In the first half of 2024, ransomware victims have paid a staggering $459.8 million to cybercriminals, positioning this year to potentially surpass previous records if this trend continues.

Last year, ransomware payments hit an all-time high of $1.1 billion, a figure Chainalysis had predicted early on when ransomware activity had already grossed $449.1 million by mid-year. Now, ransomware payments are approximately 2% higher than they were at this time last year, despite significant efforts by law enforcement to disrupt large ransomware operations like LockBit.

According to a recent report by Chainalysis, this rise in payments is primarily driven by ransomware groups focusing on larger targets, aiming to extract hefty sums by threatening significant operational disruptions and the exposure of sensitive customer data.

“2024 is poised to be the highest-grossing year yet for ransomware payments, largely because ransomware strains are executing fewer but more lucrative attacks,” the Chainalysis report notes.

This year has also seen the largest recorded ransom payment to date—a massive $75 million paid to the Dark Angels ransomware group. While the identity of the victim remains undisclosed, cybersecurity firm Zscaler identified the payment as having been made by a Fortune 50 company following an attack earlier this year.

Buy Me a Coffee

The trend towards targeting larger organizations is further evidenced by the sharp increase in the median ransom payment, which soared from under $199,000 in early 2023 to $1.5 million by June 2024.

Despite the increase in ransom amounts, the total number of confirmed ransomware attacks has only grown by 10% year-over-year in 2024, according to eCrime.ch intelligence. Similarly, the number of victims listed on extortion portals on the dark web has also seen a comparable rise.

READ
‘Disable Admin Notices Individually’ Plugin Exposes 100,000+ Sites to Risk

Interestingly, the number of organizations that choose to pay ransoms in exchange for decryptors and promises not to leak stolen data is continuing to decline. Chainalysis data shows that overall ransomware payment events have dropped by 27.27% compared to last year, indicating that fewer companies are yielding to extortion.

This trend aligns with earlier findings from Coveware, which reported that ransom payments hit a record low of just 28% in the first quarter of 2024.