Privacy & Security

WannaCry hackers cash out $143,000 in ransom money

Three months after the global attack that infected over 300,000 computers and crippled the UK National Health Services, the cybercriminals behind the outbreak collected their 52.2 bitcoins Wednesday night.
By Jessica Davis
August 03, 2017
02:25 PM

The cybercriminals behind the global WannaCry ransomware attack have finally cashed in the $143,000 -- or 52.2 bitcoins -- paid by some its victims, according to an online bot tracking payments made to WannaCry hackers.

The bitcoin payments made by victims were withdrawn Wednesday night -- with the last withdrawal made at 3:25 a.m. Thursday. All of the online wallets associated with WannaCry are now empty. Only 338 victims paid the $300, but the hackers waited until now to withdraw funds.

Cryptocurrencies like Bitcoin are preferred by hackers as it’s incredibly difficult to trace the payments. It’s likely whoever withdrew the funds will launder the money to ensure the payment can’t be traced.

[Register Now: Upcoming HIMSS Healthcare Security Forum]

There’s been no official confirmation as to the identity of the hackers. However, many security experts have made connections to the hacking group Lazarus, which has ties to North Korea.

Tom Robinson co-founder of Elliptic, a London firm that helps law enforcement track down cybercriminals, told CNBC that the bitcoins are likely being converted into a different cryptocurrency: Monero, a privacy-focused cryptocurrency.

[Also: Wannacry timeline: How it happened and the industry response to ransomware attack]

Robinson is working with law enforcement to trace the movement of these funds, in hopes to find the owners likely responsible for perpetrating the attack.

WannaCry struck organizations with file-encrypting ransomware around the globe in May, infecting more than 300,000 computers and crippling systems in the U.S., Brazil, Europe, Russia and China. It devastated the U.K National Health System and two large U.S. hospital systems.

The hackers leveraged a Windows SMB vulnerability. Microsoft issued a patch for the specific flaw in a March 2017 update and a secondary patch for outdated systems soon after the attack. The patch prevented system exploits, but not computers already infected with WannaCry.

The virus continued to claim victims after the initial attack, as late as June.

Twitter: @JessieFDavis
Email the writer: jessica.davis@himssmedia.com

Like Healthcare IT News on Facebook and LinkedIn

Topics: 
Privacy & Security

More regional news

Clinician in scrubs at a hospital computer

CommonSpirit partners up with U of U for clinical collaboration

By
Andrea Fox
November 22, 2024
Stethoscope on an iPad

HIMSSCast: Care provider or tool? When and why patients like AI

By
Andrea Fox
November 22, 2024

EHR tips on migrating an all-digital hospital to Epic

By
Bill Siwicki
November 22, 2024
Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.

Top Story
EHR tips on migrating an all-digital hospital to Epic

Most Read

Particle Health files antitrust suit against Epic
Choosing a managed IT service for aged care
ASTP intros 2024 draft Federal FHIR Action Plan
CrowdStrike all but assures Capitol Hill: Never again
Korea's largest hospital bags APAC's first Stage 6 of new INFRAM
Sens. Warner & Wyden seek healthcare cybersecurity mandates in new bill

Research

White Papers

More Whitepapers

Patient Engagement
Patient Engagement
Financial/Revenue Cycle Management

Webinars

More Webinars

Imaging
Interoperability
Artificial Intelligence

Video

David Miles at Oklahoma Heart Hospital_Part 2_Doctor holding health icon Photo by Tippapatt/iStock/Getty Images Plus
Switching from Cerner to Epic? Meet a CIO who made it out alive
David Miles at Oklahoma Heart Hospital_Part 1_Doctor holding health icon Photo by Tippapatt/iStock/Getty Images Plus
The CIO of an all-digital hospital walks readers through its successes
Dr Alice Sutedjo Lisa at SMC Telogorejo Hospital_HIMSS24 APAC
Assisting the elderly in digital care
Dr. Benoit Desjardins of the University of Montreal
Cyberattacks are becoming more widespread, and more disruptive

More Stories

Agency cybersecurity infosec illustrated by many colored streams harnessed by a lock
OIG again deems HHS' infosec program ineffective
Joanna Lucas, RN, of St. Luke's University Health Network
Case and referral management technology gets big results for St. Luke's
Dr. Benoit Desjardins of the University of Montreal
Cyberattacks are becoming more widespread, and more disruptive
Northwestern Medicine
Northwestern Medicine announces international healthcare collaboration
BJ Schaknowski of symplr
Too many IT systems with limited alignment impacts care quality
Doctor in scrubs using computer
Tenet to deploy AI platform across its physician network
Healthcare CIO with other healthcare executives
Health system CIOs' strategic responsibilities continue to evolve
George Pappas at Intraprise Health_Digital shield and lock Photo by da-kuk/Getty Images
Tighter cyber mandates hold New York providers to higher security standards