Key Insights into Cryptocurrency Illicit Activity: Mid-Year Update
Major Trends
- Decrease in Aggregate Illicit Activity: Year-to-date, aggregate illicit activity on the blockchain has fallen by nearly 20%, indicating a faster growth rate for legitimate cryptocurrency transactions compared to illicit ones.
- Rise in Stolen Funds and Ransomware: Despite the overall decline, two types of illicit activities have seen increases. Stolen funds have surged from $857 million to $1.58 billion, while ransomware inflows have grown by about 2%, from $449.1 million to $459.8 million.
Stolen Funds
- Increased Average Theft Amount: The average cryptocurrency stolen per heist has risen by almost 80%. This increase is partly due to the higher price of Bitcoin (BTC), which now makes up 40% of the total stolen volume. Cybercriminals are increasingly targeting centralized exchanges rather than decentralized finance (DeFi) protocols.
- Advanced Techniques: Sophisticated cybercriminals, including those linked to North Korea, are using advanced methods such as social engineering to steal funds from crypto-related services.
Ransomware Trends
- Record-Breaking Year: 2024 is on track to become the highest-grossing year for ransomware payments. This increase is driven by strains conducting fewer high-profile attacks but demanding large ransoms, with the largest recorded payment being approximately $75 million to the Dark Angels ransomware group.
- Rising Ransom Amounts: The median ransom payment for severe strains has jumped from just under $200,000 in early 2023 to $1.5 million by mid-June 2024. This suggests a shift towards targeting larger businesses and critical infrastructure.
- Evolving Ecosystem: Recent law enforcement actions have disrupted major ransomware groups like ALPHV/BlackCat and LockBit, leading some affiliates to either join less effective strains or develop their own.
Positive Developments and Emerging Trends
- Mainstream Acceptance: 2024 has seen continued mainstream acceptance of cryptocurrency, with the approval of Bitcoin and Ethereum ETFs in the U.S. and updates to FASB’s accounting rules. However, as adoption grows, so does illicit activity.
- Increased Legitimate Inflows: Inflows to legitimate services are at their highest since 2021, reflecting continued global crypto adoption. Conversely, inflows to risky services, such as mixers and unregulated exchanges, are higher than last year.
Detailed Analysis of Illicit Activity
- Surge in Stolen Funds: The value of stolen cryptocurrency has nearly doubled this year, reaching $1.58 billion through July. This increase is partly due to rising cryptocurrency prices, particularly Bitcoin, which has seen its average price rise by 130% from last year.
- Shift in Targeting: Crypto thieves are increasingly targeting centralized exchanges rather than DeFi services. For instance, the DMM hack, which involved a $305 million theft, highlighted this trend.
- Sophisticated Attacks: Cybercriminals are employing advanced social engineering tactics to infiltrate centralized exchanges, which are becoming the primary targets for high-value thefts.
Looking Ahead
While the overall illicit activity has declined, the rise in stolen funds and ransomware payments indicates that certain sectors are experiencing increased threats. As cryptocurrency adoption continues to expand, both legitimate and illicit activities are evolving, necessitating ongoing vigilance and adaptation to new threats.