Ransomware victims have paid $81M this year: Chainalysis report

Ransomware attacks are becoming a global threat and across the world, hackers are making headlines by taking over the systems of some of the biggest companies and institutions. According to the latest report by Chainalysis, ransomware attacks have led to over $81 million in ransom payments globally in the first four months of 2021.

The report consisted of data up to May 10, revealing that victims of ransomware have paid the hackers at least $81 million. Chainalysis added, “Again though, $81 million must be considered a floor for the time being, as the figure will almost certainly grow as we identify more ransomware addresses.”

The attackers are following up on the rampant attacks in 2020, a year in which they caused the most damage yet. As CoinGeek reported in February, ransomware attacks saw over $406 million in digital currency ransom payments. This year, the hackers have continued to wreak havoc, with BTC, ETH and USDT being the most favored digital currencies for the illicit payments.

One of the trends that were clear from the Chainalysis report is the surge in the value of the average ransom payment. The New York-based analytics firm stated, “Prior to Q1 2020, we never saw a ransomware payment above $6 million, but since then have seen at least one per quarter.”

The report linked the rising average payment to a rise in payments to ancillary services. These illicit third-party service providers have been critical to the rise of ransomware, which include infrastructure-as-a-service providers and hacking tools providers. In the first quarter of 2021, these third parties reportedly received their highest share of the ransomware payments yet.

DarkSide leads the ransomware rise

DarkSide has been the most rampant ransomware this year, according to the Chainalysis report. The ransomware grabbed global headlines after attackers used it to infiltrate Colonial Pipeline, the largest pipeline system for refined oil products in the United States. The firm had to pay 75 BTC on May 8 after the ransomware crippled its operations, leading to widespread fuel shortages in the country.

According to Chainalysis data, DarkSide has accounted for about 75% of this year’s ransomware payments.

In a separate report, London-based blockchain analytics firm Elliptic revealed that the BTC address belonging to DarkSide has received other ransom payments aside from Colonial Pipeline.

“Our analysis shows that the wallet has been active since 4th March 2021 and has received 57 payments from 21 different wallets. Some of these payments directly match ransoms known to have been paid to DarkSide by other victims,” Elliptic wrote.

These payments include a $4.4 million ransom payment by Brenntag, a German chemical distribution company. Brenntag, which has the second highest chemical sales in North America, stood to lose 150GB of data to the hackers. The hackers reportedly even provided screenshots to prove they had access to the company’s data.

In total, DarkSide has received over $17.5 million in BTC since it set up its wallet in early March.

See also: CoinGeek Live presentation on Blockchain Intelligence: Analytics, Forensics & Compliance Tools for Bitcoin SV

New to Bitcoin? Check out CoinGeek’s Bitcoin for Beginners section, the ultimate resource guide to learn more about Bitcoin—as originally envisioned by Satoshi Nakamoto—and blockchain.

[10]
[10]
[id^="_form"]
[id^="_form"]
[id$="_submit"]
[id$="_submit"]
[^;]
[^;]
['on' + event]
['on' + event]
[?&]
[?&]
[^&#]
[^&#]
[(d+)]
[(d+)]
[i]
[i]
[results[1]]
[results[1]]
[elem.name]
[elem.name]
[+_a-z0-9-'&=]
[+_a-z0-9-'&=]
[+_a-z0-9-']
[+_a-z0-9-']
[a-z0-9-]
[a-z0-9-]
[a-z]
[a-z]
[el.name]
[el.name]
[10]
[10]
[id^="_form"]
[id^="_form"]
[id$="_submit"]
[id$="_submit"]
[^;]
[^;]
['on' + event]
['on' + event]
[?&]
[?&]
[^&#]
[^&#]
[(d+)]
[(d+)]
[i]
[i]
[results[1]]
[results[1]]
[elem.name]
[elem.name]
[+_a-z0-9-'&=]
[+_a-z0-9-'&=]
[+_a-z0-9-']
[+_a-z0-9-']
[a-z0-9-]
[a-z0-9-]
[a-z]
[a-z]
[el.name]
[el.name]