Ransomware has emerged as the only cryptocurrency-based crime to rise in 2023, with cybercriminals extorting nearly $175.8 million more than a year ago, according to Chainalysis findings.
“Ransomware attackers have threatened at least $449.1 million by June and are gaining momentum heading into the second-largest year on record,” said the blockchain analytics firm. Said In a mid-year cryptocurrency crime report shared with HackerNews, he said: “If this pace continues, ransomware attackers will extort $898.6 million from victims in 2023, followed by $939.9 million in 2021.”
In contrast, revenue from cryptocurrency fraud is down 77% compared to June 2022. This is largely due to the sudden withdrawal of cryptocurrencies. Vidilook, which pays users VDL tokens in exchange for watching digital ads, which can then be redeemed for hefty rewards. The same goes for inflows to fraudulent addresses associated with malware, darknet markets, child abuse material, and fraudulent shops.
The development, following a decline in ransomware revenues in 2022, marks a reversal of sorts, with Chainalysis pointing to a resurgence of big game hunting from last year’s recession and smaller attacks by groups like Dharma and Phobos. We believe this is due to the increase in the number of successes.
At the opposite end of the spectrum are advanced groups such as Cl0p (or Clop), BlackCat, and Black Basta, which tend to be more selective in their targets while also attacking larger organizations and demanding higher ransoms. increase. Cl0p’s average payout in the first half of 2023 is $1,730,486, compared to Dharma’s $275.
Cl0p, in particular, has been rampant in recent months, exploiting security flaws in the MOVEit Transfer application for compromise. 257 groups According to Emsisoft researcher Brett Callow, so far around the world. More than 17.7 million people are said to be affected as a result of ransomware attacks.
“Clop preferred to target large enterprises (over $5 million in annual revenue) and take advantage of new but disclosed vulnerabilities,” said Sophos researcher David Wallace. It has been a key driver of our success in the first half of the year.” Said A report earlier this week called the group “loud, adaptable and tenacious players.”
Shielding Against Insider Threats: Mastering SaaS Security Posture Management
Worried about insider threats? We’ve got you covered! Join us for this webinar to explore practical strategies and proactive security secrets using SaaS Security Posture Management.
While law enforcement’s aggressive efforts to pursue ransomware groups and sanctions services that offer money-backing services, combined with the availability of decryption tools, have encouraged victims not to pay, the trend continues. is suspected to be “potentially driving the scale of ransom demands by ransomware attackers.” ” in order to withdraw funds from companies that are still willing to settle.
Last but not least, the war between Russia and Ukraine is also said to contribute to the decline in ransomware attacks in 2022, prompting Operation Conti to cease operations after declaring support for Russia. became.
“This dispute has likely displaced ransomware operators and kept them away from financially inspired cyber intrusions,” Chainalysis said. “It is not surprising that this dispute has disrupted the ability, or perhaps even authority, of ransomware operators to conduct such attacks, especially considering that the majority of ransomware attackers are tied to Russia,” he said. rice field.
