Chainalysis has released the report, entitled 2024 Crypto Crime Mid-year Update Part 1: Cybercrime Climbs as Exchange Thieves and Ransomware Attackers Grow Bolder
As noted in the report from Chainalysis, aggregate illicit activity on-chain “has dropped by almost 20% year-to-date, demonstrating that legitimate activity is growing more quickly than illicit activity.”
Chainalysis pointed out that despite the “decline in illicit transactions compared to this time last year, two categories of illicit activity — stolen funds and ransomware — are on the rise.”
As stated in the report from Chainalysis, stolen funds inflows “nearly doubled from $857 million to $1.58 billion, while ransomware inflows rose by approximately 2%, from $449.1 million to $459.8 million.”
The Chainalysis report added that the “average amount of cryptocurrency stolen per heist increased by almost 80%.”
Part of this is attributable to the rise in “the price of bitcoin (BTC), which accounted for 40% of the total transaction volume associated with these heists.”
Chainalysis also mentioned that crypto thieves also “appear to be returning to their roots by targeting centralized exchanges with greater frequency rather than prioritizing DeFi protocols, which are less popular vehicles for trading BTC.”
Advanced cybercriminals, including IT workers “linked to North Korea, are increasingly leveraging off-chain methods, such as social engineering, to steal funds by infiltrating crypto-related services.”
Chainalysis also note that 2024 is set to be “the highest-grossing year yet for ransomware payments, due in no small part to strains carrying out fewer high-profile attacks, but collecting large payments (known in the industry as ‘big game hunting’).”
2024 has seen the largest ransomware payment ever “recorded at approximately $75 million to the Dark Angels ransomware group.”
Chainalysis added that the median ransom payment “to the most severe ransomware strains has spiked from just under $200,000 in early 2023 to $1.5 million in mid-June 2024, suggesting that these strains are prioritizing targeting larger businesses and critical infrastructure providers that may be more likely to pay high ransoms due to their deep pockets and systemic importance.”
The ransomware ecosystem has “undergone some fragmentation due to recent law enforcement disruptions of the largest players, such as ALPHV/BlackCat and LockBit. Following these disruptions, some affiliates have migrated to less effective strains or launched their own strains.”
Chainalysis also shared that 2024 has seen “a number of positive developments for the cryptocurrency ecosystem.”
In many ways, crypto has continued to gain “mainstream acceptance, following the approval of spot Bitcoin and Ethereum exchange-traded funds (ETFs) in the United States and revisions to the Financial Accounting Standards Board (FASB)’s fair accounting rules.”
But as with any new technology, adoption will grow among “both good and bad actors. And while illicit activity is down year-to-date (YTD) compared to previous years, crypto inflows to specific cybercrime-related entities show some worrying trends.”
So far this year, Chaianlysis revealed that inflows “to legitimate services are the highest they’ve been since 2021, the previous bull market peak.”
According to the Chainalysis report, this encouraging sign “points to the continued adoption of crypto globally. Inflows to risky services (made up primarily of mixers and exchanges that do not collect KYC information) are trending higher than they were at this point last year. Meanwhile, aggregate illicit activity fell YTD by 19.6%, dropping from $20.9B to $16.7B, demonstrating that legitimate activity is growing faster than illicit activity on-chain.”
As always, they have to caveat by saying that “these illicit figures are lower bound estimates based on inflows to illicit addresses we’ve identified today.”
Chainalysis concluded that over time, these totals will “almost certainly be higher, as they attribute more illicit addresses and incorporate their historic activity into our data.”