Back to the list

WannaCry hackers allegedly move their funds to Monero – will that help them?

06 August 2017 21:00, UTC

As reported by the CoinDesk portal, three well-known Bitcoin addresses that had cryptocurrency equal to more than $140,000 began to empty, with the money moving somewhere else. These addresses were allegedly connected to the hackers who launched and benefitted from the attack of dangerous WannaCry virus that infected computers from all over the world. This virus could block one’s system and demanded ransom to be sent to anonymous Bitcoin address. Microsoft swiftly issued a batch of updates to protect Windows operation systems from further ransomware attacks, but by that time hackers already received a considerable sum from many desperate people.

Since then some particular addresses were closely observed by many who believed them to be the very location the hackers stored the ransom money. This continued for 10 weeks, and then, contrary to estimations and forecasts that hackers will continue to store funds without moving them anywhere, $36,000 in bitcoin were moved first to Shapeshift, a Swiss cryptocurrency startup and then into the cryptocurrency Monero. Bad news here is that Monero has its own modification of blockchain technology that hampers easy tracking of finances, weakening hopes that the digital extortioners will ever be caught.

This tech Monero uses includes 'ring signatures', the method to mix identification keys in such a way so that nobody would know which signature belongs to which user. Another potential criminal concealment technique resembles the proxy server Internet technology: one can use a 'stealth address' so that people will send money to one publicly posted address but they will be redirected to another, hidden address.

However Andrew Poelstra, a mathematician from Blockstream, а software company, tells that the tracking of those criminals will not completely fail after this measure they’ve taken. The list of users who choose such tech is not very large, he says, as shielded addresses require computational power. They also won’t succeed in hiding their tracks due to simple human factor – the information about such huge amounts of loot from such a big international extortion will undoubtedly leak, thus once again making it easier to track and arrest those hackers. Poelstra also notes that blockchain technology is not bad, even though some start to believe it’s a good instrument to hide money laundering and conceal criminal activities.