It seems that about $143,000 from the WannaCry ransomware attack is on the move.
That is, according to Elliptic, a company that works with law enforcement to track down illegal activities conducted with cryptocurrency. On August 3, CNBC reported that hackers responsible for the attack had withdrawn bitcoins stashed in several wallets containing around 52.2 BTC. The balance of all of the wallets that used to contain the stolen stash from the ransomware attack is now zero.
Elliptic co-founder, Tom Robinson told the online news agency that this withdrawal was almost certainly an attempt to convert the bitcoin paid by the victims of the WannaCry attack into a different digital currency with complete anonymous features. This is an obvious bold move to avoid being tracked by the authorities.
Tom Robinson stated:
“We’re following the movement of funds being sent out of the WannaCry wallets. We believe some of these funds are being converted into Monero, a privacy-focused cryptocurrency. We continue to work with law enforcement to support their efforts in tracing ownership of these funds.”
The WannaCry Ransomware
Back in May, a group of hackers carried out one of the biggest cyber attacks to this day. They were able to lock down files on the computers of businesses, government entities all around the world, and even the Britain’s National Health Service (NHS). The affected victims were then asked to pay a ransom fee to see their machines unlocked. According to experts, U.K.’s NHS had a severe hit because it was still running an outdated version of Windows.
Hackers were asking for a $300 ransom, and even though some of the victims have not paid this amount, hackers were still able to ransack around $143,000, which Elliptic was able to track. The attack even made the price of bitcoin shake between $1,848.75 to $1,644.64, coinciding with a downturn of just over $200.
On the Trail of the Thieves
Similarly, in previous attacks, hackers had emptied the bitcoin wallets and converted it an anonymous and harder to track cryptocurrency, in this case Monero (XMR). This was the way the hackers have acted before, so it is assumed that these hackers are now converting $143,000 from bitcoin to Monero. According to blockchain analytics firm BlockSeer, the hackers used Shapeshift to convert bitcoin into Monero. The Swiss-based crypto exchange service stated it is working with law enforcement to aid in capturing the perpetrators.
Wanna Cry ransomware money laundering with Bitcoins in action. Graph shows Bitcoin being converted to Monero (XMR) via @ShapeShift_io pic.twitter.com/7NsdkOOYuT
— BlockSeer (@BlockSeer) August 4, 2017
On August 2, US authorities arrested a researcher known by the nickname MalwareTech, the individual that was able to stop the spread of the WannaCry ransomware virus. Marcus Hutchinson, AKA MalwareTech, a British researcher from cyber security firm Kryptos Logic, registered a specific domain included in the ransomware’s code and was able to contain the malware infection and stop it from spreading. Shortly before his arrest, Hutchinson was in Las Vegas during Black Hat and Def Con, two annual hacking conferences.
Even though some were thinking that this arrest could have something to do with the WannaCry ransomware attack, authorities stated that the researcher was arrested for allegedly creating the Kronos banking malware.
Many researchers have attributed the WannaCry attack to North Korean hackers while others believe that it might have come from the slums of deep web forums or even amateur hackers. However, it is still unclear who is the real culprit behind the Wannacry ransomware attack.
The WannaCry ransomware attack was effectively a big blow to cryptos in general because it once again brought digital currency out in the open as a perfect tool for cyber crime. On the other hand, it also puts governments and authorities in a high state of alert so that it can drive them to react by legislating in a way that it might become an inescapable hindrance to the development of the ecosystem.