The WannaCry ransomers who have been soliciting bitcoin ransoms from global cyber-victims have been transferring their bitcoins into privacy coin Monero as of late. The motive is clear, as Monero’s considerably less traceable than BTC.
WannaCry – a ransomware attack based on leaked NSA intel that encrypts users’ harddrives until a bitcoin ransom’s been paid – has had a maliciously successful year in 2017.
Striking institutional and personal computers the world over starting back in May, WannaCry’s held droves of computers hostage, forcing users to pay the malware’s creators a ransom approximating $300 in bitcoins before affected harddrives are decrypted.
The attack spread like wildfire for days until cybersecurity experts could get a handle on the problem. In that timeframe, WannaCry’s attackers made off with bitcoins worth over $225,000 at press time.
Now, though, Wannacry’s moving a considerable portion of its BTC holdings into Monero.
That’s per Jonathan Levin, co-founder of ChainAnalysis – the firm that’s recently teamed up with the IRS to provide blockchain detective services – who said in new comments to Gizmodo that he’s been tracking the WannaCry attacker’s wallet movements for weeks now.
Levin highlighted that Monero was obviously a superior choice for the attackers to store their funds, seeing as how Monero mixes its coins automatically without the need of a third-party tumbling service, thereby providing top-notch anonymity for its users.
ChainAnalysis’ research has indicated that the WannaCry attackers are using Eric Voorhees’ decentralized crypto exchange ShapeShift to trade their bitcoins for Monero.
And while all sings point toward North Korea as being the source of WannaCry, there’s no telling where the funds will end up now that Monero’s become involved.
In early October, Europol released its Internet Organised Crime Threat Assessment (IOCTA) 2017.
The assessment comprehensively detailed current trends in Europe’s online criminal underground, noting that while Bitcoin was still the bellwether currency in these nefarious circles, privacy coins like Zcash and Monero are becoming increasingly relied upon.
The report argued that Monero is becoming popular with attackers like the WannaCry ransomers because Monero transactions “cannot be attributed to any particular user/ address […] all coins used in a transaction are ‘hidden’ by default, and transaction histories are kept private.”
Europol: Criminals expanding cryptocurrency use, adding Ethereum, Monero and Zcash to their arsenal https://t.co/JbhfmZ9hZN
— Snip (@SnipToday) October 9, 2017
The report also noted that the first Monero ransom payments were paid out earlier this year when the so-called “Kirk” ransomware was unleashed upon web denizens.
What’s your take? Do you think those bitcoins are gone without a trace now that the WannaCry attackers have shifted them into Monero? Let us know where you stand in the comments below!
Images via SecurityRi, Monero