Ransomware victims are refusing to pay, tanking attackers’ profits
Enlarge / Holding up corporations, utilities, and hospitals for malware-encrypted data used to be quite profitable. But it's a tough gig lately, you know? (credit: ifanfoto/Getty Images)
Two new studies suggest that ransomware isn't the lucrative, enterprise-scale gotcha it used to be. Profits to attackers' wallets, and the percentage of victims paying, fell dramatically in 2022, according to two separate reports.
Chainalysis, a blockchain analysis firm that has worked with a number of law enforcement and government agencies, suggests in a blog post that based on payments to cryptocurrency addresses it has identified as connected to ransomware attacks, payments to attackers fell from $766 million in 2021 to $457 million last year. The firm notes that its wallet data does not provide a comprehensive study of ransomware; it had to revise its 2021 total upward from $602 for this report. But Chainalysis' data does suggest payments-if not attacks-are down since their pandemic peak.
Chainalysis' data from ransomware wallets suggests a marked decrease in payments to attackers last year-though the number of attacks may not have declined so markedly. (credit: Chainalysis)
Chainalysis' post also shows attackers switching between malware strains more quickly, and more known attackers are keeping their funds in mainstream cryptocurrency exchanges instead of the illicit and funds-mixing destinations that were more popular in ransomware boom times. This might look like a sign of a mature market with a higher cost of entry. But there's more to it than typical economics, Chainalysis suggests.