Bitcoin btc
$ usd

Ransomware Payments Hit At Least $600M in 2021: Chainalysis Report

2 mins
Updated by Andrew Rossow
Join our Trading Community on Telegram

In Brief

  • Chainalysis' latest report revealed that Ransomware-as-a-Service (RaaS) methods are to blame for the increasingly high number of ransomware payouts.
  • Initial figures for 2021 suggest that this year’s amount of $602M will eventually be revealed to have far exceeded last year’s $692 million figure.
  • Last year experienced an increase in the number of active strains and money extorted by them with groups like Conti and DarkSide.
  • promo

As of 2021, the number of ransomware cryptocurrency payments nearly doubled, hitting an estimated $602 million, according to Chainalysis.

In its latest report published on February 10, Chainalysis noted that it updates previous years’ estimates retroactively upon further identification of funds, believing the final number to be exponentially greater than what has been estimated thus far at $602 million.

From approximately $692 million taken in 2020, last year’s ransomware payouts were specifically the result of “strains” – a specific type of ransomware where hackers request exorbitant amounts of funds that should be paid only through cryptocurrency (rather than traditional forms of payment and fiat).

In contrast to the sharp rise in the past two years, Chainalysis previously detected only $152 million in payments in 2019 and a mere $39 million in 2018. 

Ransomware-as-a-Service (RaaS) and strains to blame?

Throughout 2021, at least 140 strains received payment from victims, up from 119 in 2020 and 70 in 2019. Most strains arrive and depart in phases, becoming dormant after appearing for a short time. 

While Chainalysis data largely reflected this trend, it recognized that one of the biggest ransomware strains last year in terms of revenue came from the Russian-based group Conti, who used ransomware-as-a-service (RaaS), where the group extorted nearly $180 million in revenue from its victims.

As the report continued, DarkSide was the second biggest strain last year. Notorious for its infamous attack on the U.S. Colonial Pipeline, DarkSide extorted $5 million in Bitcoin (BTC), seizing an additional $75 million in other hacks. Unfortunately, the Colonial Pipeline was only able to recover $2.5 million of the total paid out.

Big game hunting

While the average ransomware payment size in 2019 was $25,000, it has since multiplied to $88,000 in 2020 and over $118,000 in 2021. The report cites one reason for the increase in ransom sizes is the “focus on carrying out highly-targeted attacks against large organizations.” 

Third-party providers using RaaS business models facilitate this “big game hunting” approach for ransomware attackers. Looking at the longevity of third-party attackers such as Conti, it’s only fair to lean towards RaaS as a major catalyst for its revenue gain.

What do you think about this subject? Write to us and tell us!


In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content.

Nicholas Pongratz
Nick is a data scientist who teaches economics and communication in Budapest, Hungary, where he received a BA in Political Science and Economics and an MSc in Business Analytics...