprises (SMEs). As ransomware threats persist, businesses and governments must remain proactive in their efforts to safeguard critical infrastructure and economic stability. The progress made in 2024 demonstrates the power of collaboration, but the fight against cybercrime is far from over. For the latest updates on cybersecurity trends and ransomware prevention, stay tuned to our coverage.
Tahawul Tech
07-02-2025
- Business
- Tahawul Tech
NO PAY NO PLAY: Chainalysis reports shows ransomware payments down by 35% as victims refuse to cough up
After ransomware gangs extorted a record-breaking US$1.25 billion in 2023, and the value stolen in the first half of 2024 rose 2.38% year-on-year, cybercriminals seemed poised for another record payday. However, a sharp pullback in the latter half of 2024 radically changed the year's outcome, instead resulting in overall ransomware payments seeing a sharp and encouraging 35% decline. This is according to findings from the Chainalysis 2025 Crypto Crime report, which also noted that the US$813 million attackers extorted from their victims last year included a record-breaking outlier in the US$75 million paid by an undisclosed victim to the Dark Angels group. 'For years now, the cybersecurity landscape seemed to be hurtling towards a so-called ransomware apocalypse, so this sharp decline, to levels even lower than those in 2020 and 2021, speaks to the effectiveness of law enforcement actions, improved international collaboration, and a growing refusal by victims to cave into attacker's demands,' said Jacqueline Burns Koven, Head of Cyber Threat Intelligence at Chainalysis. Another positive trend is the widening gap between the amounts demanded by bad actors and the actual payouts made by victims — in H2 2024, there was a 53% difference between the two. Moreover, despite the number of ransomware events actually increasing in the second half of 2024, the number of on-chain payments declined, suggesting that while more victims were targeted, fewer paid. In cases where victims did pay attackers, on average, the final amounts for these ransoms typically ranged between US$150,000 to US$250,000, regardless of attackers' initial demands. For attackers who received payments, Centralized Exchanges (CEXs) were a preferred means of converting their crypto gains into fiat currencies. Consequently, actions such as the sanctioning of Russia-based exchange, Cryptex, and the German Federal Criminal Police (BKA)'s seizure of 47 Russian language no-KYC crypto exchanges — both in September 2024 — have impacted the ability of ransomware actors to launder their illicit earnings. Chainalysis data shows that substantial volumes of crypto funds extorted by ransomware groups last year continue to be held in personal wallets. 'Ransomware operators, a primarily financially motivated group, are abstaining from cashing out more than ever. This potentially indicates a fear of being traced, identified, and prosecuted by law enforcement agencies, made possible with the help of crypto investigation tools such as those provided by Chainalysis,' added Koven. While these developments bode well for businesses that have long battled the threat of ransomware, Chainalysis warned against complacency. 'Today, 7-8 figure ransoms have become the outliers, as the ransomware actor landscape is dominated by groups extorting low- and mid-value payments,' Koven explained. 'With smaller businesses also in the crosshairs, protecting these organisations is critical to economic resilience as in the UAE for example, the country's over half a million SMEs contribute as much as 63% of the nation's non-Oil GDP. It will take sustained collaboration and innovative defences to build on the progress made in 2024, and ensure organisations across all segments stay protected against the threat of ransomware.'
