This Crowdsourced Ransomware Tracker Exposes Hackers' Fast-Growing Bitcoin War Chest

researcher and white hat hacker creates ransomwhere website that tracks ransomware payments
Ransomware incidents are on the rise worldwide with no end in sight, and trying to fight back is like trying to punch a ghost, it seems. However, using empirical data and evidence, we can figure out what does and does not work to smother ransomware. Thanks to a new website called Ransomwhere, anyone can now track this evidence and figure out the full impact of ransomware while looking at the big picture.

Last week, white-hat hacker Jack Cable announced the crowdsourced ransomware payment tracker website Ransomwhe.re. He explained that “there's no comprehensive public data on the total number of ransomware payments” and that without this, “we can't know the full impact of ransomware, and whether taking certain actions changes the picture.” Thus, he created this website that relies on people to report their ransomware incidents which are then manually approved to prevent abuse.

chart researcher and white hat hacker creates ransomwhere website that tracks ransomware payments

At the time of writing, there are 2,547 Bitcoin transactions recorded on the website and 23 reports about different ransomware families. This data is neatly presented in a bar chart that shows that the all-time ransomware with the most payments is the Netwalker (mailto) ransomware with $27,914,124 in Bitcoin payments. Sorting the data and graph by this year alone, the infamous REvil or Sodinokibi takes the lead at $11,041,204 in Bitcoin.

However, REvil’s total could rise sharply if even a portion of the recently demanded $70 million ransom is paid out as part of the Kaseya attack. We will have to see what happens with that, but this website will be incredibly useful to keep an eye on for ransomware tracking. Moreover, perhaps as more data comes in, it will spark legislators and politicians worldwide to fight ransomware more intensely.