Crypto crime declines, but ransomware is on the rise

13 Jul 2023

Image: © Vitalii Vodolazskyi/

The report claims that almost every crypto-related crime is down this year, but ransomware is growing thanks to more successful attacks and a rise in ‘big-game hunting’.

Cryptocurrency-related crime appears to be down significantly compared to last year, according to a new report by Chainalysis.

The blockchain analysis company’s report suggests that illicit activities related to crypto is down by 65pc compared to the same period last year, while deposits made to “risky” entities are down by 42pc.

Chainalysis noted that transaction volumes are down “across the board” but this decline is less severe for legitimate services at 28pc.

“In other words, there’s been a market pullback, but illicit crypto transaction volume is falling much more than legitimate crypto transaction volume,” the company said.

This follows a particularly crime-riddled year for the sector, as a report in January suggested that the level of crypto-based illegal activity in 2022 was the highest on record, with $20.1bn in illegal transactions reported. That report did not include the transaction volumes of several large firms that collapsed last year, including FTXCelsius and Three Arrows Capital.

Scams take a major hit

In the latest report, Chainalysis said nearly every category of crypto crime is down so far in 2023, but added that scams have dropped the most.

So far this year, crypto scammers took nearly $3.3bn less in 2023 than they did in 2022, a decline of 77pc. The report claims the total amount crypto scams have earned so far in 2023 is just over $1bn.

Chainalyisis claims that scams are “nearly always” the highest-revenue form of crypto-based crime and believes the drop is linked to the disappearance of “two large-scale scams”. The report claims these scams were VidiLook and Chia Tai Tianqing Pharmaceutical Financial Management.

Ransomware on the rise

The only crypto-related crime that looks set to grow this year is ransomware, according to the report.

Chainalysis claims ransomware attackers have extorted $175.8m more this year than they did by the same time in 2022. This also suggests a reversal of the “positive downward ransomware trend” the company saw last year.

The report suggests this increase is due to a rise in “big-game hunting”, or the targeting of large, “deep-pocketed organisations”. There is evidence that the number of successful small attacks has also grown throughout the year.

Ryan McConechy, CTO at managed service provider Barrier Networks, said the report shows that ransomware remains a “profitable machine” for criminals.

“Clearly attackers are getting more ruthless and going after any and every business, while more organisations are opting to pay demands because they feel they have no other option,” McConechy said. “When organisations pay demands, this only fuels the industry, so as criminals continue to make these immense earnings, it will only spur more attacks and encourage other cybercriminals to adopt ransomware as their key attack tool.”

McConechy argued that – while paying ransoms is never recommended – some organisations have “very little choice”. He added that attackers research their targets and generally set demands that are “digestible”, to boost the chances of a successful payment.

“Often this is because the loss of customer data and productivity will come with a much higher price tag than the actual demand,” McConechy said. “Organisations must strive to avoid falling into this situation by improving their resilience against ransomware before they get hit.

“This means training employees on the techniques criminals use to access systems, keeping all systems up to date with the latest patches, running a regular back up system, layering security and implementing network segmentation to prevent ransomware from spreading.”

In April, a report by Check Point Research examined an advanced form of ransomware that exhibits unique, customisable features, along with one of the fastest encryption speeds recorded. Meanwhile, a Kroll report claims ransomware spiked globally towards the end of 2022, due to more attacks targeting certain industries such as manufacturing, healthcare and telecoms.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Leigh Mc Gowran is a journalist with Silicon Republic