Ransomware losses down 35% year-over-year: Chainalysis

Payments extorted through ransomware attacks decreased some 35% in 2024 compared to the year prior, according to a Feb. 5 report by Chainalysis, a blockchain analytics provider. 

In 2024, ransomware attackers extorted nearly $815 million in payments from victims, down significantly from the 2023 total of $1.25 billion, which was the highest amount recorded to date.

It marks the first drop in ransomware revenues since 2022, according to the report. Cryptocurrency payments are central to many ransomware attacks. 

Causes of the declines include “increased law enforcement actions, improved international collaboration, and a growing refusal by victims to pay,” Chainalysis said. 

In response, ransomware attackers are shifting tactics, including using fresh code repositories for attacks and starting extortionary negotiations sooner, often within hours of the initial attack, Chainalysis said. 

Types of attackers range from nation-states and ransomware-as-a-service (RaaS) operations to lone wolves and small data theft groups, the report said.

The decline in overall ransomware losses in 2024 largely took place in the second half of the year, Chainalysis said. 

In H2 2024, ransomware payments decreased by around 79% versus the first half of the year, “showcasing the effectiveness of international law enforcement collaboration,” the report said. 

Notably, the number of attempted attacks actually increased in H2, even as overall payments declined, “suggesting that more victims were targeted, but fewer paid,” Chainalysis said.

Decline in hacks

The decline in ransomware payments reflects an overall drop in cryptocurrency exploits during 2024. 

Losses to crypto scams, exploits and hacks were tapered off in the last months of 2024, with December registering the smallest amount stolen. 

Blockchain security firm CertiK said in a Dec. 31 post on X that there were $28.6 million known losses to exploits, hacks and scams in December, compared with $63.8 million in November and $115.8 million in October.

The main reason for the dropoff was a decline in big incidents of $100 million or more in losses, a CertiK spokesperson told Cointelegraph in January.

Magazine: How crypto laws are changing across the world in 2025