New data from market intelligence platform Chainalysis reveals that ransomware attacks resurfaced in 2023, extorting over $1 billion from investors throughout the year.
In a new blog post, Chainalysis says that 2023 saw a rise in the number of ransomware attacks across the board – and the firm believes it’ll only increase.
“Ransomware payments in 2023 surpassed the $1 billion mark, the highest number ever observed. Although 2022 saw a decline in ransomware payment volume, the overall trend line from 2019 to 2023 indicates that ransomware is an escalating problem…
In 2023, the ransomware landscape saw a major escalation in the frequency, scope, and volume of attacks. Ransomware attacks were carried out by a variety of actors, from large syndicates to smaller groups and individuals – and experts say their numbers are increasing.”
According to data from cybersecurity firm Recorded Note, 538 new ransomware variants arose in 2023, signifying a rise in the number of groups or individuals perpetrating them.
As stated by Allan Liska, a cybersecurity expert who works for Recorded Note, according to Chainalysis,
“A major thing we’re seeing is the astronomical growth in the number of threat actors carrying out ransomware attacks.”
Chainalysis’ also says that bad actors are reusing the codes of older ransomware strains to create new ones.
“We can also see significant differences in the victimization strategies of the top ransomware strains on the chart below, which plots each strain’s median ransom size versus its frequency of attacks.
The chart also illustrates numerous new entrants and offshoots in 2023, who we know often reuse existing strains’ code. This suggests an increasing number of new players, attracted by the potential for high profits and lower barriers to entry.”
The market intelligence firm notes that the preferred method for obfuscating stolen funds changed in 2023 as platforms began increasing their defenses.
“Centralized exchanges and mixers have consistently represented a substantial share of transactions, suggesting they are preferred methods for laundering ransomware payments. However, this year saw the embrace of new services for laundering, including bridges, instant exchangers, and gambling services.
We assess that this is a result of takedowns disrupting preferred laundering methods for ransomware, some services’ implementation of more robust AML/KYC policies, and also as an indication of new ransomware actors’ unique laundering preferences.”
Don't Miss a Beat – Subscribe to get email alerts delivered directly to your inboxFeatured Image: Shutterstock/X-Poser