Money acquired by a ransomware known as WannaCry has been withdrawn from the digital wallets where the money has been held in form of bitcoin worth more than £108,000. The ransomware attacked businesses in 150 countries all over the world.
Three months ago, the ransomware appeared attacking computers, locking up data, asking for ransom in order for the data to be released and meanwhile caused chaos in hospitals and firms such as Spain’s Telefonica and FedEx. Now, £108,953 worth of Bitcoin that has been acquired was moved from three digital wallets that officials believe are connected to the hackers behind WannaCry.
Once the ransomware struck, it would demand between $300 and $600 unlock the data stolen from the victim, and the estimated number of those is around 230,000 computers all over the world. Police advised people against paying the ransom, yet still many of them decided to do what the hackers demanded, despite being told it would only help the future acts of cybercrime.
Ever since the attacks happened, people have been waiting for the money to move. Ransomware included addresses of the wallets to which the victims should send money to, and the law enforcement made sure to keep track of the activities on those accounts. Although Bitcoin can’t be tracked as easily as traditional currencies, they still managed to keep track thanks to a distributed ledger called the blockchain where the transactions are written into.
This is what made it harder for the hackers to move their hard earned money around privately. To do so, they would have to use Bitcoin mixer or tumbler, which job is to confuse the trails of transactions in order to allow anonymity of the Bitcoin owners.
Another way the attacker could use the money was to directly buy from the dark net marketplace without the need to convert the currency from Bitcoin into something else, which would make it even harder for the police to track the stolen money.
It is believed that the attack is more politically driven than its goal being just money. It has also been linked to North Korea. While the ransomware was made to extort users, it happened to become a victim of its own success because it spread into firms and institutions.
Although this caused large amounts of disruption, so much that NHS hospitals had to reduce to emergency care only, the ransomware didn’t manage to make the firms pay the ransom.
Individual users at home that don’t have their data backed up are the ones who would most likely pay the asked price to get the data back, and the businesses in majority have some kind of a routine backup and are able to restore most of their files with no sweat after they get the infection out of their digital systems.