In 2024, $ 813.5 million has been raised for a total of $ 813.5 million, which decreased compared to $ 1.25 billion in 2023.
The total amount required during the first half of 2024 amounted to $ 459.8 million, Blockchain Intelligence Chenkalysis said, adding paying activities after July 2024 by 3.94%.
“The number of ransomers increased in H2, but the chain payments have declined, suggesting that more victims were aimed but less paid,” company company company – Note.
Adding to the problems is an increasingly fragmented ransom ecosystem, which, as a result of the collapse of Lockbit and Blackcat, has led to the appearance of many beginners who have evaded this, in turn, transfer to more modest ransom requirements.
According to data compiled by Coveware, Average payment for repurchase programs In Q4 2024 amounted to $ 553 959 $ 479 237 in Q3. On the contrary, the average payment of the redemption decreased from $ 200,000 to $ 110 890 in a quarter-quarter, by a 45% drop.
“Payments are still mainly option for the latest accounting for those who do not have an alternative to restore critical data,” the company said.
“Failed tools for deciphering both new and old redemers, and increased distrust of the ability of the subjects threatening to honor the guarantees to cancel the victims from the table if they have no other way out.”
Reduced redemption payments was also supplemented by the growth of law enforcement agencies in dismantling cybercrime networks and crying services, thereby violating the financial incentive and raising barriers before joining.
Taking into account this, 2024 also witnessed the largest amount of annual extortion since 2021, reaching the staggering 5263 attacks, increasing 15% compared to last year.
“With the decisive role in the world economy, the industry survived 27% (1424) of all ransom attacks in 2024, increasing by 15% compared to 2023,” NCC Group – Note. “North America survived more than half of all attacks in 2024 (55%).”
Most often observed ransomware options during 2024 were Akira (11%), fog (11%), ransomHub (8%), jellyfish (5%), black costume (5%), biolska (4%) and black basta (4 %). Lone Wolf actors recorded 8% market share during this period of time.
Some new participants observed in recent months Ark. Coat. Hollcat. Nick. Nothing. Wishingand Windows locker. In particular, Hellcat was recognized as being resorting to the psychological tactics of humiliation and pressure on their payment.
“Akira, and fog used the same money laundering methods that differ from other ransom strains, which further maintains the connection between them,” said Cinainalysis.
“Both groups are mostly focused on using VPN vulnerabilities, allowing them to gain unauthorized networks and thus deploy their ransom.”
