This website does not cater to a British audience. If you are visiting this website from the United Kingdom, kindly leave this site without delay.

Ransomware and Darknet Market Activities in Crypto Crimes 2023

Isabella S. | 26 January 2024

Decline in Overall Crypto-Related Crimes in 2023, Yet Ransomware and Darknet Market Activities Soar

A recent report by blockchain analysts reveals a noteworthy decrease in crypto-related crimes throughout 2023. However, a closer look at the findings underscores a significant surge in ransomware and darknet market activities involving cryptocurrencies.

Ransomware Inflows Hit New Heights

Eric Jardine, a cybercrime researcher, sheds light on the concerning trend. He points out that ransomware and darknet market wallets experienced increased inflows in 2023 compared to the previous year when measured in euros. In the realm of ransomware, heightened inflows indicate that victims – individuals to critical infrastructure providers – are paying larger ransoms after falling prey to cyberattacks by malicious actors.

Darknet Markets: A Resilient Ecosystem

Jardine notes that the surge in darknet market activities can be attributed to the recovery of the illicit darknet ecosystem. The closure of Hydra Marketplace in 2022, one of the largest darknet marketplaces, reduced the inflows to darknet markets that year. However, this closure also triggered increased darknet market activity throughout 2023.

Historical Context: Cryptocurrency and Darknet Marketplaces

Another researcher draws attention to the historical use of cryptocurrencies in darknet marketplaces. Notable examples include The Silk Road, known for utilising Bitcoin in money laundering and illegal drug transactions, and the closure of Abraxas in 2015. Surprisingly, in 2023, an entity moved 4,800 BTC – valued at €144 million – from a wallet tied to Abraxas.

Ransomware Attacks on the Rise

Beyond darknet markets, ransomware attacks involving cryptocurrency witnessed a substantial increase in the past year. According to a bug bounty platform Immunefi report, the top 10 crypto-ransomware attacks since 2020 have profited €69,316,140 in Bitcoin. 

Nir Duan, CEO of Sayfer – a blockchain cybersecurity company, attributes this surge to the prevalence of malware-as-a-service (MaaS). Duan emphasises that these services allow individuals to execute attacks without advanced technical skills.

Evolving Threats: Phishing and “Crypto Drainer” Malware

Duan points to the rise of phishing-as-a-service infrastructure, citing examples like pig butchering schemes. These schemes involve enticing individuals to deposit money using various tactics, resulting in substantial financial losses.

Additionally, a recent report from cybersecurity company Group-IB highlights the increasing use of “crypto drainer” malware. The Inferno Drainer, a phishing operation functioning under the “scam-as-a-service” model, compromised approximately 130,000 victims and stole nearly €87 million of digital assets in 2023.

Responding to the Surge in Crypto Crimes

Efforts are underway to combat the escalating threat of ransomware and darknet market crimes. The creation of The Darknet Marketplace and Digital Currency Crimes Task Force in June 2023 aims to target “cryptocurrency-enabled crimes” such as drug trafficking, money laundering, and child exploitation.

Jardine emphasises the role of law enforcement in locating and apprehending perpetrators. He notes that the traceability of blockchains facilitates such enforcement actions.

Proactive Measures and Future Outlook

Despite the challenges, proactive measures are being taken. Duan shares that Sayfer is developing an on-chain-off-chain investigation tool to detect underlying infrastructure used in attacks, aiming for a more effective defence against evolving malware techniques.

However, Duan and Jardine express concerns about the persistence and growth of ransomware and darknet market crimes using cryptocurrency. Duan cites the franchising of malware tools and advancing technology as contributors to the continued rise in criminal activities.

In conclusion, while the use of cryptocurrency grows, enforcement actions and proactive measures become crucial to mitigate the impact of these evolving cyber threats. The landscape of crypto-related crimes is dynamic, demanding ongoing adaptation and collaboration across sectors to maintain a safer digital environment.


Restricted Service Availability for Retail Clients in the UK. Please note that the services provided on this platform are presently unavailable to Retail Clients residing in the United Kingdom.