The Hackers behind WannaCry Ransomware have finally withdrawn their Bitcoins.
The ransomware that took the media by storm and caused havoc at businesses around the globe, including reported cases of hospitals and even a Honda manufacturing plant that had to shutdown production until the ransomware machine was removed from the line, has been lingering for almost three months. Most companies have recovered and patched systems to protect themselves. The hackers that are responsible for WannaCry are still at large and are believed, by researchers, to be either the hacking group Lazarus of North Korea or possibly a group out of China.
According to the twitter bot that was setup to monitor the Bitcoin wallets that were used to receive payment from the ransomware, about 338 people deposited the demanded 300 Bitcoins. This would equate to about 143,000 USD. In total, 7 transactions were done within about 15 minutes. The attackers likely then used a Bitcoin laundering service to clean up their tracks as much as possible.
In the end this shows the example again, that even in ransomware, it is not always the damage associated with the payment but the time and energy spent by the IT and InfoSec departments recovering lost data and systems. The bot only tracked 338 payments! but the WannaCry ransomware caused an estimated loss of $4Billion with a B!