Ransom payment decreased in 2024 by 35% amounting to $ 813.55 million from $1.25B in 2023. This is according to a blockchain intelligence firm Chainalysis.
It implies ransomware attackers globally received a ransom estimated at $813.55 million from victims.
The decline is attributed to increased law enforcement actions, improved international collaboration, and a growing “refusal to pay” by victims.
A recent example of victims refusing to pay the ransom requested by attackers was Namibia’s state-owned telecom company ransomware attack. They refused to negotiate let alone pay the price.
The first half of 2024 saw victims paying $459.8 million to ransomware attackers, which is an approximated 2.38% increase over the same period in 2023. However, the payment did slow down in the second half after July 2024 by approximately 34.9%.
According to data compiled by Coveware suggests that the average ransomware payment in Q4 2024 was at $553,959, a 15.6% increase from $479,237 in Q3. The median ransomware payment, however, dropped from $200,000 to $110,890 resulting in a 45% quarter-over-quarter decrease.
The year 2024 witnessed the highest volume of annual ransomware cases since 2021, reaching a staggering 5,263 attacks, an increase of 15% year-over-year according to The Hacker News.
The most observed ransomware variants were Akira (11%), Fog (11%), RansomHub (8%), Medusa (5%), BlackSuit (5%), BianLian (4%), and Black Basta (4%). Lone wolf actors held an 8% market share.
Key takeaways from the report:
- Ransomware payments dropped by 35% Year-over-Year, from $1.25 billion in 2023 to $813.55 million in 2024.
- Payments slowed after July 2024 by 34.9%, following global law enforcement actions.
- Attackers now initiate negotiations within hours of data exfiltration.
- The ransomware ecosystem is fragmented, with lone actors targeting small-to-mid-size businesses.
- Akira ramped up its attacks in H2 2024, while others declined.
- Only 30% of ransomware negotiations result in payments.
- More victims rely on backups instead of paying ransoms.
- Typical ransom payments ranged between $150,000 – $250,000, despite initial higher demands.
- More victims were listed on leak sites, but fewer paid ransoms.
- 56 new leak sites emerged in 2024, double from 2023.
About Author
