{"id":45972,"date":"2021-07-13T10:37:51","date_gmt":"2021-07-13T07:37:51","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=45972"},"modified":"2025-09-01T14:00:01","modified_gmt":"2025-09-01T11:00:01","slug":"bitcoin-ransomware-operators-received-more-than-33-million-in-2021","status":"publish","type":"post","link":"https:\/\/u1f987.com\/en\/bitcoin-ransomware-operators-received-more-than-33-million-in-2021\/","title":{"rendered":"Bitcoin ransomware operators received more than $33 million in 2021"},"content":{"rendered":"<p>In 2021, more than $33 million in cryptocurrency was sent to addresses associated with ransomware, according to data from <a href=\\\"http:\/\/ransomwhe.re\\\">Ransomwhere<\/a>.<\/p>\n<p>The service was launched by Jack Cable, an engineer at the cybersecurity-focused Krebs Stamos Group. The tool tracks payments to ransomware operators, collecting information about attacks from affected users and verifying the credibility of those reports.<\/p>\n<p>The project team hopes Ransomwhere will help gauge the spread of malware and devise effective measures to combat it.<\/p>\n<p>According to Cable, it is impossible to analyse the consequences of ransomware attacks without exhaustive publicly available data on the total number of payments in their favour. He explained that having such information would help determine whether certain actions change the situation for the better.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Today, there\u2019s no comprehensive public data on the total number of ransomware payments. Without such data, we can\u2019t know the full impact of ransomware, and whether taking certain actions changes the picture.<a href=\\\"https:\/\/t.co\/vOQg2gAd9B\\\">https:\/\/t.co\/vOQg2gAd9B<\/a><\/p>\n<p>\u2014 Jack Cable (@jackhcable) <a href=\\\"https:\/\/twitter.com\/jackhcable\/status\/1413211729727827969?ref_src=twsrc%5Etfw\\\">July 8, 2021<\/a><\/p><\/blockquote>\n<p> <script async=\\\"\\\" src=\\\"https:\/\/platform.twitter.com\/widgets.js\\\" charset=\\\"utf-8\\\"><\/script><\/p>\n<p>According to the service, in 2021 the largest ransomware was REvil (Sodinokibi) from the eponymous hacking group. Its victims paid more than $11.3 million. In second place was Netwalker (Mailto); its developers and affiliated individuals received more than $5.7 million.<\/p>\n<figure class=\\\"wp-block-image size-large\\\"><img loading=\\\"lazy\\\" decoding=\\\"async\\\" width=\\\"1024\\\" height=\\\"305\\\" src=\\\"https:\/\/u1f987.com\/wp-content\/uploads\/ransomware-1024x305.png\\\" alt=\\\"Bitcoin ransomware operators received more than $33 million in 2021\\\" class=\\\"wp-image-142268\\\" srcset=\\\"https:\/\/u1f987.com\/wp-content\/uploads\/ransomware-1024x305.png 1024w, https:\/\/u1f987.com\/wp-content\/uploads\/ransomware-300x89.png 300w, https:\/\/u1f987.com\/wp-content\/uploads\/ransomware-768x229.png 768w, https:\/\/u1f987.com\/wp-content\/uploads\/ransomware.png 1358w\\\" sizes=\\\"auto, (max-width: 1024px) 100vw, 1024px\\\" \/><figcaption>Payments to ransomware-linked addresses in 2021. Data: Ransomwhere.<br \/><\/figcaption><\/figure>\n<p>The total damage could more than double if the REvil <a href=\"https:\/\/u1f987.com\/en\/news\/revil-hackers-breached-thousands-of-companies-and-demanded-a-70-million-ransom-in-bitcoin\">receives $70 million<\/a>, which they demanded from victims in early July.<\/p>\n<p>According to Chainalysis, ransomware attacks are becoming increasingly profitable. In 2019, addresses tied to malware received $92.94 million in cryptocurrency, and in 2020 the figure rose to $406.34 million.<\/p>\n<blockquote class=\\\"twitter-tweet\\\">\n<p lang=\\\"en\\\" dir=\\\"ltr\\\">If you\u2019re following the news, you know ransomware isn\u2019t slowing down in 2021. Read our research on the latest trends, including 2021 ransomware totals, why attackers are commanding higher ransoms, and an uptick in attacks from Russia-affilated groups. <a href=\\\"https:\/\/t.co\/Juldk2eCwb\\\">https:\/\/t.co\/Juldk2eCwb<\/a><\/p>\n<p>\u2014 Chainalysis (@chainalysis) <a href=\\\"https:\/\/twitter.com\/chainalysis\/status\/1393235072334114816?ref_src=twsrc%5Etfw\\\">May 14, 2021<\/a><\/p><\/blockquote>\n<p> <script async=\\\"\\\" src=\\\"https:\/\/platform.twitter.com\/widgets.js\\\" charset=\\\"utf-8\\\"><\/script><\/p>\n<p>U.S. President Joe Biden deemed tracking cryptocurrency transactions <a href=\"https:\/\/u1f987.com\/en\/news\/biden-administration-to-study-use-of-cryptocurrencies-in-ransomware-attacks\">one of the possible options for fighting ransomware<\/a>.<\/p>\n<p>Jake Williams, chief technology officer of BreachQuest, noted that the United States does not have difficulty with ransomware operators\u2014 the problem lies in weak cybersecurity infrastructure.<\/p>\n<blockquote class=\\\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\\\">\n<p>\u201cPolicy-makers should take a holistic approach to cybersecurity, not merely discuss the visible aspects of outages. Solving the ransomware issue will still leave us unprotected,\u201d wrote the expert.<\/p>\n<\/blockquote>\n<p>Cable agreed that ransomware is merely a &#8220;symptom&#8221;. He argued that we need to &#8220;raise the bar for security at the national level&#8221; while not abandoning economic pressure on operators of such software.<\/p>\n<blockquote class=\\\"twitter-tweet\\\">\n<p lang=\\\"en\\\" dir=\\\"ltr\\\">Yes. Ransomware is a symptom of the problem. Not to say that we shouldn\u2019t take actions to disrupt ransomware economics or apply international pressure (we should), but more fundamentally we need to raise the bar of security nationally. <a href=\\\"https:\/\/t.co\/JtIWRKW2Ym\\\">https:\/\/t.co\/JtIWRKW2Ym<\/a><\/p>\n<p>\u2014 Jack Cable (@jackhcable) <a href=\\\"https:\/\/twitter.com\/jackhcable\/status\/1414605411194482690?ref_src=twsrc%5Etfw\\\">July 12, 2021<\/a><\/p><\/blockquote>\n<p> <script async=\\\"\\\" src=\\\"https:\/\/platform.twitter.com\/widgets.js\\\" charset=\\\"utf-8\\\"><\/script><\/p>\n<p>In Congress, it is argued that <a href=\"https:\/\/u1f987.com\/en\/news\/opinion-ransomware-programs-threaten-bitcoins-legitimacy\">ransomware operators are capable of burying Bitcoin&#8217;s reputation<\/a>, as the first cryptocurrency is involved in illicit transactions.<\/p>\n<p>In June, the U.S. Department of Justice <a href=\"https:\/\/u1f987.com\/en\/news\/us-raises-the-priority-of-cyberattack-investigations-to-the-level-of-terrorism-cases\">raised the priority of investigations into cyberattacks<\/a> to the level of terrorism cases.<\/p>\n<p>Read ForkLog&#8217;s Bitcoin news in our <a href=\\\"\/\/telegram.me\/forklog\\\" target=\\\"\u201c_blank\u201d\\\" rel=\\\"\u201cnofollow\u201d noopener\\\">Telegram<\/a> \u2014 cryptocurrency news, rates and analytics.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>In 2021, more than $33 million in cryptocurrency was sent to ransomware-linked addresses, according to data from Ransomwhere.<\/p>\n","protected":false},"author":1,"featured_media":45973,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1154],"class_list":["post-45972","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-crimes"],"aioseo_notices":[],"amp_enabled":true,"views":"19","promo_type":"1","layout_type":"1","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/45972","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/comments?post=45972"}],"version-history":[{"count":1,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/45972\/revisions"}],"predecessor-version":[{"id":45974,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/45972\/revisions\/45974"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media\/45973"}],"wp:attachment":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media?parent=45972"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/categories?post=45972"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/tags?post=45972"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}