August 10, 2017
It has been three months since Wannacry shook the world, and the only thing left to wonder is what happened to all that cash? It seems that, the hackers behind the outbreak have finally emptied the Bitcoin treasure trove they had amassed due to the ransom payments.
The wannacry epidemic was one of the biggest and most widespread cyber attack in history, affecting Hospitals, government facilities and business institutions. Worst affected was UK's National Health Service with hospitals and surgeries knocked offline, and some of the services not restored until days after the ransomware hit. It continued to affect victim later on as well, with Honda shutting down a factory in June.
Although the attack was certainly high profile, infecting hundreds of thousands of computers, It was not all that effective due to some loopholes in the code. According to a Bot that was tracking payments; only 338 victims paid their ransom of $300.
In the months since the attack, the accounts that held the money were left untouched until August 3 which saw the wallets being emptied one after the other. The wallets held $140,000 worth Bitcoin at the time of withdrawal due to the changes in the valuation of Bitcoin.
According to the Bot, three separate withdrawals between 7.3 Bitcoin ($20,055) and 9.67 bitcoin ($26,435) were made in a minute at 4:10 AM BST. This accounted for nearly half of the extorted funds. Five minutes later, there were three more withdrawals between seven bitcoin ($19.318) and 10 Bitcoin ($27,514) were made in the space of another minute.
"The difficulty that the WannaCry ransomware authors have is laundering or spending their bitcoins in a way that doesn't identify themselves," said Mustafa Al-Bassam, security expert at Secure Trading.