Ransomware attacks are more dangerous, more sophisticated, and more damaging. Cryptocurrency research firm Chainalysis has revealed.
The company said in its latest report that ransomware-related addresses had stolen at least $ 81 million in crypto assets by 2021. In 2020, it was a record amount of $ 406 million.
Chainarisys points out that the actual amount of damage is likely to far exceed this. While ransomware-related addresses are appearing one after another, companies often hide their damage.
Recently, the Colonial Pipeline was hit by a large-scale ransomware attack that shut down the petroleum product aorta on the east coast of the United States. The company reportedly eventually paid crypto assets to a group using ransomware from Russia-based group Dark Side.
“Ransomware as a service” in the background
Chinalysis said the proliferation of ransomware as a service (RaaS: ransomware as a service) has contributed to the explosive growth of damage.
In RaaS, ransomware developers basically rent out software to make a profit. According to the report, most of the damage caused by RaaS in the first quarter of 2021 (January-March) was due to Dark Side.
The amount of damage caused by ransomware is also increasing. Victims paid an average of $ 54,000 in the January-March quarter, $ 46,000 in the fourth quarter of 2020 (October-December) and $ 12,000 in the fourth quarter of 2019. .. Damages in excess of $ 10 million occur about once a quarter.
The most used Bitcoin (BTC) to pay ransomware ransoms is the public blockchain, which is essentially traceable.
According to Chainalysis, ransomware attack masterminds paid more than 9% of the damage to fraudsters, hacking tool service providers, and professional negotiators last quarter to support their activities. In the first quarter of 2020, the flow of such funds was only 3%.
According to the company, most of the ransomware damage in the last quarter (more than 75%) ultimately went to crypto exchanges.
Most of the ransomware comes from Russia
Similarly, most of the ransomware seems to come from Russia. Russia-related cybercrime is “the most common in the world,” especially in cryptocurrency crimes, said Chainarisys. In 2021 ransomware, Russian crime occupies a “big share”.
According to Chainalysis, the most damaging ransomware at the moment is programmed to avoid the Russian-speaking world. The company estimates that Russian-related ransomware accounted for 92% of the damage this year. In 2020 it was 86%.
Law enforcement agencies seem to have aimed at Dark Side. On the 14th, Bleeping Computer reported that authorities had seized DarkSide’s server and that the group’s crypto assets could have been sent to another wallet.
｜ Translation: coindesk JAPAN
｜ Editing: Takayuki Masuda, Shigeru Sato
｜ Image: Image of oil tank (Shutterstock)
｜ Original: Ransomware Attacks Growing More Profitable: Chainalysis