Crypto criminals got away with $5B less in 2020 as scam revenue falls

Published at: Feb. 17, 2021

Revenue from crypto-related crime dropped by more than half in 2020 according to Chainalysis’ annual report on the subject.

Cybercriminals netted around $5 billion less than the $10 billion plus they got away with in 2019, representing a 53% fall.

Transactions involving illicit funds have decreased even more rapidly than the total volume of those funds, falling from 2.1% of all transactions analyzed in 2019 down to just 0.34% last year.

Among the eight categories of transactions deemed “illicit” by Chainalysis, the dollar amount of crypto taken in by scams decreased the most, by 71% to $2.6B, largely due to the fact that 2019’s multi-billion dollar PlusToken scandal dwarfed anything seen in 2020 so far. 

Overall crypto crime volume — including the proceeds of crime and the attempts to launder it — fell from above $20B in 2019 to around $10B last year.

But it’s not all good news and possibly the most alarming part of the report is the finding that ransomware-related theft rose 311% from 2019 to 2020, representing an additional loss of more than $250 million in 2020 compared to 2019. 

Even with a year-over-year increase in ransomware and darknet market activity, Chainalysis says the outlook on crypto crime “has never been better,” thanks to recent advancements in regulatory and compliance processes.

“The good news is three-fold: Cryptocurrency-related crime is falling, it remains a small part of the overall cryptocurrency economy, and it is comparatively smaller to the amount of illicit funds involved in traditional finance.”

Chainalysis’ conclusions broadly echo those put forth in a recent report by security firm CipherTrace, which found that crypto-related crime dropped by 57% in 2020.

"Cryptocurrency-related crime is falling, it remains asmall part of the overall cryptocurrency economy, and it is comparatively smaller to the amount of illicit funds involved in traditional finance" from @chainalysis 2020 report: [pdf] https://t.co/yhC5dc2kOI pic.twitter.com/azpIcKjLMP

— exiledsurferrrrrrrrrrrrrrrrrrrrrrrrrrrr (@exiledsurfer) February 11, 2021

According to Chainalysis, the big rise in ransomware is due to the introduction of “new strains taking in large sums from victims,” which, when combined with pre-existing ransomware strains, accounted for nearly $350 million of cryptocurrency theft in 2020.

Although the origins of ransomware attacks may seem disparate and random, Chainalysis believes that the infrastructure attackers need to launder crypto into cash “may be controlled by just a few key players,” similar to the origins of the ransomware itself.

THREAD: Here's a quick summary of the our takeaways on money laundering in cryptocurrency. https://t.co/Ca9piHaAL8 https://t.co/eMaztAmZpl

— Chainalysis (@chainalysis) February 12, 2021

Chainalysis also notes that the increasing collection of personal identifying information from exchanges has effectively forced criminals to “rely on a surprisingly small group of service providers” to exchange ill-gotten crypto holdings into fiat.

“In the long run, (compliance) efforts by exchanges will also remove some of the incentive to use cryptocurrency in criminal activity, as it will become much harder for cyber criminals to convert cryptocurrency into cash if they can’t use exchanges.”

Last month, the Department of Justice announced it had confiscated $454,000 in cryptocurrency from a ransomware operator; the bust being the result of a collaboration with Chainalysis.

Tags
Related Posts
Digital intelligence must overcome challenges to solving crypto crimes
While the value of cryptocurrencies has varied wildly in the last year, this has not diminished crypto’s attractiveness to criminals. Many of them are moving their illegal activities underground and outside the view of law enforcement. Because of the public nature of most blockchains, however, this rapid movement shouldn’t be a major concern to law enforcement agencies. With the right tools and training, following the proceeds of crypto-enabled crime is actually not as difficult as it may seem. However, intelligence agencies must have a cryptocurrency investigation plan that includes the right tools to lawfully collect digital evidence and the properly …
Technology / Aug. 20, 2021
UK High Court Orders Freeze on $1M of Bitcoin in Ransomware Case
A United Kingdom High Court ordered a proprietary injunction on Bitcoin (BTC) obtained through a ransomware attack on a Canadian insurance company. A proprietary injunction is an order which prevents a person from dealing with their own assets when it is subject of a proprietary claim. On Jan. 17, the UK High Court released documents concerning a ransomware attack, in which over 1,000 computers of the insurance company were rendered unusable through the use of malware that encrypted files, making them unaccessible. The unidentified attackers demanded $1.2 million in Bitcoin in exchange for decrypting the data. The firm’s insurer covered …
Bitcoin / Jan. 28, 2020
Hackers Stole and Encrypted Data of 5 U.S. Law Firms, Demand 2 Crypto Ransoms
Hackers compromised five United States law firms and demanded two 100 Bitcoin (BTC) (over $933,000 at press time) ransoms from each firm: one to restore access to the data, one to delete their copy instead of selling it. According to data shared with Cointelegraph by cybersecurity firm Emsisoft, the hacker group — called Maze — already started publishing part of the data stolen from the aforementioned firms. Two of the five law firms were hacked within the 24 hours leading to Feb. 1. The hackers published the data on two websites that were shared with the author of this article, …
Bitcoin / Feb. 3, 2020
Maze Hacker Group Claims Infecting Insurance Giant Chubb with Ransomware
Black hat hacker group, Maze, claims to have used ransomware to compromise the systems of insurance giant, Chubb. They also claim to have stolen the firm’s data. Brett Callow, threat analyst at cybersecurity firm, Emsisoft, told Cointelegraph on March 27 that Maze published the claim on its website. While the website does not provide any direct proof of the hack so far, Callow pointed out facts that give the claim an air of credibility: “Maze’s past victims include governments, law firms, healthcare providers, manufacturers, medical research companies, healthcare providers and more.” Maze’s modus operandi Callow explained that the group usually …
Bitcoin / March 29, 2020
Ransomware Gangs Are Teaming Up to Form Cartel-Style Structures
Recent ransomware attacks from well-known cybercriminal groups have been suggesting that gangs are forging cartel-style alliances to pressure their respective victims to pay the ransom requests. Cointelegraph has obtained access to what seems to be a darknet site that belongs to the Maze group. On the site, Maze has been leaking stolen data beginning sometime after Sunday. The central feature to highlight is that the gang notes that Ragnar Locker, another ransomware group, provided the info, as the title of the blog post says: “MAZE CARTEL Provided by Ragnar.” Some of the victims listed are United States-based companies. Speaking with …
Bitcoin / June 9, 2020