EN
  • Cyber stability
  • Secops
  • Risks management
  • Digital transformation
  • Digital Sovereignty
  • Cybercrime
  • Industry and OT
  • Fraud
  • Digital identity
  • Cyber +
    • United States: $2.1 Billion Paid to Ransomware Gangs Between 2022 and 2024
    • Home
    • Cybercrime
    • United States: $2.1 Billion Paid to Ransomware Gangs Between 2022 and 2024

    United States: $2.1 Billion Paid to Ransomware Gangs Between 2022 and 2024

    Written by
    The Editorial Team
    12.11.25
    Cybercrime
    01
    MIN
    United States: $2.1 Billion Paid to Ransomware Gangs Between 2022 and 2024
    United States: $2.1 Billion Paid to Ransomware Gangs Between 2022 and 2024
    United States: $2.1 Billion Paid to Ransomware Gangs Between 2022 and 2024
    Image Dark web: from the theft of customer databases to the resale of access, anatomy of the data available
    Cybercrime
    03.02.26 Cybercrime
    Next article
    Dark web: from the theft of customer databases to the resale of access, anatomy of the data available
    Read
    05
    MIN
    Image Canada: Quebec School Service Centre Hit by Cyberattack
    Cybercrime
    02.19.26 Cybercrime
    Next article
    Canada: Quebec School Service Centre Hit by Cyberattack
    Read
    01
    MIN
    Image The National File of Bank Accounts Hacked: 1.2 Million Accounts Exposed
    Cybercrime
    02.19.26 Cybercrime
    Next article
    The National File of Bank Accounts Hacked: 1.2 Million Accounts Exposed
    Read
    01
    MIN
    Image Ransomware: Russian Phobos Affiliate Appears Before a French Court
    Cybercrime
    02.17.26 Cybercrime
    Next article
    Ransomware: Russian Phobos Affiliate Appears Before a French Court
    Read
    01
    MIN
    After peaking in 2023, the amount of ransoms reported to the U.S. Treasury Department declined in 2024.

    The Financial Crimes Enforcement Network (FinCEN) of the U.S. Department of the Treasury released a report in early December 2025 detailing the sums paid to ransomware gangs by their victims. The study is based on an analysis of 4,194 payments reported between January 1, 2022, and December 31, 2024, under the Bank Secrecy Act, amounting to a total of $2.1 billion (€1.8 billion).

    According to FinCEN, law enforcement operations targeting the ALPHV/BlackCat and LockBit gangs contributed to a significant drop in ransom payments between 2023 and 2024, even though the number of incidents remained relatively stable. Over the period analyzed, the most active ransomware groups were:

    • ALPHV/BlackCat: $395 million (€339 million) collected across 353 attacks;
    • LockBit: $252 million (€216 million) across 353 attacks;
    • BlackBasta: $138 million (€118 million) across 171 attacks;
    • Akira: $121 million (€104 million) across 376 attacks;
    • Hive: $96 million (€82 million) across 77 attacks.
    The Editorial Team
    12.11.25
    Articles by the same author:
    1
    03.06.26 Risks management
    0-day attacks increasingly target the private sector
    Read
    01
    MIN
    2
    03.06.26 Cybercrime
    The leader of the Phobos ransomware gang pleads guilty before U.S. justice
    Read
    01
    MIN
    3
    03.03.26 Cyber stability
    NATO Authorizes the Use of iPhones for Classified Data
    Read
    02
    MIN
    4
    03.03.26 Cyber +
    The United States Exclude Anthropic from Federal Agencies
    Read
    02
    MIN
    Image Dark web: from the theft of customer databases to the resale of access, anatomy of the data available
    Cybercrime
    03.02.26 Cybercrime
    Next article
    Dark web: from the theft of customer databases to the resale of access, anatomy of the data available
    Read
    05
    MIN
    Image Canada: Quebec School Service Centre Hit by Cyberattack
    Cybercrime
    02.19.26 Cybercrime
    Next article
    Canada: Quebec School Service Centre Hit by Cyberattack
    Read
    01
    MIN
    Image The National File of Bank Accounts Hacked: 1.2 Million Accounts Exposed
    Cybercrime
    02.19.26 Cybercrime
    Next article
    The National File of Bank Accounts Hacked: 1.2 Million Accounts Exposed
    Read
    01
    MIN
    Image Ransomware: Russian Phobos Affiliate Appears Before a French Court
    Cybercrime
    02.17.26 Cybercrime
    Next article
    Ransomware: Russian Phobos Affiliate Appears Before a French Court
    Read
    01
    MIN
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.