But in fact, both law enforcement operations may be more successful than it appears. Alphv received the money after receiving its $ 22 million ransom from health change, so -called “outbound fraud” and disappeared instead of sharing it with hacker partners who had violated change. Lockbit, also in the months following the NCA siege, was out of the map due to the lack of confidence of the cyber basement to the group and its claimed leader, Dimitri Khouroshaf. In May 2024, Khoroshev was also boycotted by the US Treasury, making it much more complicated for the victims of the lock to pay their ransom.
While the remaining vacuum by those key players in the ransom ecosystem was filled by newer groups in the second half of 2024, many of them did not have the skills and experience to defend Lockbit and Alphv for big goals as well as Lockbit and Alphv. Burns Koven says. According to him, the result was much smaller, often in tens of thousands of dollars instead of millions or tens of millions.
“Their talent is not as strong as their predecessors,” says Burns Kuwait, a new generation of ransomware. “We are witnessing a hangover from these law enforcement houses, not only directly targeting people and malware, but also targeting infrastructure and tools and services used to help stimulate these attacks. “
“Last year, the ransomware events were more ransom than last year,” says Allan Liska, a threatening information analyst focused on ransom recorded in the future security company. The company listed 4,634 attacks against 4,400 in 2024 in 2023. “What we see in terms of payment is a reflection of the newer threat actors that you can create in the ransomware with the amount of money they see, you try to get into the game and not be very good,” says Lisca. Human
In addition to the important measures of law enforcement at the beginning of 2024, the chain reduces payment in the second half of the year to raise global awareness of ransom threats and leads to more mature defense and response programs in governments and other institutions. Become. And Bronz Kuwao adds: Adjustment and suppression of law enforcement in money laundering infrastructure, including mixers that help criminals, become anonymous and obtain their own source of encrypted currencies, as well as ransom actors’ abilities to handle payments. They have been eliminated without specialized knowledge.
While payment reduction in the second half of 2024 is significant for the largest Chainalysis data, the number of ransomware attacks and the volume of payments has been fluctuated and decreased before. Noteworthy, the researchers saw a significant decline in activity in 2022, the year that the chain paid $ 655 million compared to $ 1.07 billion in 2021 and nearly $ 1 billion in 2020. With work, ransomware increased $ 1.25 billion in that year as a threat to even worse, given the number of chainalysis.
