WannaCry hackers cashed out ransom via three Bitcoin wallets

According to foreign media Quartz, on August 3, international hackers cashed in the ransom they received from the large-scale WannaCry ransomware infection in May this year, earning more than $143,000.

The WannaCry Bitcoin ransomware virus that broke out in May this year caused a huge uproar at the time. More than 150 countries around the world were affected by the virus. Many universities, railway stations, gas stations, hospitals and even government service terminals in China were infected by the virus. WannaCry virus victims were required to pay a Bitcoin ransom of US$300 to unlock it.

The hacker extorted a total of 52.2 bitcoins (worth about $143,000) through the virus, which were withdrawn from the online wallet overnight. Currently, the balance of the electronic currency wallet related to this extortion is only zero.

It has been 12 weeks since the WannaCry ransomware outbreak, and hackers have made a total of more than $140,000 in Bitcoin from this attack. The WannaCry virus encrypts computer files and charges owners $300 to $600 for decryption. The WannaCry ransomware has affected the admission of a hospital in the UK and shut down a Spanish telecommunications company and a Russian mobile phone operator.

Since the attack, the $140,000 has remained untouched, scattered across three Bitcoin wallets, and the victims were asked to pay a ransom. Few expected the money to leave the accounts, as they would surely be watched by law enforcement agencies around the world. But on Wednesday night, the funds began to move.

A Twitter bot created by Quartz, which has public access to Bitcoin accounts on the blockchain, made its first withdrawal at 11:10 p.m.

The first transaction was for about $70,000, half of the total account. Five minutes later, three more withdrawals occurred.

Ten minutes after that, with the final withdrawal, all three accounts were emptied.

The money was likely sent through a Bitcoin mixer, a process that obscures the trail of bitcoins from bitcoin to hard currency. The process is a digital currency laundering operation. The general consensus among security experts and government agencies is that North Korea was behind the attacks and that the operation was more politically motivated than financially motivated.

The money was most likely sent through a bitcoin mixer, a process that obscures the traces from bitcoin to hard currency, and is a digital currency money laundering operation. Foreign security experts and government agencies generally believe that North Korea is behind the cyberattack, and the political significance of this action is greater than the monetary factor.