The WannaCry Bitcoin ransom is on the move
You've infected hundreds of thousands of computers across the globe with your ransomware, and victims' cryptocurrency payments are flowing into your Bitcoin wallets.
How long should you wait to try and access that cash?
Well, for the perpetrators behind WannaCry, the answer appears to be about two and a half months. We can say this because the three Bitcoin wallets that held the ransomed loot were all suddenly emptied late Wednesday.
SEE ALSO:It won't be easy for WannaCry hackers to get their cashAnd while we don't know for sure that the same people who unleashed the attack are still in control of the wallets, the profound absence of a statement from law enforcement suggests, at the very least, the accounts haven't been seized.
WannaWhat?
You probably remember WannaCry. It hit on May 12, and was soon described by Europol spokesperson Jan Op Gen Oorth in The Washington Postas "the biggest ransomware attack ever."
The malware locked up victims' computers, and instructed them to make Bitcoin payments to the attackers' wallets in exchange for decryption keys. And the money started pouring in.
Tweet may have been deleted
Sure, the word quickly got out that the attackers weren't decrypting files, so people eventually stopped paying up. Even so, whoever orchestrated the attack found themselves sitting on approximately 52 Bitcoins — worth around $145,000 at the time of writing.
But that didn't mean the attackers were suddenly rolling around in a bed of USD. No, if they were going to spend the money and not be traced in the process, they had to figure out a way to safely move it.
That process began on August 2.
Tweet may have been deleted
The thing about Bitcoin, however, is that it's only pseudonymous. That is to say, while you may not know who owns it, anyone can see where it goes. And you better believe interested parties around the globe are watching this specific cryptocurrency closely.
The Bitcoin from one WannaCry wallet was sent to three wallets. The Bitcoin in those wallets was sent to more wallets, and so on, and so on. All three WannaCry wallets were broken down in a similar way, with at least some of the Bitcoin finding its way to ShapeShift — a cryptocurrency exchange — along the way.
As some forms of digital currency (Monero, for example) are more privacy-focused than others, it would make sense that the owners of the tainted Bitcoin would try to swap theirs out. It appears they tried to do just that, although ShapeShift caught on.
SEE ALSO:Ransomware has been around for almost 30 years, so why does it feel like it's getting worse?"ShapeShift, a digital asset change based in Switzerland, has verified that the WannaCry attacker did breach its terms of service and utilized the services to move a portion of their proceeds of crime," the company said in a statement. "[As] of today, we have taken measures to blacklist all addresses associated with the WannaCry attackers that are known to the ShapeShift team, as is our policy for any transactions we deem breach our terms of service. We are closely watching the situation as it continues to unfold as to block any further addresses associated."
Tweet may have been deleted
We inquired if the funds had been exchanged for Monero, but a spokesperson declined to "provide more detail due to the ongoing nature of the investigation."
Looking forward
So why does all this matter? The ransomed cryptocurrency got moved from three pseudonymous accounts to a bunch of other pseudonymous accounts — who cares, right?
Well, while WannaCry is one of (if not the) biggest case of ransomware in history, other attackers will surely come for the throne. And when they do, they're going to ask for payments in cryptocurrency. What happens to this WannaCry money, and whether the perps get away with it, will either serve as warning or encouragement to those that follow.
And you can bet your last Bitcoin that others willfollow.
Featured Video For You
Step inside the secretive class that turns people into hackers
(责任编辑:关于我们)
-
抖音超600万次传播量!广东省农事运动会乡村直播大赛火出圈_南方+_南方plus抖音平台超600万次流量!上千名乡村主播投稿!日前,作为广东省农事运动会乡村直播大赛线上海选赛区,在抖音平台上,带有话题 ...[详细]
-
鈥滃競闀挎澂鈥濆皬寰紒涓氬垱鏂板ぇ璧涘磦灞卞尯鍒濊禌寮€璧沖涓浗灞变笢缃慱闈掑矝
銆€銆€8鏈?鏃ワ紝鍦ㄥ磦灞卞尯娴峰皵浜戣胺锛岀粡杩囨縺鐑堢殑璺紨PK锛屽ぇ鍨嬬Ц绉嗙敓鐗╁帉姘у彂閰佃缃」鐩€佸ぇ鏁版嵁鍜屼汉宸ユ櫤鑳藉熀纭€杞欢闆嗘垚鐢熸€佺郴缁熼」鐩€佸熀浜庝汉宸ユ ...[详细] -
昨天,在召开的市十六届人大常委会第二次会议上,市畜牧兽医局副局长张劻林作关于我市现代畜牧业发展情况的汇报。2016年全市肉蛋奶产量107.2万吨,在副省级城市中居第四位;下一步,将继续增强畜牧业综合生 ...[详细]
-
近日,德国基尔市市长伍尔夫·肯普弗一行来青访问。记者了解到,在青期间,基尔市与青岛市贸促会共同举办了基尔市城市推介会。推介会上,我市三迪时空集团公司 (筹)与基尔市FabLab开放性实验 ...[详细]
-
US Open 2024 livestream: How to watch US Open tennis for free
TL;DR:Live stream the 2024 US Open for free on 9Now and TVNZ+. Access these free streaming platforms ...[详细] -
19日,山东100强企业名单公布,山东魏桥仍高居榜首,成为山东唯一一家营收过3000亿的企业,远超第二强海尔集团1800多亿元。大众网记者注意到,与去年公布的前十强相比,9家企业仍稳居前十榜单,只有海 ...[详细]
-
涓浗骞冲畨澶氶」搴旀€ヤ妇鎺Н鏋佸簲瀵瑰洓宸濅弗閲嶅北浣撳灝濉屼簨鏁卂涓浗灞变笢缃慱闈掑矝
銆€銆€6鏈?4鏃ヤ笂鍗堬紝鍥涘窛鐪侀樋鍧濆窞鑼傚幙鍙犳邯闀囨柊纾ㄦ潙绐佸彂灞变綋楂樹綅鍨锛岄€犳垚46鎴峰啘姘戣鎺╁煁锛?41浜哄け鑱斻€備簨鏁呭彂鐢熷悗锛屼腑鍥藉钩瀹夌珛鍗虫垚绔嬪簲鎬ュ伐浣 ...[详细] -
兴农评丨城乡公交不让站,这是给出行添堵_南方+_南方plus三农大小事,尽在兴农评。“这么大的车只能一人一座,大过年的堵一大片人在公交车站。”近日,湖南长沙市民蒋女士发文表示,她乘坐的星通3路公交车不 ...[详细]
-
We Bought the Cheapest DDR5 RAM Modules We Could Find, Are They Any Good?
For this article we're doing something simple: find the cheapest DDR5 RAM we could get our hands on, ...[详细] -
2017年6月16日,交行市北三支行支行接待了一位前来领取拆迁款的客户,因客户本人刚刚住院,无法前来领取拆迁款,但客户家人急需这笔款项。支行在了解了客户的基本情况后决定为客户提供上门核实服务。经与客户 ...[详细]