Illegal blockchain activity has fallen by about 20% since the beginning of the year, but stolen funds and ransomware entries continue to rise, analysts at Chainalysis say.
According to a mid-year report from blockchain analytics firm Chainalysis, illicit cryptocurrency activity has decreased by nearly 20% since the beginning of the year, a positive sign for the growing legitimacy of the sector.
Despite the decline, the company said there were still worrying trends in certain types of cybercrime, with funds stolen in crypto heists nearly doubling to $1.58 billion in the first half of 2024, while ransomware entries rose 2% to $459.8 million.
Hacking activity since January 2024 | Source: Chainalysis
Chainalysis attributed the increase in stolen funds to a resurgence in attacks on centralized exchanges, bucking a trend where hackers have focused on decentralized finance. The New York-based firm noted that the overall number of hacks only “marginally outpaced” the number in 2023, but the average value stolen per incident increased by almost 80% in 2024, driven in part by rising crypto prices.
“The average amount of value compromised per incident, based on the value of assets at the time of the theft, has increased by 79.46%, from $5.9 million per incident in January-July 2023 to $10.6 million per incident to date in 2024.”
Chain analysis
Ransomware also remains a persistent threat, on track to surpass last year’s record-breaking $1 billion ransom payment in 2024. Chainalysis says the largest ransomware payment ever recorded came in 2024, at around $75 million to the Dark Angels ransomware group.
Maximum ransom payments by year | Source: Chainalysis
The ransomware landscape has fragmented somewhat following law enforcement actions against major players like ALPHV/BlackCat and LockBit, but some affiliates have shifted to less potent strains or launched new ones, increasingly targeting “larger enterprises,” according to the report.
While the overall decline in illicit activity is encouraging, Chainalysis notes that the continued rise in stolen funds and ransomware payments demonstrates the evolving tactics of cybercriminals.
There is an Elephant in the Room
Centralized crypto exchanges are not only frequent targets for hackers, but also play a major role in laundering stolen assets. Chainalysis previously found that trading platforms have received nearly $100 billion worth of crypto from known illicit addresses since 2019, pointing to a troubling lack of international cooperation in anti-money laundering efforts.
According to the company, around 30% of all crypto from illicit addresses eventually ends up on sanctioned services, including Russian exchange Garantex. The peak came in 2022, when $30 billion worth of “dirty crypto” interacted with such services, underscoring the ongoing challenges in combating crypto-based money laundering.