Crypto ransom attack payments hit record $1-billion in 2023, analytics firm says
Payments from crypto-related ransom attacks nearly doubled to a record US$1-billion in 2023, blockchain analytics firm Chainalysis said on Wednesday.
Scammers targeting institutions such as hospitals, schools and government offices for ransom pocketed US$1.1-billion last year, compared with US$567-million in 2022.
However, losses stemming from other crypto-related crimes such as scamming and hacking fell in 2023, Chainalysis said.
Bitcoin, the largest cryptocurrency, has jumped 60 per cent since the end of September to US$43,134 on enthusiasm about a new U.S. bitcoin ETF and on signs central banks around the world will begin trimming interest rates.
“An increasing number of new players were attracted by the potential for high profits and lower barriers to entry,” Chainalysis said.
“Big game hunting” has become the dominant strategy over the past few years, with a dominant share of all ransom revenue volume made up of payments of US$1-million or more, Chainalysis added.
A group of digital extortionists named “cl0p,” which subverted a file sharing software MOVEit, made nearly US$100-million in ransom payments, the analytics company said.
Hundred of organizations, including government departments, the U.K.’s telecom regulator and energy giant Shell, have reported cybersecurity breaches involving the MOVEit software tool, which is typically used to transfer large amounts of often sensitive data, including pension information and social security numbers.
A report in November showed that cybercrime group “Black Basta” had extorted at least US$107-million in bitcoin, with much of the laundered ransom payments making their way to the sanctioned Russian cryptocurrency exchange Garantex.
Cryptocurrency theft via cyberheists and ransomware attacks is also a significant source of funding for North Korea, according to UN reports.
Chainalysis’s figures undervalue crypto’s role in all crime as it only tracks cryptocurrency sent to wallet addresses identified as illicit. It does not include payments for non-crypto-related crime such as crypto used in drug trafficking deals.