Monitoring WannaCry hackers' bitcoin addresses in real time - page 2.

deisik

legendary

Activity: 3514

Merit: 1280

English ⬄ Russian Translation Services

Quote from: wuvdoll on May 22, 2017, 10:16:41 AM

This must be an awesome post for a change! That’s fascinating! I just checked one of the addresses and there is around 26 grand in that one address so they must have quite a lot by now. I wonder though what mixer would ever accept that much money and it would sure take a long time for the money to be laundered. Of course you also would have to do it with multiple launderers so I don’t know what their plan is.

Obviously, they don't need to launder all that amount at once

Moreover, even if some mixer could process that many bitcoins (which is not that many really, to tell the truth), it simply doesn't make sense to dump all these coins all at once unless the hackers are 100% certain that they won't be soon parted with their "hard-earned" and "well-deserved" bitcoins. If they are not so sure (which might well be the case), it would make sense to divide the spoil into small portions and launder them separately and cautiously. Other than that, they might not be interested in cashing out altogether

wuvdoll

legendary

Activity: 1442

Merit: 1025

Quote from: coinits on May 13, 2017, 11:13:09 AM

For a global attack they have not collected a lot of bitcoin yet. Results as of 16:00 GMT

Address 1: 12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw

live link: https://blockchain.info/address/12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw

31 transactions = 4.65255659 BTC

Address 2: 115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn

live link: https://blockchain.info/address/115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn

27 transactions = 3.10004389 BTC

Wallet 3: 13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94

live link: https://blockchain.info/address/13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94

36 transactions = 6.53259945 BTC

~ 14.28 BTC x $1735.35 per BTC = $24,781 ransom paid thus far.

Add more addresses as you find them.

This must be an awesome post for a change! That’s fascinating! I just checked one of the addresses and there is around 26 grand in that one address so they must have quite a lot by now. I wonder though what mixer would ever accept that much money and it would sure take a long time for the money to be laundered. Of course you also would have to do it with multiple launderers so I don’t know what their plan is.

deisik

legendary

Activity: 3514

Merit: 1280

English ⬄ Russian Translation Services

Quote from: vapourminer on May 21, 2017, 06:25:41 AM

Quote from: deisik on May 21, 2017, 03:11:15 AM

Why should they necessarily make any mistake?

They were sane enough to craft such a virus in the first place capable of bringing down thousands if not millions of computers across the whole world (obviously, only a tiny fraction of affected users paid the ransom), so they should be pretty seasoned in such affairs (after all, MakeMeCry might not be their first accomplishment) and thus there are not many chances that they will get caught eventually. How many exchange hackers got caught in the end? And the number of bitcoins at stake is simply incomparable (just in case, over 120k bitcoins had been stolen from Bitfinex)

word is they made some amateur mistakes: one was that hardcoded kill switch url. and only 3 btc addys? no unique id per computer?

my theory is it was some script kiddies and it went way over what they expected.

those addys most likely will be watched by more law enforcement than any in history..

Obviously, only time will tell

Apart from that, did anyone get caught last years after hacking numerous exchanges out there? I don't mean the times of Ross Ulbricht (who was engaged in real criminal activity like drug dealing and similar things after all), I refer to more recent times, when, for example, Bitfinex had been hacked almost a year ago. Some Taiwanese student who created Chernobyl virus got off really cheap despite the fact that his virus likely wiped out as many drives in 1998 as this CryAgain virus

BurtW

legendary

Activity: 2646

Merit: 1137

All paid signature campaigns should be banned.

Quote from: zend7 on May 21, 2017, 07:21:29 AM

They may well be but those addresses have only about 150k USD in total.

they just mix them.

Where did you get 150K USD? Were you just guessing? I see them getting 100K USD so far. Here:

https://bitinfocharts.com/bitcoin/wallet/WannaCry-wallet

Yes, They can just mix the coins and then cash out. Simple to do.

zend7

hero member

Activity: 658

Merit: 501

Hackers please hack me .... if you can :)

Quote from: vapourminer on May 21, 2017, 06:25:41 AM

Quote from: deisik on May 21, 2017, 03:11:15 AM

Why should they necessarily make any mistake?

They were sane enough to craft such a virus in the first place capable of bringing down thousands if not millions of computers across the whole world (obviously, only a tiny fraction of affected users paid the ransom), so they should be pretty seasoned in such affairs (after all, MakeMeCry might not be their first accomplishment) and thus there are not many chances that they will get caught eventually. How many exchange hackers got caught in the end? And the number of bitcoins at stake is simply incomparable (just in case, over 120k bitcoins had been stolen from Bitfinex)

word is they made some amateur mistakes: one was that hardcoded kill switch url. and only 3 btc addys? no unique id per computer?

my theory is it was some script kiddies and it went way over what they expected.

those addys most likely will be watched by more law enforcement than any in history..

They may well be but those addresses have only about 150k USD in total. I understand that the law enforcement want to track these guys down but I am not that confident at this. Other people , a lot more amateur than these ones like Hashocean got away with more than 3.5 mln USD stolen from users in their ponzi scheme scam. As far as I know they are free and enjoying their money. The same will do these guys of the ransomware as mixing services hidden in the TOR network do not care where the bitcoin come from, they just mix them.

vapourminer

legendary

Activity: 4354

Merit: 3614

what is this "brake pedal" you speak of?

Quote from: deisik on May 21, 2017, 03:11:15 AM

Why should they necessarily make any mistake?

They were sane enough to craft such a virus in the first place capable of bringing down thousands if not millions of computers across the whole world (obviously, only a tiny fraction of affected users paid the ransom), so they should be pretty seasoned in such affairs (after all, MakeMeCry might not be their first accomplishment) and thus there are not many chances that they will get caught eventually. How many exchange hackers got caught in the end? And the number of bitcoins at stake is simply incomparable (just in case, over 120k bitcoins had been stolen from Bitfinex)

word is they made some amateur mistakes: one was that hardcoded kill switch url. and only 3 btc addys? no unique id per computer?

my theory is it was some script kiddies and it went way over what they expected.

those addys most likely will be watched by more law enforcement than any in history..

aoluain

legendary

Activity: 2380

Merit: 1343

Yea i'm sure enough that if they can create and plant the virus
they sure as hell know how to liquidate the rewards into fiat
if they wanted, im sure they have a gameplan and its running
smoothly Wink

deisik

legendary

Activity: 3514

Merit: 1280

English ⬄ Russian Translation Services

Quote from: Pattberry on May 20, 2017, 06:50:03 PM

I am waiting for them to move the coins and i am sure they will make a stupid mistake that will end up in the hands of the law.They wont move anything for now as they know that the heat is on them and everyone will be monitoring the wallets.What ever they plan on doing with it,it is not easy to move them without anyone noticing

Why should they necessarily make any mistake?

They were sane enough to craft such a virus in the first place capable of bringing down thousands if not millions of computers across the whole world (obviously, only a tiny fraction of affected users paid the ransom), so they should be pretty seasoned in such affairs (after all, MakeMeCry might not be their first accomplishment) and thus there are not many chances that they will get caught eventually. How many exchange hackers got caught in the end? And the number of bitcoins at stake is simply incomparable (just in case, over 120k bitcoins had been stolen from Bitfinex)

salmanahmedone

hero member

Activity: 602

Merit: 500

Quote from: Pattberry on May 20, 2017, 06:50:03 PM

I am waiting for them to move the coins and i am sure they will make a stupid mistake that will end up in the hands of the law.They wont move anything for now as they know that the heat is on them and everyone will be monitoring the wallets.What ever they plan on doing with it,it is not easy to move them without anyone noticing.

Well even if they move the funds from the wallets to another bitcoin wallet they wont be caught. They can only be caught when they will move the funds to the Fiat currency. They can use the bitcoin mixer service and then no one will get the clue of them forever.

Mike Mayor

hero member

Activity: 966

Merit: 535

Quote from: Pattberry on May 20, 2017, 06:50:03 PM

I am waiting for them to move the coins and i am sure they will make a stupid mistake that will end up in the hands of the law.They wont move anything for now as they know that the heat is on them and everyone will be monitoring the wallets.What ever they plan on doing with it,it is not easy to move them without anyone noticing.

I doubt anyone can find them. How ? So what if they know the address ? It won't help when you don't know and can't prove the owner. It would be interesting to each but is the investment of time really worth it ?

Still if noone paid this then things like these wouldn't exist. Just osy no attention to the randsom side of it. It's just a normal virus where the creator is taking a shot in the dark at some free money.

Pattberry

sr. member

Activity: 448

Merit: 250

I am waiting for them to move the coins and i am sure they will make a stupid mistake that will end up in the hands of the law.They wont move anything for now as they know that the heat is on them and everyone will be monitoring the wallets.What ever they plan on doing with it,it is not easy to move them without anyone noticing.

aoluain

legendary

Activity: 2380

Merit: 1343

Quote from: avadhoot on May 20, 2017, 01:48:13 PM

Is there a blockchain based file backup solution?

That is a very good question.

Im sure the likes of SIA, MAIDSAFE and STORJ
Would have that covered as the are file storage
Blockchain technologies.

vapourminer

legendary

Activity: 4354

Merit: 3614

what is this "brake pedal" you speak of?

Quote from: Iranus on May 13, 2017, 02:27:06 PM

Do people really not back up their files regularly?

talk to friends and co workers, the non tech types.

hardly any back stuff up. i hear then moaning all the time about how they lost prized family photos, resumes and other important docs and such due to simple drive failure.

avadhoot

full member

Activity: 234

Merit: 100

Is there a blockchain based file backup solution?

Quote from: Iranus on May 13, 2017, 02:27:06 PM

Do people really not back up their files regularly?

I would assume that a huge part of the reason the thieves aren't getting as much money as we'd expect is because most people back up their files at least every month or so. Institutions should back up their files much more regularly than that.

Unless there's very significant new sensitive information that needs decrypting, there's not much reason for people to pay such a big ransom. If it was $20 instead, I would probably pay it anyway, but there's really no point.

wxa7115

hero member

Activity: 2702

Merit: 704

Bitcoin is GOD

Quote from: coinits on May 15, 2017, 05:29:51 PM

Quote from: ecnalubma on May 15, 2017, 02:28:59 AM

In the beginning internet is not a safe place for everyone. Click, download, register etc. at your own risk. Grin

It has been revealed that this did not spread by clicking on any links.

See this link https://www.wsj.com/articles/cybersecurity-experts-first-task-find-out-how-virus-spread-1494868250

From the article:

Quote

Investigators have already ruled out phishing—tricking someone into opening a seemingly legitimate email attachment that actually contains the virus—as a possible tactic. One of their hypotheses centers on something called port 445, an outlet that isn’t supposed to be connected to the internet.

Then this means the virus is even more dangerous than we thought, just another reminder for some that using window for anything serious is a big mistake, if you want to use it to hear some music and navigate on the internet fine, but if money is involved or sensitive information is better to use another operative system.

Markley

newbie

Activity: 21

Merit: 0

Quote from: SwagGirl on May 18, 2017, 06:45:18 PM

Quote from: coinits on May 18, 2017, 05:21:33 PM

Quote from: Markley on May 18, 2017, 05:19:01 PM

Quote from: eckmar on May 18, 2017, 08:07:12 AM

Quote from: User365 on May 14, 2017, 10:58:52 AM

WannaCry 2.0 is out and, guess what there is no killswitch anymore Grin

If you wanna protect against such threats, check out https://bitcointalksearch.org/topic/m.18888453
Its impossible to get infected with WannaCry if you follow the whole guide

I'll tell you this for free.
1) Update your Windows to latest version
2) Get Paid antivirus like ESET
3) Have brain

And that should cover it about all...

Many institutions like NHS can't afford to update all of their systems, also there are many devices that can't be upgraded like medical equipment

Stupid reasoning on their part. Their mindset should be 'Can't afford not to upgrade'.

I bet they make a budget for it now else they get what they desereved.

I think that is kind of an immature attitude, NHS is already cash strapped. Yeah they should upgrade but they probably chose to pay the doctors first

SwagGirl

member

Activity: 104

Merit: 100

GetClams.com

Quote from: coinits on May 18, 2017, 05:21:33 PM

Quote from: Markley on May 18, 2017, 05:19:01 PM

Quote from: eckmar on May 18, 2017, 08:07:12 AM

Quote from: User365 on May 14, 2017, 10:58:52 AM

WannaCry 2.0 is out and, guess what there is no killswitch anymore Grin

If you wanna protect against such threats, check out https://bitcointalksearch.org/topic/m.18888453
Its impossible to get infected with WannaCry if you follow the whole guide

I'll tell you this for free.
1) Update your Windows to latest version
2) Get Paid antivirus like ESET
3) Have brain

And that should cover it about all...

Many institutions like NHS can't afford to update all of their systems, also there are many devices that can't be upgraded like medical equipment

Stupid reasoning on their part. Their mindset should be 'Can't afford not to upgrade'.

I bet they make a budget for it now else they get what they desereved.

batang_bitcoin

hero member

Activity: 3080

Merit: 603

Quote from: eckmar on May 18, 2017, 05:13:04 PM

Quote from: ?? on ??

Btw, here are some funny transactions made to the wannacry addresses

1) https://blockchain.info/tx/4dcf70c864172869c0950e4e24b9f1a7ff410417411a2a2d0ede85b6281b5a67
Someone sent 0.00006 btc from an address starting with 1FuckYou....
2) https://blockchain.info/tx/96015c757e440554005965b97349234dcae8d4c0f8cc3410a0743cbcc9bacd6c
Look at this transactions' sender's addresses, they seem to send a message to the hackers :
"1You....
1Are....
1A......
1Cunt..."

It is really funny when you post it here but tbh hackers probably didn't even notice it...

Hahaha. Those people are our messengers they sent what everyone is feeling now because of their ransomware. I guess they noticed it then but even they will read they will only laugh at it. Hoping that this crisis will end soon.

coinits

legendary

Activity: 1582

Merit: 1019

011110000110110101110010

Quote from: Markley on May 18, 2017, 05:19:01 PM

Quote from: eckmar on May 18, 2017, 08:07:12 AM

Quote from: User365 on May 14, 2017, 10:58:52 AM

WannaCry 2.0 is out and, guess what there is no killswitch anymore Grin

If you wanna protect against such threats, check out https://bitcointalksearch.org/topic/m.18888453
Its impossible to get infected with WannaCry if you follow the whole guide

I'll tell you this for free.
1) Update your Windows to latest version
2) Get Paid antivirus like ESET
3) Have brain

And that should cover it about all...

Many institutions like NHS can't afford to update all of their systems, also there are many devices that can't be upgraded like medical equipment

Stupid reasoning on their part. Their mindset should be 'Can't afford not to upgrade'.

Markley

newbie

Activity: 21

Merit: 0

Quote from: eckmar on May 18, 2017, 08:07:12 AM

Quote from: User365 on May 14, 2017, 10:58:52 AM

WannaCry 2.0 is out and, guess what there is no killswitch anymore Grin

If you wanna protect against such threats, check out https://bitcointalksearch.org/topic/m.18888453
Its impossible to get infected with WannaCry if you follow the whole guide

I'll tell you this for free.
1) Update your Windows to latest version
2) Get Paid antivirus like ESET
3) Have brain

And that should cover it about all...

Many institutions like NHS can't afford to update all of their systems, also there are many devices that can't be upgraded like medical equipment

Topic: Monitoring WannaCry hackers' bitcoin addresses in real time - page 2. (Read 22954 times)