Key Insights:
- Crypto news indicates that the number of ransomware attacks increased in the past year.
- As per a report by Chainalysis, attacks increased, but ransom payments remained flat.
- The report indicated a total count of more than 8,000 ransomware events.
Ransomware gangs had a busy year in 2025. But here’s the kicker, even though they hit more victims, they didn’t make more money because victims have been unwilling to pay.
According to a Chainalysis report, on-chain ransom payments slipped by about 8% to roughly $820 million, even as claimed attacks surged by around 50%.
Crypto News: Ransomware Attacks Accelerated by 50% in 2025
As per the latest crypto news report by Chainalysis, ransomware incidents soared in 2025 by roughly 50%. The firm counted close to 8,000 leak events, which is a big jump from 2024. Yet the amount of ransom paid on-chain came in at around $820 million. That’s about 8% lower than the year before.
Put simply, there were more break-ins, but less cash flowing back to the attackers.
A few things help explain the gap. To start, the heat is rising. Chainalysis pointed to stronger regulatory pressure and increased law enforcement action, especially against networks that help criminals move and launder stolen funds. When the money is harder to launder, it becomes harder to enjoy the payout.
In addition, most big corporations and blue-chip companies are hesitant to pay ransom and would rather rebuild. As such, these companies have employed all available security measures. They improved backup systems and tightened response strategies by learning from previous attacks.
So, the attackers adjusted. Instead of focusing mainly on huge companies that can write massive checks, many groups shifted toward smaller and mid-sized businesses. These firms often lack full-time security teams or robust recovery systems.
The thinking is that a smaller company might feel cornered and pay quickly to get back to work. However, the numbers suggest that strategy isn’t a goldmine either. Corsin Camichel, the founder of eCrime.ch, said in a recent crypto news commentary that the data points to a real shift.
There are more public claims of attacks, more names posted on leak sites, and more noise overall. Yet payments are still sliding. That mismatch matters because it hints at a tougher business model for criminals. They may be putting in more effort just to pull in the same amount, or even less, than before.
The Cost of Hacking Has Gone Down
Another big factor is price. Getting into a company’s systems has become cheaper on underground markets. Chainalysis said the average price for “victim access” on dark web forums fell from about $1,427 at the start of 2023 to around $439 at the start of 2026.
When access is that cheap, more people can play the game. And when more attackers flood the space, competition rises, and profits get squeezed.
Then there’s the tool problem. Ransomware has become easier to run than it used to be, according to recent crypto news. Chainalysis said cheap ransomware strains and ready-made hacking kits are widely available.
Some groups also use AI tools to move faster, from writing convincing scam messages to sorting stolen files. The report also mentioned the spread of infostealer logs, which often contain usernames and passwords that criminals can reuse. All of this lowers the skill level needed to launch an attack. It also means more attacks, more often.
Meanwhile, ransomware is only part of the bigger mess. Crypto-related crime in early 2026 shows the damage isn’t slowing overall. CertiK reported that roughly $370.3 million was stolen in January through exploits and scams. Most of that came from phishing alone, at about $311.3 million.
The takeaway is clear. Ransomware isn’t fading. It’s spreading. But the payoff looks weaker than it used to be. Attackers are swinging more often, yet they’re landing fewer big wins.