The ransomware toolkit built with AI has caused a 70% surge in attacks.

According to Coinjie.com, attackers are increasingly deploying AI tools to execute ransomware attacks on a large scale. As AI tools become more usable, scammers are deploying ransomware at scale. According to a report by OutreachX [OutreachX], automation and AI are leading to a significant increase in attacks as scammers deploy the “ransomware as a service” toolkit. The use of these tools coincides with a significant increase in ransomware cases. According to a report by Acronis, the number of verified ransomware victims increased by 70% in the first half of 2025. Part of the reason may be that scammers can deploy attacks on a larger scale. Furthermore, these attacks increasingly exploit human error by using AI. Attackers use LLMs, such as ChatGPT, to write phishing emails, ransomware letters, and other content designed to pressure victims. They then sold these as toolkits that could be used for other attacks. "We are watching ransomware move from code to content. It's not just malware, it's narrative, activity and stress scripts sold as plug and play," said Anirudh Agarwal, CEO of OutreachX. Crypto continues to play a central role in ransomware attacks and remains the first choice payment method for attackers. However, despite the increase in the number of victims, total ransom payments fell by 35% in 2024, according to a report from Chainalysis. Improved investigative practices, asset seizures and on-chain sanctions help reduce ransom gains, especially in the second half of 2024. In addition, restrictions on many Russian Crypto platforms have greatly reduced the attacker's ability to clean funds.