Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
  HOME     MENU     SEARCH     NEWSLETTER    
THE ENTERPRISE SECURITY SUPERSITE. UPDATED 4 MINUTES AGO.
You are here: Home / Viruses & Malware / WannaCry Ransom Is on the Move
WannaCry Ransom Money Is on the Move
WannaCry Ransom Money Is on the Move
Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
AUGUST
03
2017
The hackers behind May's WannaCry cyberattack have moved the ransom money they accumulated from three bitcoin accounts to other, larger accounts, online tracking records show.

The WannaCry attack paralyzed business and government computer systems across the world by exploiting security flaws first unearthed by the National Security Agency. Among the groups hardest hit were the Spanish telecom giant Telefonica and the United Kingdom's health ministry. Hospitals in Britain were forced to turn away patients for multiple days while officials scrambled to regain control of their computer systems.

Though the hackers, which are believed to have ties to North Korea, succeeded in upending cybersecurity systems across the world, their efforts to turn it into a money-making scheme largely failed due to their own ineptitude.

For starters, though bitcoin transactions are public, they are also anonymous. The three accounts the hackers set up to receive ransom payments from victims were unable to track who had made the payments, meaning the decryption codes the hackers promised were unreliable, making it less likely victims would be willing to pay the ransom in the first place. Other basic coding errors made some of the system take-overs easily remedied.

In another twist, the hackers set up a free email account to communicate with victims that was almost immediately identified by the service provider and shut down.

In all, the hackers received about $140,000 in ransom money in the form of bitcoin payments. Even that payment was inflated due to the rising value of bitcoin in the months since the WannaCry attack. At the time, they received less than $100,000 in ransom payments.

International trackers set up a Twitter account to monitor and report any movement in the three accounts the hackers used. On Thursday, that account noted the accounts were drained and the bitcoins were transferred into larger joint accounts known as mixers. Though the bitcoin can still be tracked, mixers allow users to break up bitcoin transactions into smaller ones that are more difficult to trace.

Europol, the European investigative agency, declined to comment on the status of the WannaCry investigation. The U.S. Justice Department did not immediately respond to comment.

© 2017 UPI Top Stories under contract with NewsEdge/Acquire Media. All rights reserved.

Image credit: iStock.

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
MORE IN VIRUSES & MALWARE
ENTERPRISE SECURITY TODAY
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.
--- 447