50% Rise in Ransomware Attacks Even as Payments Drop
Chainalysis, Report
|
Even though fewer victims chose to pay the ransom in 2025, the number of ransomware attacks rose by 50%. |
For victims who did pay, the ransom amount rose dramatically, rising 368% year over year to almost $60,000. Chainalysis saw $820 million in total ransom payments last year.
Researchers
|
Ransomware attackers received approximately $820 million in on-chain payments in 2025, down 8% from our revised 2024 estimate of $892 million.
Similar to how our 2024 total increased from our initial $813 million projection this time last year, the 2025 total is expected to approach or surpass $900 million as we ascribe more events and payments.
The experts also point out that the extent of ransomware's harm is not fully captured by the quantity of ransom payments.
Revenue figures alone cannot tell the story of ransomware in 2025.
Payments decreased slightly, but attacks' scope, sophistication, and strategic impact kept growing. Extortion affected businesses of all sizes, from regional healthcare systems to multinational automakers, disrupting operations, undermining trust, and resulting in systemic costs that far outweigh on-chain ransom totals. |
According to Chainalysis, ransomware gangs are changing and enhancing their strategies in order to extract as much money as they can from their victims.
Researchers
In this regard, the ransomware environment in 2025 is best described by adaptation rather than retreat: extortion strategies are still developing, allowing players to extract value and harm outside of conventional payment channels.
This highlights a fundamental reality of the contemporary ransomware period for both defenders and legislators: in order to reduce the overall damage caused by these complex threats, an effective response necessitates both strong defenses and strategic resilience.
|
Note: Now, most of you might be working in a company or maybe running a company and want security against ransomware, but don’t know how to. For such clients, Craw Security offers dedicated VAPT Services for websites and will be responsible for maintaining the standards of their security measures. Get your first dedicated service from Craw Security! |
Helpful Resources
- What Is Open-Source Intelligence (OSINT)? | PhishNext
- What Is AI Security Posture Management (AI-SPM)?
- Winner of the AI Arms Race: Threat Actors vs Cybersecurity Defenders
- Phishing Simulation: How It Works to Reduce Risk? | PhishNext
- 50% Rise in Ransomware Attacks Even as Payments Drop
- Top Tools That Hackers Use to Weaponize Emails | PhishNext
- Top Six Key Benefits & Core Features of Endpoint Security | PhishNext
- AI and Vishing Social Engineering Risks Aiming Businesses
- Phishing Scam Targets India AI Impact Summit Attendees: Urgent Security Advisory
- Even After AI Improves Secure Development, Why Cybersecurity Still Matters
