Cybercriminals stole about US$1.1 billion ($1.48 billion) worth of crypto through ransomware attacks in 2023, a 94% y-o-y increase or the most that has been stolen in all of crypto forensics firm Chainalysis’ history of reporting on crypto crimes.
Chainalysis says that 2023 was a “watershed year” for ransomware with “growing intensity and sophistication of attacks”, in which there were 538 new ransomware variants last year alone. The attacks were carried out by a variety of actors from large syndicates, to smaller groups and even individuals.
This finding is part of Chainalysis’ yearly crypto crime report, which details the data and research behind crypto crimes over a year.
The total funds stolen by ransomware in 2023 is a 94% increase of the amount stolen in 2022, which stood at US$567 million, but Chainalysis says that 2022 sticks out as an “anomaly, not a trend”.
The decrease in funds stolen in 2022 could be attributed to geopolitical events, and the infiltration of the Hive ransomware strain by the Federal Bureau of Investigation, which prevented US$130 million in theft.
Looking at 2023, some ransomware strains have grown more sophisticated. A strain known as Cl0p, has been able to steal bigger volumes of funds, up to US$1 million at a time or more. Another strain known as Phobos, have adopted a Ransomware-as-a-Service (RaaS) model, in which outsiders can access the malware to carry out attacks, and in exchange pay for the strain’s core operators a cut of the proceeds.
See also: Who is Justin Sun, the China-born crypto founder who made a US$6.2 mil bid for a banana?
Meanwhile, the stolen crypto funds have largely ended up in centralised exchanges, but 2023 saw alternatives such as instant exchangers, bridges and gambling services being used.
Chainalysis attributes this to the implementation of more robust anti-money laundering/know your customer (AML/KYC) policies within centralised exchanges.
Earlier chapters of the 2024 crypto crime report by Chainalysis found that the number of North Korean-linked hacks of cryptocurrency platforms rose to a record high in 2023, though the actual amount of funds stolen dropped around 40%.
See also: UBS South-APAC CIO would hold ‘at least 10%’ of personal assets in crypto if allowed
In a series of 20 hacks throughout the year, cybercriminals linked to the Democratic People’s Republic of Korea syphoned slightly more than US$1 billion worth of cryptocurrency, compared to US$1.7 billion in 2022.
It also found that the total value of illegal gains from cryptocurrency crimes around the world went down in 2023 after peaking in 2022.
The global amount received by illicit cryptocurrency addresses in 2023 fell 39% to US$24.2 billion, down from US$39.6 billion in 2022, largely due to the exclusion of FTX creditor claims of US$8.7 billion in 2023.
