In a recent Chainalysis 2025 Crypto Crime Report, the firm notes that while it may look like illicit cryptocurrency volumes are lower than 2024, their data has shown that year over year illicit crypto activity has grown at an average 25%. As such assuming a similar growth rate between now and next year’s Crypto Crime Report, their annual totals for 2024 could surpass the $51 billion threshold.
They noted, “At the time of this publication, we see a reduction in absolute value of illicit activity year-over-year (YoY); however, based on historical growth rates, we suspect that this number will eventually exceed last year’s total as our data attributions improve. In addition, our estimate for the share of all attributed crypto transaction volume associated with illicit activity, depicted below, also fell to 0.14% from 0.61% in 2023.1 Similarly, we expect this share to rise over time, although historically these rates consistently remain below 1%.”
The report also noted that usage of BTC for cyber criminals has decreased, replaced by stablecoins which now occupy the majority of all illicit transaction volume (63% of all illicit transactions). This is expected given that stablecoins occupy a sizable percentage of crypto activity which is around 77%.
In their 2024 Geography of Cryptocurrency report, Chainalysis covered the wide array of practical use cases for stablecoins in a range of markets, such as storing value, sending remittances, facilitating cross-border payments, and international trade.
Additionally, stablecoin issuers often freeze funds if they are made aware of their use by illicit actors. For example, Tether has frozen addresses of concern linked to scams, terrorist financing, and sanctions evasion, which can make stablecoins a poor tool for the transfer of value by illicit actors. Nonetheless, despite these ecosystem-wide trends, some forms of crypto crime, such as ransomware and darknet market (DNM) sales, remain BTC-dominated.
Stolen funds increased by approximately 21% YoY to $2.2 billion. Although the largest share of stolen funds was robbed from decentralized finance (DeFi) services, centralized services were the most targeted in Q2 and Q3.
Private key compromises accounted for the largest share (43.8%) of stolen crypto in 2024, with North Korean hackers stealing more from crypto platforms than ever before: $1.34 billion, representing 61% of the total amount stolen for the year. Some of these events appear to be linked to North Korean IT workers, who have been increasingly infiltrating crypto and web3 companies, compromising their networks, and using sophisticated tactics, techniques, and procedures (TTPs).
