Hackers set new record for amount of extracted money: How much was it in 2023? | NEWS.am TECH | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | #hacking | #aihp

February 8, 2024  20:15

The past year, 2023, proved to be successful for ransomware hackers who earned over $1 billion, setting a new record, as reported by PCMag citing research from Chainalysis, a blockchain monitoring company.

Contrarily, the previous year saw a significant decline in the earnings of ransomware hackers, totaling around $567 million, which appeared to be an isolated occurrence. According to Chainalysis, the drivers of growth in 2023 were the influx of new hackers and a series of major attacks that resulted in million-dollar payouts from affected companies. “In 2023, there was a significant increase in the frequency, scale, and volume of ransomware attacks,” noted Chainalysis, which gathers data by tracking cryptocurrency payments to digital wallets associated with hacker groups.

Hackers raised the stakes, demanding ransoms of $1 million or more from their victims. “Perhaps most surprising to me was that 75% of the total ransomware payment volume in 2023 was attributable to payments of $1 million or more,” reported Jackie Burns Koven, Head of Threat Analysis at Chainalysis, in a tweet.

The hacking group CL0P also followed suit, increasing ransom demands and exploiting a vulnerability in the popular file transfer service MOVEit. Thanks to this vulnerability, the group managed to collect over $100 million in ransom payments, accounting for 44.8% of all hacker ransom payments in June and 39.0% in July.

Chainalysis also noted that the community of malicious actors has seen new entrants, “attracted by the opportunity for high profits and lower entry barriers.” For example, one group sold access to its variant of the Phobos ransomware program to less experienced hackers, enabling them to easily carry out attacks on various companies. This resulted in a “force multiplier, allowing the strain to execute a large number of small attacks,” according to Chainalysis.

Cybersecurity solution provider Coveware stated that there is a positive aspect — an increasing number of victims are refusing to pay ransoms to extortionists. However, as indicated by the Chainalysis report, the threat from ransomware-using malicious actors remains significant.