A
A
Lien
copié
Home»News»Tech
News
Crypto
:
Ransomware
attacks
jump
50%
in
2025,
but
ransoms
decline
10h05
▪4min
read
▪
byLydie
M.
Getting
informed▪CybersécuritéSummarize
this
article
with:ChatGPTPerplexityGrok
One
might
think
that
“more
attacks”
=
“more
money.”
In
2025,
reality
took
a
twist.
According
to
Chainalysis,
ransomware
groups
have
multiplied
breaches
(nearly
8,000
leak
events,
+50%
year
on
year),
but
on-chain
payments
reportedly
fell
to
around
$820M
(≈
-8%).
In
other
words:
they
are
more
active…
for
a
less
generous
harvest.
Read
us
on
Google
News
In
brief
In
2025,
ransomware
attacks
climb
50%
while
on-chain
ransoms
drop
overall.
Under
regulatory
pressure,
groups
mainly
target
SMEs
because
they
pay
quickly,
often
still.
Cheaper
victim
access,
infostealers
and
AI
automate,
massively
multiplying
intrusions
and
phishing.
An
industry
that
focuses
on
volume
(and
smaller
targets)
The
biggest
change
isn’t
“technical.”
It’s
business-related.Chainalysisdescribes
a
shift:
fewer
spectacular
strikes
against
giants,
more
serial
attacks
against
SMEs/ETIs.
The
idea
is
simple:
a
small
structure
has
less
time,
fewer
proper
backups,
fewer
lawyers…
so
it
“pays
quickly.”
This
trendsays
something
quite
cold:
ransomware
increasingly
resembles
a
production
line.
The
goal
isn’t
necessarily
the
jackpot.
It’s
a
steady
cash
flow.
And
when
the
“big”
ones
refuse
to
pay,
the
machine
targets
more
vulnerable
victims.
Even
specialized
observers
agree:
Corsin
Camichel
(eCrime.ch)
talks
about
a
structural
crypto
shift
towards
less
“headline”
intrusions
but
more
numerous
ones.
It’s
not
a
detail.
It’s
a
strategy.
Your
1st
cryptos
with
CoinbaseThis
link
uses
an
affiliate
program.
Why
ransoms
decline
despite
crypto
attacks
explosion
First
explanation:
pressure.
Chainalysis
highlights
regulatory
surveillance,
crackdown
actions
targeting
laundering
rails,
and
especially
a
very
human
thing:
more
organizations
refusing
to
pay.
When
the
probability
of
collecting
drops,
the
model
weakens.
Second
important
nuance:
“on-chain”
figures
are
often
revised.
Chainalysis
reminds
that
the
amounts
attributed
can
increase
over
months,
as
new
addresses
and
flows
are
identified
(as
happened
for
2024).
So
“$820M”
isn’t
a
truth
carved
in
stone:
it’s
a
snapshot
at
time
T.
Third,
more
paradoxical
point:
the
report
also
notes
that
the
median
ransom
reportedly
rose
significantly
(nearly
$60,000,
+368%
year
on
year).
Translation:
fewer
payments
(or
fewer
large
payments),
but
when
they
pay…
it
can
sting.
An
extortion
economy,
rarer
and
pricier.
“Discount”
access
+
AI:
the
formula
for
an
easier
attack
Where
the
system
becomes
worrying
is
upstream.
The
“access
price”
to
a
victim,
sold
on
dark
markets
via
access
brokers,
reportedly
dropped
from
around
$1,427
in
early
2023
to
$439
in
early
2026.
When
entry
costs
less,
more
people
try
their
luck.
And
while
ransomware
is
watched,
the
Crypto
ecosystem
also
takes
hits
from
something
else:
social
engineering.
CertiK
estimates
that
in
January
2026,
around
$370.3M
were
stolen
via
exploits
and
scams,
including
$311.3M
attributed
to
phishing.
It’s
the
same
logic
as
ransomware:
industrializing
access,
then
monetizing
fast.
Chainalysis
talks
about
a
flooded
market:
cheap
tools,
multiple
ransomware
strains,
and
especially
infostealer
logs
that
reduce
the
work
needed
to
start
an
attack.
Add
AI
blocks
to
automate
lure
writing,
sorting
credentials,
or
personalization…
and
you
get
a
mechanical
rise
in
“operational
yield.”
And
at
the
same
time,Chainalysis
also
observes
an
85%
increase
in
crypto
usein
trafficking
networks,
a
sign
these
same
“rails”
serve
multiple
crimes.
Maximize
your
Cointribune
experience
with
our
"Read
to
Earn"
program!
For
every
article
you
read,
earn
points
and
access
exclusive
rewards.
Sign
up
now
and
start
earning
benefits.
Join
the
program
A
A
Lien
copié
Lydie
M.
Enseignante
et
ingénieure
IT,
Lydie
découvre
le
Bitcoin
en
2022
et
plonge
dans
l’univers
des
cryptomonnaies.
Elle
vulgarise
des
sujets
complexes,
décrypte
les
enjeux
du
Web3
et
défend
une
vision
d’un
futur
numérique
ouvert,
inclusif
et
décentralisé.
DISCLAIMER
The
views,
thoughts,
and
opinions
expressed
in
this
article
belong
solely
to
the
author,
and
should
not
be
taken
as
investment
advice.
Do
your
own
research
before
taking
any
investment
decisions.