Blockchain analysis firm Chainalysis has released its “2024 Crypto Crime Mid-year Update Part 1” report. The report indicates that while overall illicit activity on the blockchain has decreased by nearly 20% year-to-date, certain categories of criminal behavior, such as stolen funds and ransomware, are seeing a worrying increase.

Chainalysis highlighted that legitimate crypto activity is growing faster than its illicit counterpart, contributing to the overall decline in criminal transactions. However, the drop in aggregate illicit activity masks troubling trends in specific areas.

One of the report’s most concerning findings is the near doubling of inflows from stolen funds, which have surged from $857 million to $1.58 billion in 2024. The average amount of cryptocurrency stolen per incident has also increased by almost 80%. This spike is partly attributed to the rising value of Bitcoin (BTC), which now constitutes 40% of the transaction volume linked to these thefts.

Interestingly, crypto thieves seem to be shifting their focus back to centralized exchanges, which have become more frequent targets compared to decentralized finance (DeFi) protocols. While DeFi had been a popular avenue for criminals in recent years, the resurgence in targeting centralized platforms suggests a return to more traditional methods of cryptocurrency theft.

Advanced cybercriminals, including those connected to North Korea, are increasingly using off-chain techniques, such as social engineering, to infiltrate crypto services and steal funds.

Ransomware remains another significant area of concern in 2024. Chainalysis reported that the year is on track to become the most profitable yet for ransomware attacks, with ransomware inflows rising slightly by approximately 2%, from $449.1 million to $459.8 million. The increase is largely driven by a shift in strategy among ransomware operators, who are focusing on fewer but more lucrative high-profile attacks—a tactic known as “big game hunting.”

One of the most alarming developments in this space is the record-setting $75 million ransom paid to the Dark Angels ransomware group, the largest such payment ever recorded. The median ransom demand for the most severe ransomware strains has also surged, from just under $200,000 in early 2023 to a staggering $1.5 million by mid-June 2024. This suggests that ransomware groups are increasingly targeting large enterprises and critical infrastructure providers, which are more likely to pay hefty ransoms due to their financial resources and the critical nature of their operations.

The ransomware ecosystem has also seen some fragmentation due to law enforcement actions against major players like ALPHV/BlackCat and LockBit. These disruptions have forced some affiliates to switch to less effective strains or even develop their own, potentially leading to a more chaotic but still dangerous landscape.

Featured Image via Pixabay