According to a recent mid-year report by blockchain analysis firm Chainalysis, hackers are increasingly turning their attention back to centralised exchanges (CEXs), resulting in a significant surge in stolen funds.
Despite ongoing efforts to enhance security, the total value of stolen crypto has soared, with advanced cybercriminals using sophisticated methods, including social engineering tactics, to breach these platforms.
Meanwhile, ransomware payments have hit alarming new highs, setting 2024 on course to be the worst year on record for ransomware attacks.
Crypto thieves return
For several years, decentralised platforms had been the primary focus of cyberattacks. However, this year has seen a notable shift back to targeting centralised exchanges.
Criminals have stolen over $1.5 billion in cryptocurrency during the first half of 2024, marking an 84% increase compared to the same period last year.
This sharp rise comes despite only a slight 2.76% uptick in the number of hacking incidents. The average value stolen per hack, however, has surged by 79%.
A significant factor contributing to this trend is the increase in the price of bitcoin. Bitcoin-related transaction volumes account for 40% of the value of stolen funds, up from 30% last year.
Centralised exchanges, which often handle large amounts of bitcoin, are becoming prime targets for attackers.
Notably, North Korean-linked hacking groups are reported to be behind several major heists, including the DMM exchange hack, which resulted in a loss of approximately 4,500 $BTC worth $305 million.
These criminals are not just relying on technical vulnerabilities. Some attackers have taken to applying for IT jobs within targeted firms, enabling them to access sensitive information and execute their plans from within.
Despite centralised exchanges implementing more robust security measures, the potential rewards make them attractive targets for increasingly sophisticated criminal networks.
Ransomware hits new highs
2024 is on track to become the highest-grossing year for ransomware payments.
Chainalysis reported that ransomware payments have already reached $459.8 million by mid-year, surpassing the $449.1 million recorded during the same period last year.
The largest single ransomware payment ever recorded, $75 million, was made to the Dark Angels ransomware group earlier this year.
The tactics used by ransomware attackers have evolved, with a trend known as “big game hunting” becoming more prevalent.
Attackers are targeting large corporations and critical infrastructure providers, which are more likely to pay substantial ransoms due to their financial resources and the essential nature of their services.
This has driven up the median ransom payment from under $200,000 in early 2023 to $1.5 million by mid-2024.
The ransomware ecosystem has also become more fragmented, as law enforcement actions against major groups like ALPHV/BlackCat and LockBit have disrupted their operations.
Despite these disruptions, new and smaller groups have emerged, contributing to the ongoing surge in ransomware activity.
While victims are paying ransoms less frequently, the overall impact of ransomware attacks continues to worsen, with both the scale and frequency of attacks increasing.
Positive signs amid rising threats
Despite the troubling increase in stolen funds and ransomware, there are some encouraging developments in the crypto ecosystem.
Chainalysis reports a nearly 20% year-on-year decline in aggregate illicit activity on blockchains. This drop reflects the growth of legitimate transactions outpacing the rise in criminal activity.
From $20.9 billion last year, illicit transactions have fallen to $16.7 billion in 2024, indicating that the overall ecosystem is becoming safer as crypto adoption expands.
“This decline in illicit activity shows that criminal elements are becoming a shrinking part of the crypto world”, said the Cybercrimes research lead at Chainalysis, Eric Jardine.
He noted that the increasing share of legitimate activity underscores the continued mainstream adoption of cryptocurrencies.
Nevertheless, as crypto continues to gain traction, both legitimate users and bad actors will continue to evolve.
Criminals will likely adopt new tactics to exploit vulnerabilities, even as law enforcement agencies improve their methods for tracking and disrupting these activities.
While the fight against crypto crime is far from over, the balance appears to be tipping in favour of legitimate users.