In recent reports, our Cybersecurity Insiders have detailed how hackers have been generating revenue through cyberattacks such as ransomware. However, a new report reveals that ransom payments to those deploying file-encrypting malware surged to an eye-watering $500 million in 2023.
This figure, compiled by TRM Labs—a blockchain intelligence firm that monitors crypto-crime globally—highlights a significant trend in cyber extortion.
TRM Labs notes that while North Korean hackers excel at infiltrating networks, Russian-speaking criminal organizations are the foremost experts in disseminating ransomware and other forms of malware. Among these, LockBit, ALPHV, and BlackCat lead the pack, having collectively amassed around $320 million in 2023. The remaining funds were accrued by other groups such as Akira, Black Basta, Clop, and Play.
The criminal landscape includes both individuals running their own operations and those connected to Kremlin-affiliated entities or military intelligence.
Remarkably, 79% of the cryptocurrency funds linked to these crimes were transferred to wallets and bank accounts in China. These funds were then converted into fiat currency, which was used to purchase military equipment or supply essentials to soldiers and their families involved in the conflict in Ukraine.
Despite calls from security experts to ban digital currencies to combat ransomware, such measures are impractical. The decentralized nature of blockchain technology means that transactions are recorded without central oversight or jurisdiction, complicating efforts to trace or prosecute offenders.
Ad