Hackers who infected 200,000 machines have made yet $50,000 worth of bitcoin

in hackers •  7 years ago 

Hackers who locked files on 200,000 computers globally and asked for a bitcoin ransom payment to unlock them, have made around $50,000.

On Friday, a virus known as WannaCry infected machines across 150 countries. It's known as ransomware which is a malicious piece of software that encrypts a user's files then demands them pay money to unlock them. In this case, the hackers asked for $300 worth of bitcoin.

James Smith, CEO of Elliptic, a London-based start-up that helps law enforcement agencies track criminals using the cryptocurrency, said his company had uncovered that since Friday, around $50,000 worth of bitcoin payments have been made to the hackers by 7 a.m. ET on Monday. This was up from $45,000 at 4 a.m. ET.

"We have seen the number of payments start to go up today," Smith told CNBC Monday.

After 72 hours from when the attack started on Friday, the hackers said the fine would double to $600, and after seven days, the files would be permanently locked.

"We think over the course of today as we approach the first deadline where fines double we will see a bigger increase (in bitcoin payments)," Smith added.

The amount paid so far is still a small amount despite the global nature and scale of the attack. Security experts and government agencies have been urging people not to pay the ransom.

Why payments have been slow

One of the major reasons for the slow payments is perhaps because many people wouldn't know how to obtain and pay in bitcoin.

"If a business is told it needs to pay this amount of bitcoin, most companies will be asking what bitcoin is … it's not straightforward," Smith explained.

Obtaining large amounts of the cryptocurrency might take some time, and then setting up an account via a bitcoin wallet and exchange would also require a long onboarding process.

At the same time, researchers have seen no evidence that paying the cybercriminals necessarily unlocks your files.

"The decryption process itself is problematic, to say the least," cybersecurity firm Check Point said in a blog post on Sunday.

"Unlike its competitors in the ransomware market, WannaCry doesn't seem to have a way of associating a payment to the person making it. Most ransomware … generate a unique ID and bitcoin wallet for each victim and thus know who to send the decryption keys to. WannaCry, on the other hand, only asks you to make a payment, and then … wait."

Tracing bitcoin

Hackers who deploy ransomware often ask for payments in bitcoin as it is often believed to be completely anonymous. But law enforcement agencies, working with companies like Elliptic, have figured out ways to trace this.

It traces so-called bitcoin addresses back to people. These addresses are required to make payments to other people or organizations. At the moment, Elliptic is working on trying to trace the payments, but Smith said this would become clearer when the hackers try to withdraw their bitcoin in fiat currency.

"The attackers haven't moved it. In previous cases we have been able to work with law enforcement to see where the funds move because ultimately the attacker wants to turn it back into a currency they want to spend," Smith explained.

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

Hi! I am a robot. I just upvoted you! I found similar content that readers might be interested in:
https://ca.finance.yahoo.com/news/hackers-infected-200-000-machines-113200289.html

Congratulations @mtdrpt! You have completed some achievement on Steemit and have been rewarded with new badge(s) :

You published 4 posts in one day

Click on any badge to view your own Board of Honnor on SteemitBoard.
For more information about SteemitBoard, click here

If you no longer want to receive notifications, reply to this comment with the word STOP

If you want to support the SteemitBoard project, your upvote for this notification is welcome!