The hackers behind the devastating WannaCry cyberattack are moving their money
In May, the malware began spreading, causing chaos at hospitals, logistics firms, and businesses in more than 150 countries around the world. It encrypted victims' data and demanded a bounty paid in digital currency Bitcoin to unlock them, and was halted when a British researcher accidentally activated its "kill switch."
The British NHS (National Health Service), Spanish telecoms firm Telefonica, Nissan, and FedEx were among the organizations affected. British investigators have since blamed the attack on a North Korean-affiliated hacking group, "Lazarus Group," which was also linked to the 2014 hack of Sony Pictures.
The hackers made $140,000 (£105,000) from the attack in bounties - but for more than two months, they didn't touch it. (Bitcoin records all transactions on a public ledger, meaning anyone can see how much is in a given "wallet" or whether it has been spent if you know the correct "address.")
Late on Wednesday/early on Thursday, however, the ill-gotten funds finally began to be transferred. The moves were first highlighted by a Twitter bot built by Quartz reporter Keith Collins.
In seven payments spaced across 15 minutes, the money was withdrawn. It's not clear where it is being sent, or how it will be used.
7.34128314 BTC ($20,055.52 USD) has just been withdrawn from a bitcoin wallet tied to #wcry ransomware. https://t.co/wX2k9pJLNQ
- actual ransom (@actual_ransom) August 3, 2017
8.73261636 BTC ($23,856.48 USD) has just been withdrawn from a bitcoin wallet tied to #wcry ransomware. https://t.co/KRxgNpBGgz
- actual ransom (@actual_ransom) August 3, 2017
9.67641378 BTC ($26,434.83 USD) has just been withdrawn from a bitcoin wallet tied to #wcry ransomware. https://t.co/CJLiu6cyvr
- actual ransom (@actual_ransom) August 3, 2017
7.06939288 BTC ($19,318.06 USD) has just been withdrawn from a bitcoin wallet tied to #wcry ransomware. https://t.co/wX2k9pJLNQ
- actual ransom (@actual_ransom) August 3, 2017
10.06868926 BTC ($27,514.04 USD) has just been withdrawn from a bitcoin wallet tied to #wcry ransomware. https://t.co/CJLiu6cyvr
- actual ransom (@actual_ransom) August 3, 2017
9.03851401 BTC ($24,698.95 USD) has just been withdrawn from a bitcoin wallet tied to #wcry ransomware. https://t.co/KRxgNpBGgz
- actual ransom (@actual_ransom) August 3, 2017
9.67641378 BTC ($26,508.37 USD) has just been withdrawn from a bitcoin wallet tied to #wcry ransomware. https://t.co/CJLiu6cyvr
- actual ransom (@actual_ransom) August 3, 2017
- Global stocks rally even as Sensex, Nifty fall sharply on Friday
- In second consecutive week of decline, forex kitty drops $2.28 bn to $640.33 bn
- SBI Life Q4 profit rises 4% to ₹811 crore
- IMD predicts severe heatwave conditions over East, South Peninsular India for next five days
- COVID lockdown-related school disruptions will continue to worsen students’ exam results into the 2030s: study