Ransomware has already cost victims $45 million in 2021

William S. | July 27, 2021

Cybercriminals have started to use double extortion methods in ransomware attacks. Attackers not only encrypt your data but also threaten to sell confidential information of your business if the ransom is not paid. That leaves some organizations with no other choice but to pay criminals.

According to the data presented by the Atlas VPN, ransomware has already cost victims $45 million in 2021. Some of the ransom payments made this year are the largest ones we have seen yet.

The data is based on numbers collected by the ransomwhe.re website, which is an open, crowdsourced ransomware payment tracker.

Conti ransomware group has received the most payments in ransom, nearly $13 million in total. Conti is double extortion ransomware, which not only encrypts data but also threatens to leak it online. The group primarily targets organizations such as hospitals, 911 dispatch carriers, law enforcement agencies, causing life-threatening situations. In 2022, Conti group experienced a hack themselves.

The second most payments were taken by REvil / Sodinokibi group, which extorted $12.13 million in 2021 so far. REvil is a Russian-based criminal group, and they are one of the most prominent ransomware as a service providers (RaaS). REvil targets large organizations, which enables them to obtain massive ransom payments.

The DarkSide group forced $4.67 million in ransom out of their victims in 2021. They announced their RaaS in August of 2020 and became known for their professional operations and large ransoms. DarkSide has publicly stated that they do not attack schools, hospitals, or other non-profit organizations but rather large businesses.

RagnarLocker extorted $4.54 million in ransom, and MountLocker took away $4.22 million from their victims in 2021.

Largest ransomware payments this year

Many hacker groups target specifically large organizations as their disruption would cause the most damage. Some companies might pay a ransom just so their business could go back to normal as soon as possible without affecting more people. Considering the volumes of ransomware, protection becomes critical.

World’s largest meat producer JBS USA fell victim to the REvil attack and paid one of the largest ransoms of all-time — $11 million (301 bitcoins). JBS was forced to shut down some of its food production sites on May 31st, affecting thousands of employees. Such an attack threatened to disrupt the food supply chain and raise already high food prices.

DarkSide ransomware attack on Colonial Pipeline cost the organization $4.4 million (75 bitcoins). Luckily, the FBI could recover $2.3 million (64 bitcoins) by tracing down the criminal’s wallet. Due to the attack, many Americans had to deal with gas shortages and price spikes for weeks to come.

Backup appliance maker Exagrid paid $2.6 million (50.75 bitcoins) to Conti ransomware hackers. Cybercriminals stole 800GB of data related to employees, customers, and other confidential information. Hackers threatened to sell the stolen data on the dark web if Exagrid did not pay the ransom.

Cybercriminals can shut down huge organizations, highlighting a massive issue — many companies have left their infrastructure and cybersecurity vulnerable to hackers. Businesses must take responsibility and secure their systems before hackers can launch even more disruptive attacks.

To know more about the cybersecurity landscape, be sure to check our Cybercrime Statistics.

William S.

William S.

Cybersecurity Researcher and Publisher at Atlas VPN. Focused on revealing the latest cybersecurity trends around the world.



© 2023 Atlas VPN. All rights reserved.