Skip to main content

WannaCry ransomware bitcoins on the move

(Image credit: Image Credit: Julia Tsokur / Shutterstock)

The cybercriminals behind the WannaCry ransomware (opens in new tab) attacks appear to have decided to cash out on their crimes and have removed over $140,000 worth of bitcoins from their online wallets. 

The WannaCry attacks occurred almost three months ago during which time organisations worldwide were affected by the ransomware, including the NHS (opens in new tab) which experienced disruptions for several days as a result of the attack. 

A Twitter bot set up by Quartz journalist Keith Collins was alerted to the fact that the attackers had removed the remaining bitcoins stored in their online wallets. Currently the balance of all of the wallets associated with the WannaCry attacks is now at zero. 

In May, when the attacks first took place, cyber security experts and law enforcement agencies across the globe urged victims to not pay the ransom as it would likely not result in their files be restored and would only encourage other cybercriminals to follow suit.  However, the attackers' bitcoin wallets tell a different story and many individuals and even some businesses did in fact pay the ransom. 

This is the second time the attackers behind Wannacry (opens in new tab) have transferred funds from their wallets.  In July, the bitcoin-monitoring company Elliptic noticed that the attackers had begun to empty their wallets. 

It is expected that the WannaCry bitcoins removed from the wallets will likely be put through a 'mixer' and will be transferred as part of a larger series of payments to make them harder to trace.  This will help throw off law enforcement and make it much more difficult to determine who was really behind the WannaCry ransomware. 

Want to know more about ransomware? Read our guide here (opens in new tab).

Image Credit: Julia Tsokur / Shutterstock

After getting his start at ITProPortal and then working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches to how to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.