WannaCry is a ransomware that took the world by storm in 2017. This piece of malware essentially encrypts the data on a computer and asks the user to pay between $300 to $600 (in BTC) in ransom to get said data back. Personal computers were also hit by this ransomware attack, it is believed that around 230,000 computers worldwide were infected.

Law enforcement advised the public against paying the ransom, claiming that it would simply fund further acts of cyber criminality. But as we can see today, some victims appear to have paid to try and get their data back.

During the last few days a total of around $143,219.81 worth of bitcoin was withdrawn by the hackers, according to tracking firm Elliptic.

It was obvious that the ransom money would move at some point, but how will they do it without getting tracked down? Part of the ransomware program gave their wallet addresses to victims, and we know law enforcement has been tracking them since.

While bitcoin is somewhat anonymous, it can be hard to completely eliminate trails of transactions. The same way real world criminals need to launder their money before they can spend or use it, techniques such as coin tumbler or mixer are used by cyber criminals to confuse the trail of transactions to make them harder to track down.

While the hacker(s) behind the attack remains unknown, the ransomware has been linked to North Korea¹ and is thought to be politically driven, not just a move for money.

Interesting stuff…

“BTC-e, a major bitcoin exchange accused of laundering $4bn in bitcoin since it emerged in 2011, was shut down in July after the “internationally sought criminal mastermind” behind it was arrested in Greece, which will make anonymously turning the ransom bitcoins into cash even harder.

Elliptic co-founder Tom Robinson told CNBC: “We believe some of these funds are being converted into Monero, a privacy-focused cryptocurrency.”

The funds may also be used to purchase goods and services directly in bitcoin on the dark web, adding another layer of difficulty to tracking the wallets’ owners.”


¹ Source: TheGuardian.com