2024 witnessed a significant drop in ransomware payments, as Chainalysis reports a 35% decrease from the previous year.
A Promising Yet Unexpected Drop
In 2023, ransomware payouts hit a record-breaking $1.25 billion, but in 2024, this figure fell to $813 million. The decline surprised many, particularly given the rising number of attacks in early 2024. In the first half of 2024, payment amounts increased by 2.4% compared to 2023. However, as the year progressed, fewer victims were willing to pay, leading to a significant drop in overall payouts.
Law Enforcement and Sanctions
Bad actors have traditionally converted stolen cryptocurrency into fiat currency via centralized exchanges. In 2024, this process was complicated by sanctions against the Russian Cryptex exchange, and German police seized 47 Russian-language exchanges lacking KYC procedures. This disrupted money laundering channels, causing many ransomware groups to hesitate in cashing out due to the fear of blockchain analysis detection. In October 2024, 25-year-old Ryuki Hayashi from Japan was sentenced to three years for developing a crypto extortion tool using AI.
Fewer Victims Paying Up
Despite increasing attacks, fewer victims are meeting ransom demands. Chainalysis reported a growing gap between demanded and paid sums, which reached 53% in the second half of 2024. Those who settled paid between $150,000 and $250,000, well below initial demands. This signals a turning tide against cyber criminals, and if the trend persists, 2025 could see even fewer payouts.
While ransomware attacks remain a threat, the significant reduction in payouts suggests a potential shift in the battle against cybercrime. If the trend continues, 2025 could bring increased pressure on attackers and further decrease in payouts.
