Ransomware gangs stole more than $1 billion in 2023, the largest amount ever recorded, according to a report published Wednesday by blockchain analysis firm Chainalysis Inc.
With ransomware hacks, cybercriminals block access to a victims’ data or files until they pay an extortion fee, typically through cryptocurrency. In 2023, hackers nearly doubled the funds stolen in 2022 and exceeded previous records made in a ransomware boom during the pandemic, according to the report. Chainalysis said ransomware hackers made off with $567 million in 2022.
The commercialization of ransomware — a phenomenon in which advanced hackers sell malware to others and take a cut of the proceeds — has made it easier to conduct such breaches. The professionalization of the crime led to an increase in the number of threat actors in 2023, said Jackie Burns Koven, head of cyber threat intelligence at Chainalysis.
Ransomware gangs are increasingly turning to a “big game hunting” strategy, which means they conduct fewer attacks throughout the year but collect bigger payments each time, sometimes extorting $1 million within a single attack, the report noted.
In one extreme example, ransomware gang Cl0p racked up over $100 million in ransom payments by targeting the popular file transfer application MOVEIt, used by over thousands of organizations globally, according to Chainalysis. Some high-profile victims of the hack included oil and gas company Shell, U.S. federal government agencies and British Airways.
Other active players during the year included ALPHV-BlackCat and Scattered Spider, responsible for infiltrating casino giants MGM Resorts International and Caesars Entertainment in September, and LockBit, a group that offers ransomware as a service.