A recent analysis report by Chainalysis revealed that 2022 was an “impactful year” in the fight against “ransomware.” Even though the number of hacks remained high, market participants did not pay a major price. Ransomware payments were significantly slashed last year. Elaborating on the same, the report outlined,
“Ransomware attackers extorted at least $456.8 million from victims in 2022, down from $765.6 million the year before.”
Notably, “much” of the decline was due to “victim organizations “increasingly refusing” to pay attackers.
Also Read: DeFi Clocks $10B In-flows Till Now in 2023
Where were the funds transferred?
After amassing funds, most cryptocurrency ransomware attackers sent them to CEXes, like shown below. Chalking out the changing trends, the report highlighted,
“… the share of ransomware funds going to mainstream exchanges grew from 39.3% in 2021 to 48.3% in 2022, while the share going to high-risk exchanges fell from 10.9% to 6.7%.”
Alongside, the usage of illicit services such as darknet markets for money laundering also noted a fall. Mixer usage, nevertheless, increased from 11.6% to 15.0%.
Even though funds are usually sent to exchanges, they do not stay there for a long time. Quite recently, North Korea’s Lazarus Group moved tokens worth millions from the Harmony Bridge hack. On-chain sleuth ZachXBT stressed that transferred funds are usually withdrawn from exchanges almost immediately. Doing so helps obfuscate the path, hindering traceability.
Another interesting trend worth noting is the drop in ransomware lifespan. The average strain remained active for just 70 days last year, down from 153 in 2021 and 265 in 2020. Reasoning out why, Chainalysis noted,
“… this activity is likely related to ransomware attackers’ efforts to obfuscate their activity, as many attackers are working with multiple strains.”
Also Read: ChatGPT Clears US Medical Licensing Exam