This Crowdsourced Ransomware Payment Tracker Shows How Much Cybercriminals Have Heisted

Ransomware assaults are on the rise, however quantifying the scope of the issue may be difficult when solely probably the most high-profile circumstances make headlines. Enter Ransomwhere, the crowdsourced ransomware cost tracker with a punny identify which means to shine a light-weight on these cyberattacks which have more and more rattled governments and companies world wide. Jack Cable, a safety architect on the cybersecurity consulting agency Krebs Stamos Group, launched the positioning on Thursday.

“Today, there’s no comprehensive public data on the total number of ransomware payments,” Cable wrote on Twitter. “Without such data, we can’t know the full impact of ransomware, and whether taking certain actions changes the picture. Ransomwhere aims to fill that gap…”

The manner it really works is Ransomwhere retains a working tally of ransoms paid out to cybercriminals within the bitcoin cryptocurrency. This is essentially made potential due to the clear nature of bitcoin: All transactions involving the cryptocurrency are recorded on the blockchain, a decentralized database that acts as a public ledger, thus permitting anybody to trace any transactions particularly related to ransomware teams.

Ransomwhere collects this knowledge and makes it obtainable to the general public for anybody to view or obtain. And as a result of the positioning is crowdsourced, it additionally incorporates knowledge from self-reported incidents of ransomware assaults, which anybody can submit. To make certain these experiences are the actual deal, every is required to incorporate a screenshot of the ransomware cost demand, and each case is reviewed manually earlier than being made publicly obtainable, in accordance with its FAQ page. If an authorised report’s authenticity is later referred to as into query, moderators can strike it from the report.

Since the U.S. greenback worth of bitcoin is consistently fluctuating, Ransomwhere calculates every ransom quantity primarily based on the bitcoin change charge on the day that the transaction was despatched. By extension, the exact quantity the cybercriminals walked away with may very well be completely different relying on once they determined to promote their spoils.

So far in 2021, the Russia-linked cybercriminal gang that took credit score for the Kaseya and JBS assaults, REvil, is main the pack by a mile with greater than $11 million in ransom funds, in accordance with Ransomwhere. Coming in second with 6.2 million is Netwalker, probably the most widespread ransomware-as-a-service choices on the darkish net. Though it must be famous that Netwalker has the doubtful honor of racking up probably the most ransom funds of all time, with roughly $28 million to its identify primarily based on the positioning’s knowledge.

REvil might quickly surpass that report if its latest calls for for $70 million are met. That’s how a lot the gang requested for on Sunday to publish a common decryptor that will unlock all computer systems affected within the Kaseya hack, a provide chain assault that has crippled greater than 1,000 firms worldwide and prompted a federal investigation.

They’re not the one ones getting in on the grift. The FBI obtained almost 2,500 ransomware complaints final yr, a roughly 20% improve in comparison with 2019, in accordance with its annual Internet Crime Report. All instructed, the collective value of those assaults amounted to roughly $29.1 million in damages, up from $8.9 million in 2019. Worse nonetheless, each tallies are anticipated to leap even additional in 2021.