The global ransomware landscape saw a huge shift in 2024, with total ransom payments decreasing by approximately 35% year-over-year, according to a Chainalysis report.
This decline marks a turning point in the fight against cyber extortion, driven by increased law enforcement actions, stronger international collaboration, and a growing trend of victims refusing to pay attackers.
Ransomware Tactics Evolve Amid Declining Payments
With fewer victims willing to pay, ransomware operators have adapted by refining their tactics. Attackers are now launching faster operations, initiating negotiations within hours of data exfiltration.
Many cybercriminal groups have rebranded or reused existing ransomware code from leaked or purchased strains, leading to the emergence of new variants such as Akira/Fog and INC/Lynx.
The range of attackers remains diverse, spanning nation-state actors, ransomware-as-a-service (RaaS) operators, and independent cybercriminals.
In some cases, data theft extortion groups, such as those involved in the Snowflake breach, have focused more on stealing sensitive data rather than encrypting systems.
Chainalysis Reports Mid-Year Surge Followed by Sharp Decline
Ransomware payments in 2024 totaled approximately $813.55 million—way lower than the $1.25 billion recorded in 2023. However, the first half of the year suggested a different trajectory, reports Chainalysis.
By June 2024, cybercriminals already extorted around $459.8 million, a slight 2.38% increase compared to the same period in 2023.
This early surge was fueled by a few exceptionally large payments, including a record-breaking $75 million ransom paid to Dark Angels.
Despite the strong start, the latter half of the year saw a dramatic slowdown, with payments dropping by approximately 34.9% after July.
This trend mirrors previous mid-year declines in ransomware revenues observed since 2021, but the 2024 drop was far steeper than in prior years.
Law Enforcement and Victim Resistance Drive Decline
Several key factors contributed to the reduction in ransom payments.
Global law enforcement agencies have ramped up operations against ransomware groups, leading to arrests, infrastructure takedowns, and increased cooperation between governments and cybersecurity firms.
According to the report, improved cyber defenses, better backup strategies, and stricter regulations around ransom payments have empowered victims to resist extortion demands.
As ransomware continues to evolve, cybersecurity experts anticipate further shifts in attack strategies.
However, the declining trend in payments suggests that businesses and governments are making progress in disrupting the ransomware economy—an encouraging sign for the future of cybersecurity.
The post Ransomware Payments Drop 35% in 2024 as Victims Refuse to Pay Hackers: Chainalysis appeared first on Cryptonews.
