Last year 2023 was a good year for ransomware hackers, who earned more than $1 billion, which is a new record, writes PCMag, citing research from blockchain monitoring company Chainalysis.
The previous year, on the other hand, saw a significant drop in ransomware hackers’ revenue, amounting to about $567 million, which appeared to be a one-time occurrence. In 2023, according to Chainalysis, the drivers of growth were the influx of new hackers and a number of large attacks that brought the attackers millions in payments from the affected companies. “The ransomware industry has seen a significant increase in the frequency, scale and volume of attacks in 2023,” noted Chainalysis, which mines data by tracking cryptocurrency payments to digital wallets associated with hacking groups.
Hackers have upped the ante, demanding ransoms of $1 million or more from victims. “Perhaps what surprised me most was that 75% of total ransomware payments in 2023 were payments of $1 million or more,” — Jackie Burns Koven, head of threat analysis at Chainalysis, said in a tweet.
The hacker group CL0P was no exception, also increasing its payment requirements using a bug in MOVEit, a popular file transfer service. Thanks to this bug, she managed to collect more $100 million in ransoms, representing 44.8% of all ransoms received by ransomware hackers in June and 39.0% in July.
Chainalysis also noted that the cybercriminal community has been replenished with new players, “attracted by the potential for high profits and lower barriers to entry.” For example, one group sold access to its Phobos ransomware variant to other, less experienced hackers, allowing them to easily launch attacks on various companies. The result was “a strength multiplier allowing the strain to perform a large number of small attacks” noted Chainalysis.
Cybersecurity solutions provider Coveware says there is a silver lining as more victims are refusing to pay ransoms to ransomware. But, as the Chainalysis report shows, the threat from attackers using ransomware remains.