The WannaCry Bitcoin ransom is on the move

2024-09-23 02:22:54 [关于我们] 来源：Anhui News

You've infected hundreds of thousands of computers across the globe with your ransomware, and victims' cryptocurrency payments are flowing into your Bitcoin wallets.

How long should you wait to try and access that cash?

Well, for the perpetrators behind WannaCry, the answer appears to be about two and a half months. We can say this because the three Bitcoin wallets that held the ransomed loot were all suddenly emptied late Wednesday.

SEE ALSO:It won't be easy for WannaCry hackers to get their cash

And while we don't know for sure that the same people who unleashed the attack are still in control of the wallets, the profound absence of a statement from law enforcement suggests, at the very least, the accounts haven't been seized.

WannaWhat?

You probably remember WannaCry. It hit on May 12, and was soon described by Europol spokesperson Jan Op Gen Oorth in The Washington Postas "the biggest ransomware attack ever."

The malware locked up victims' computers, and instructed them to make Bitcoin payments to the attackers' wallets in exchange for decryption keys. And the money started pouring in.

Tweet may have been deleted

Sure, the word quickly got out that the attackers weren't decrypting files, so people eventually stopped paying up. Even so, whoever orchestrated the attack found themselves sitting on approximately 52 Bitcoins — worth around $145,000 at the time of writing.

Mashable Light SpeedWant more out-of-this world tech, space and science stories?Sign up for Mashable's weekly Light Speed newsletter.By signing up you agree to our Terms of Use and Privacy Policy.Thanks for signing up!

But that didn't mean the attackers were suddenly rolling around in a bed of USD. No, if they were going to spend the money and not be traced in the process, they had to figure out a way to safely move it.

That process began on August 2.

Tweet may have been deleted

The thing about Bitcoin, however, is that it's only pseudonymous. That is to say, while you may not know who owns it, anyone can see where it goes. And you better believe interested parties around the globe are watching this specific cryptocurrency closely.

The Bitcoin from one WannaCry wallet was sent to three wallets. The Bitcoin in those wallets was sent to more wallets, and so on, and so on. All three WannaCry wallets were broken down in a similar way, with at least some of the Bitcoin finding its way to ShapeShift — a cryptocurrency exchange — along the way.

As some forms of digital currency (Monero, for example) are more privacy-focused than others, it would make sense that the owners of the tainted Bitcoin would try to swap theirs out. It appears they tried to do just that, although ShapeShift caught on.

SEE ALSO:Ransomware has been around for almost 30 years, so why does it feel like it's getting worse?

"ShapeShift, a digital asset change based in Switzerland, has verified that the WannaCry attacker did breach its terms of service and utilized the services to move a portion of their proceeds of crime," the company said in a statement. "[As] of today, we have taken measures to blacklist all addresses associated with the WannaCry attackers that are known to the ShapeShift team, as is our policy for any transactions we deem breach our terms of service. We are closely watching the situation as it continues to unfold as to block any further addresses associated."

Tweet may have been deleted

We inquired if the funds had been exchanged for Monero, but a spokesperson declined to "provide more detail due to the ongoing nature of the investigation."

Looking forward

So why does all this matter? The ransomed cryptocurrency got moved from three pseudonymous accounts to a bunch of other pseudonymous accounts — who cares, right?

Well, while WannaCry is one of (if not the) biggest case of ransomware in history, other attackers will surely come for the throne. And when they do, they're going to ask for payments in cryptocurrency. What happens to this WannaCry money, and whether the perps get away with it, will either serve as warning or encouragement to those that follow.

And you can bet your last Bitcoin that others willfollow.

Featured Video For You

Step inside the secretive class that turns people into hackers

(责任编辑：新闻中心)