Blockchain analytics firm Chainalysis released its 2025 crypto crime report, revealing that ransomware payments fell sharply by 35% to $813 million in 2024, compared to $1.25 billion in the previous year.

Despite an initial increase in the value stolen by cybercriminals in the first half of 2024, the latter half saw a significant decrease in payments, resulting in an overall drop.

The decline in ransomware payments has been attributed in part to the actions taken against cryptocurrency exchanges used by cybercriminals to launder funds. Sanctions against the Russia-based Cryptex exchange and the seizure of 47 Russian language non-KYC crypto exchanges by the German Federal Criminal Police have hindered ransomware groups' ability to convert their cryptocurrency into fiat.

Jacqueline Burns Koven, Chainalysis' Head of Cyber Threat Intelligence, noted that ransomware operators are showing unprecedented restraint in cashing out, likely due to a heightened fear of being traced and prosecuted with the assistance of crypto investigation tools.

Chainalysis also observed a growing trend of victims refusing to meet ransomware demands. Despite an increase in the number of ransomware attacks, there was a 53% gap between the ransom amounts demanded and the actual payments made in the second half of 2024. This suggests that more victims are resisting payment, with those who do pay typically sending between $150,000 and $250,000.

The report indicates a significant shift in the cybersecurity landscape, with the decline in ransom payments pointing to the impact of law enforcement efforts, improved international cooperation, and a greater reluctance among victims to comply with ransom demands.

Koven remarked that the decrease in payments to levels lower than those seen in 2020 and 2021 highlights the effectiveness of these measures against what was once feared to be an impending ransomware apocalypse.

This article was generated with the support of AI and reviewed by an editor. For more information see our T&C.