Ransomware is now a billion-dollar market

Analysis of ransomware payments reveals several interesting trends

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

An analysis of several hundredcryptocurrency walletsused forransomware-related payments has revealed transactions totaling over a whopping $5 billion.

Ablockchainanalysis by the US Treasury Department’s Financial Crimes Enforcement Network (FinCEN) of transactions tied to the 177 convertible virtual currency (CVC) wallets, has identified roughly $5.2 billion in outgoingbitcoin (BTC)transactions potentially tied to ransomware payments.

“Wallets associated with the 10 [ransomware] variants examined sent BTC valued at $5.2 billion to known entities, directly or indirectly, including 51% to exchanges, 43% to other CVC services, five percent to darknet marketplaces, and one percent to mixing services,”the FinCEN reportreveals.

We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.

Click here to start the survey in a new window«

To compile the report, FinCEN analyzed 2184 suspicious activity reports (SAR) filed between January 1, 2011, and June 30, 2021.

Growth of ransomware

FinCEN noticed that the number of ransomware-related SARs filed monthly between 1 January 2021 and 30 June 2021, has grown rapidly, with 635 SARs filed and 458 transactions reported during that time.

Interestingly, the number represents a growth of 30% from the total of 487 SARs filed in the entirety of 2020. As a direct consequence of the increase, the total value of the suspicious activity reported in the first six months of 2021 was $590 million, which far exceeds the total value reported for the 2020, which was $416 million.

FinCEN’s crunching of the reported data revealed that the mean average total monthly amount of ransomware transactions was $66.4 million, while the median average was $45 million.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Ransomware trends

In the report, FinCEN identified 68 ransomware variants with REvil/Sodinokibi, Conti, DarkSide, Avaddon, and Phobos emerging as the most commonly reported variants, while Bitcoin emerged as the favourite cryptocurrency for accepting payments.

FinCEN also identified several money laundering typologies employed by the ransomware threat actors in 2021. These include requesting payments in Anonymity-enhanced Cryptocurrencies (AECs), avoiding reusing wallet addresses, “chain hopping” and cashing out at centralized exchanges, and using mixing services and decentralized exchanges to convert proceeds.

“FinCEN analysis of ransomware-related SARs filed during the first half of 2021 indicates that ransomware is an increasing threat to the US financial sector, businesses, and the public,” FinCEN opines.

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

Washington state court systems taken offline following cyberattack

Your doctor may have an AI assistant taking notes during your next Zoom call