Stolen funds and ransomware amounted to over $2 billion in illicit crypto transactions in 2024, according to Chainalysis. Despite an overall 20% decline in illicit on-chain activity year-to-date, these two categories have seen significant growth.
Stolen funds inflows nearly doubled from $857 million to $1.58 billion, an amount 84.4% greater than the value stolen over the same period last year. Meanwhile, ransomware inflows rose approximately 2%, from $449.1 million to $459.8 million.
The average amount stolen per hacking event increased by 79.46%, rising from $5.9 million to $10.6 million.
Notably, Bitcoin’s (BTC) price increase has played a role in the rising value of stolen funds. BTC transaction volume now accounts for 40% of stolen funds activity, up from 30% last year. Moreover, the increase in stolen funds comes after a 50% drawdown between 2022 and 2023.
Additionally, centralized exchanges have become prime targets again, with the Japanese exchange DMM hack resulting in a $305 million loss.
Chainalysis also highlights that advanced cybercriminals, including IT workers linked to North Korea, have started leveraging more off-chain methods, such as social engineering, to steal funds from crypto platforms.
Ransomware is on track for its highest-grossing year, with $459.8 million in ransoms paid through June 2024. The largest single payment recorded was approximately $75 million to the Dark Angels group.
Andrew Davis, general counsel at Kiva Consulting, stated:
“Whether it be former affiliates of these well-known threat actor operations, or new upstarts, a large number of new ransomware groups have joined the fray, displaying new methods and techniques to carry out their attacks such as expansion in their means for initial access and lateral movement approaches.”
Despite the increase in attack frequency, victims are paying ransoms less often. Corsin Camichel, researcher with eCrime.ch, emphasized the importance of law enforcement actions in curbing ransomware incidents and signaling that criminal actions will have consequences.