Ransomware attacks and similar extortion schemes took in an estimated $144 million in the course of 7 years. FBI estimates show most of the ransoms were paid in Bitcoin (BTC) and went straight to mixers or exchanges.
FBI supervisory special agent, Joel DeCapua, shared the US agency’s discoveries during the RSA Conference 2020. He explained that any BTC or other coins acquired went immediately to coin mixers, or were sold on exchanges. But there is also a curious reason why so much was paid in ransoms – the companies affected may make an insurance claim.
” No one wants to pay the ransom actors. I think a lot of companies get insurance now. They say, ‘Well, if we are hit by ransomware, we are just going to defer to what our insurance company wants to do… They can say it wasn’t their choice to pay the ransom, because like I said, no one wants to pay the ransom. So I think that because ransom payments are insurable, I think it has caused more ransoms to be paid. “
Ransomware attacks have been linked to both Russian and North Korean hackers. The attack message usually contains a bitcoin address and instructions on how to acquire and send coins. However, paying the ransom on some occasions has left the files locked, hence the advice to avoid paying.
The $144 million paid in ransoms is rather small and spread out in comparison to exchange hacks and general crypto scams. Those accounted for billions in the past few years. Ransoms in BTC, however, spread a negative message about crypto coins as a tool for illegal activities.