Chainalysis, one of the United-states-based blockchain intelligence company ensures that 64% of ransomware attackers cash-out strategies consist of laundering of funds due to cryptocurrency exchanges. The data was first unveiled to Cointelegraph via a webinar on May 30.

A ransomware attack mainly consists of the target with malware and demand of a ransom payment, many times entitled in cryptocurrencies. The payment is required in return for the superficial delivery of a decryptor tool which helps victims recover access to their data.

Chainalysis offers blockchain analysis tools which allow firms, governments, and law enforcement to track blockchain transactions and assumed illegal activities. It also ensures that the 64% of the ransomware attackers launder their illegal funds through crypto exchanges.

Chainalysis had seemingly found 38 exchanges without mentioning their names which directly obtained funds from the addresses linked with a ransomware attack.

Apart from various cash-out strategies analyzed, 12% includes mixing services and 6% consists of peer-to-peer networks, however, others have gone through merchant services providers or dark web marketplaces. 9% of ransomware revenue has remained unspent. 

The analysis also found that the ransomware attacks mainly consist of less complex cash-out networks when compared with crypto exchange hacks. Chainalysis stated that this happens only when hack includes a large sum of money leaving a popular exchange, often getting high-media publicity, and demanding the hackers to hide the flow of funds more robustly.

In contrast, ransomware campaigns mainly consist in small discrete sums to multiple addresses and are seemingly less publicized, hence neglecting intense, instant review.

Apart from the cash-out strategies, Chainlysis also found a change in the ransomware threat landscape. Earlier, attackers used to conduct wide and shallow attacks. In these attacks, they were infecting a large number of instant victims and requesting small amounts in ransom to decrypt files.  However, the current analysis suggests that the attackers are shifting to targets with illegally or highly sensitive data and increasing the amount of ransom payment demanded.

As per the latest report, Coveware Q1 2019 Global Ransomware Marketplace unveiled that the Bitcoin (BTC) remains to account the majority of the share, which is 98% of whole crypto payments.  Chainalysis report also discovered that the average sum demanded in attacks is increased from 89% from an average $6,733 in Q4 2018 to $12,762 in Q1 2019.