The authors of WannaCry Ransomware was able to withdraw $143,000

WannaCry was really bad, It was a hard attack for many organizations all over the world, a new ransomware attack called ‘WannaCry’ is spreading by exploiting the SMB vulnerability and is encrypting files and changing the extensions to .wnry, .wcry, .wncry and .wncrypt. that started its attack against hospitals across the UK before spreading across the globe.

The authors of WannaCry made $140,000 in Bitcoins from the victims who paid for the decryption keys to recover their files, the hackers didn’t touch their Bitcoin wallets (3 addresses) for almost three months.

According to Elliptic’s data, the WannaCry authors collected more than $144,000 worth of bitcoin in the three addrresses. But on Wednesday evening, they quickly emptied them.

According to the Twitter bot that track WannaCry ransom payments:
“7.34128314 BTC ($20,055.52 USD) has just been withdrawn from a bitcoin wallet tied to #wcry ransomware. ”

“8.73261636 BTC ($23,856.48 USD) has just been withdrawn from a bitcoin wallet tied to #wcry ransomware.”

“9.67641378 BTC ($26,434.83 USD) has just been withdrawn from a bitcoin wallet tied to #wcry ransomware.”

“7.06939288 BTC ($19,318.06 USD) has just been withdrawn from a bitcoin wallet tied to #wcry ransomware.”

“10.06868926 BTC ($27,514.04 USD) has just been withdrawn from a bitcoin wallet tied to #wcry ransomware.”

“9.03851401 BTC ($24,698.95 USD) has just been withdrawn from a bitcoin wallet tied to #wcry ransomware.”

” 9.67641378 BTC ($26,508.37 USD) has just been withdrawn from a bitcoin wallet tied to #wcry ransomware.”

We think that the funds were likely sent to a Bitcoin mixer, which is a method of taking funds from one account and shattering it into hundreds or thousands of smaller transactions to transfer it to another account, simply it’s an anonymous service, that confuses the trails of Bitcoin transactions.

Related posts

Transport for London Cyberattack: Employee Passwords Reset; Teen Suspect Arrested

Oil Giant Halliburton Partly Went Offline Following Cyberattack

Cyberattack On Mobile Guardian MDM Wiped Connected Devices