Majority of victims now refuse to pay a ransom, report claims
(Image credit: Pixabay)
The amount of money cybercriminal groups extorted through ransomware (opens in new tab) attacks is down 40% year-on-year, suggesting that businesses are increasingly refusing to pay to get their sensitive data back.
A report from Chainalysis examined cryptocurrency wallets known to be associated with ransomware groups. All blockchain data is pseudonymous and wallet activity can easily be tracked on-chain. Given that cybercriminals have to share their wallets with their victims, tracking these wallets is relatively easy.
That being said, Chainalysis says that in 2022, wallets belonging to known ransomware groups hoarded a total of $456.8 million. The year before, these groups extorted $766 million, a figure almost identical to the 2020 one – $765 million.
Using different variants
The researchers note that the decrease in payments isn’t due to fewer successful ransomware attacks. Threat actors are as successful as ever, with more than 10,000 strains circulating on the internet and lurking for their next victim.
What’s also interesting is that one ransomware group, or affiliate, does not necessarily stick to one ransomware variant for its operations. In fact, the same wallets were observed receiving payments from victims infected with different strains of the malware, including Conti, BlackCat, Black Lotus, LockBit, Sunscript, Hive and others.
Read more
> What is ransomware and how does it work?
> This new ransomware is seeing rapid growth, so beware
> These are the best malware removal tools (opens in new tab)
The caveat of the report is that the numbers are most likely inconclusive. While tracking wallet activity is relatively easy for the researchers, it’s impossible to say if they found, and were tracking, all of them.
After all, some organizations do not report falling victim to this form of cybercrime and it’s possible that additional wallets will emerge in the future.
The same thing happened with the 2022 report, when Chainalysis first thought crooks stole $602 million, instead of the final $766 million total.
Are you a pro? Subscribe to our newsletter
Sign up to theTechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Sead Fadilpašić
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.