The ransomware attacks increased last year, but the victim payment declined as users refused to meet the demands amidst the increase in recovery efficiency by law enforcement.
According to a channelis crime, the attractive ransomware business earned less than year-on-year payments despite an increase in the attacks initiated by bad actors in 2024. Report,
The report found that the payment of ransomware fell by 35% last year, which was $ 813 million a year ago compared to $ 1.25 billion. The cyber criminal initially witnessed success in the first half of 2024, including a 2.3% increase in successful recovery efforts, including $ 75 million collected by the illegal Dark Angels Group.
However, better crypto discovered practices, restrictions and asset seizures disrupted the criminal network in the latter part of the year. Channelis mentioned that Russia’s Crupto Exchange Cryptax and the ban on 47 Russian-based platforms in Germany greatly obstructed ransomware money laundering operations.
Jacqueline Burns Kovan, head of Cyber Threat Intelligence, Head of Channelis, wrote that bad actors rapidly hesitate to cash in cash through centralized crypto exchanges. However, the non-KYC CEX platform remained the preferred channel to convert the stolen crypto into a fiat currency.
More victims also refused to pay ransom despite the increasing frequency of cyber attacks, encouraged by better crypto-infinite equipment and strengthened investigative efforts.
Less than 50% ransomware operations paid in 2024. Those who complied usually pay up to $ 250,000 in ransom demands. However, the attackers have adapted to develop security measures, employed new strategies in dissolving the database and paying the victims.
In response, many attackers moved the strategy, with new ransomware strains, reflecting a more adaptive and tight danger environment, emerging from ribranded, leaks or purchased codes. The ransomware operations have also become rapid, often starting within hours of data exfIs. The attackers steal data from nation-state actors to Rainmuch-e-Sarvis (RAAS) operations, loan operators, and data theft recovery groups, such as cloud service providers, snowflakes.
Channelis 2025 Crime Report
