The cyber criminals behind the global
WannaCry ransomware attackthat caused chaos worldwide have finally cashed out their ransom payments.
Nearly three months ago, the
WannaCry ransomwareshut down hospitals, telecom providers, and many businesses worldwide, infecting hundreds of thousands of computers in more than 150 countries, encrypting files and then charging victims $300-$600 for the keys.
WannaCry was really bad, as the nasty
ransomware forced the British NHS(National Health Service) to shut down hospitals and doctor's surgeries, and infected a Spanish telecommunications company and Russian mobile operator, among much more.
Even a month after the outbreak, the WannaCry ransomware was found infecting systems at
Honda Motor Company, forcing the factory to shut down its production, and 55 speed and traffic light cameras in Victoria, Australia.
Overall, the hackers behind
WannaCrymade $140,000 in Bitcoins from the victims who paid for the decryption keys—but for almost three months, they did not touch three of their wallets where victims were instructed to send ransom payments.
However, the WannaCry hackers started cashing out their cryptocurrencies on Wednesday night.
According to a
Twitter bottracking WannaCry ransom payments, only 338 victims paid the $300 in Bitcoin that totalled $140,000.
On Wednesday night, this money was
withdrawnin 7 different payments within 15 minutes, although it is not clear where the money is being sent, or how the attacker will use it.
If you are unaware, we recently reported about Google's research on how cyber criminals and
ransomware hackers cash outtheir stolen or looted cryptocurrencies via cryptocurrency exchanges that are involved in money laundering.
Last week, even German authorities arrested an alleged operator of the popular BTC-e Bitcoin exchange on charges of
laundering over $4 billion in Bitcoinfor culprits involved in hacking attacks, tax fraud and drug trafficking without identifying them.
The identity behind the WannaCry ransomware is still unknown, though some researchers traced back WannaCry to a
state-sponsored hacking groupcalled
Lazarusin North Korea, while other believed the
perpetrators might be Chinese.
The WannaCry epidemic was using self-spreading capabilities by leveraging leaked NSA's SMBv1 exploit, called
EternalBlue, to infect vulnerable Windows computers, particularly those using older versions of the operating system.
While most of the affected organisations have now returned to normal, law enforcement agencies across the world are still on the hunt.
from The Hacker News http://ift.tt/2vsMnAD
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.