SINGAPORE – The amount of losses incurred from cryptocurrency-related ransomware attacks plunged 40 per cent in 2022 as victims increasingly refused to pay the extortionists.
Ransomware attackers reaped at least US$456.8 million (S$605 million) in 2022, a huge amount but down significantly from the US$765.6 million collected in 2021, reported blockchain research company Chainalysis on Thursday.
But the company did note that the true amount of losses could be much higher, as there are cryptocurrency addresses controlled by ransomware attackers that have yet to be identified and incorporated into Chainalysis data.
Chainalysis attributed the fall in losses to the decline in ransomware payments. Increasingly, such payments are directed to be made to entities that are sanctioned by the United States, which increases the risk of victims breaching the law.
Ransomware attacks prevent or limit users from accessing their cryptocurrencies by taking control of accounts until payment is made.
Despite the fall in the amount raked in by attackers, the number of unique ransomware scams in operation went up in 2022, with research from cyber-security firm Fortinet finding that more than 10,000 unique strains were active in the first half of 2022.
While many types of ransomware are active throughout the year, the actual number of individuals who make up the ransomware ecosystem is likely quite small, findings showed.
The research also found that ransomware lifespans have dropped, from an average of 153 active days in 2021 to 70 in 2022.
“This activity is likely related to ransomware attackers’ efforts to obfuscate their activity, as many attackers are working with multiple strains,” Chainalysis said.
It added that most ransomware attackers transmit the funds they extort to mainstream, centralised exchanges. Ransomware funds accounted for 48.3 per cent of funds sent to mainstream exchanges in 2022, up from 39.3 per cent in 2021.