The ransom in 2021 will be at least $ 602 million, according to a new report, but the actual amount may be much higher.
On February 10, the research firm Chainalysis released new data on cryptocurrency-related ransomware activity in 2021. However, she stated that the total cost is likely to exceed the $ 692 million received in 2020.
In fact, despite these numbers, anecdotal evidence, plus the fact that ransom revenues in the first half of 2021 exceeded revenues in the first half of 2020, indicates that 2021 will finally be the year for us. an even more important year for ransom goods. ”
Chainalysis believes that 2021 will end after 2020.
Average ransomware payments reached a record high of $ 118,000 in 2021. This is 26% more than the average of $ 88,000 in 2020. Sequence analysis links the higher average payments to the big game strategy. used by ransomware tribes targeting large organizations.
Last year, the highest number of active ransomware strains in any year was also registered. At least 140 tribes received crypto payments, up 21 tribes from 2020 and 61 tribes from 2019.
Conti was the most active ransomware stock in 2021. In 2021, he earned nearly $ 200 million through cryptocurrencies. Conti, which is believed to be based in Russia, is a ransomware syndicate that sells its software as a service to companies. partner for a fee.
Darkside came in second behind Conte, after winning nearly $ 100 million in crypto. Darkside is the organization that took over the Colonial Pipeline last year and demanded a ransom for Bitcoin (BTC).
Conti was the most active ransomware stock in 2021.
While the report says that most strains of ransomware come and go in waves, remain active for a short period before falling into a dormant state, Conti has been active throughout 2021. new name.
The rebranding trend left the average pressure in 2021 in just 60 days, which is 2.8 times lower than in 2020, when the average was 168 days.
Related: Google Cloud for Cryptomining Malware Detection on Virtual Machines
Chainalysis concluded that while most ransomware attacks are financially motivated, others appear to have geopolitical goals related to “fraud, espionage, damage to reputation and disruption of the operations of an opposing government.”
He noted that despite the benefits of using cryptocurrency to carry out ransomware attacks, the transparency of cryptocurrency transactions makes it easier for governments to track the movement of funds. North Korea has repeatedly used digital currencies for years to circumvent economic sanctions.