Monitoring WannaCry hackers' bitcoin addresses in real time - page 7.

coinits

legendary

Activity: 1582

Merit: 1019

011110000110110101110010

Quote from: aso118 on May 14, 2017, 09:28:37 PM

Quote from: unamis76 on May 14, 2017, 03:39:54 PM

Addresses are a little over 20 BTC. Never thought they'd see this much money, actually...

Quote from: coinits on May 13, 2017, 11:30:22 PM

Question: Once you pay the ransom, how does the hacker know it was you who paid?

I missed that part. I mean people are sending their BTC to them. How are they tying the payment to the computer?

I was questioning myself exactly this. Maybe the ransomware hás a place to input txid?

Hmm... The ransomware would then need to centrally keep track of which transaction ids have been used.
What is somebody just copies the transaction id once the transaction is broadcast and keys it into the ransomware?

Looking at the image in the Twitter link above, perhaps once you send the required amount, it is automatically decrypted. They actually let you decrypt some files at no cost to prove it works. Nice of the crooks to give you a free sample.

Sadlife

sr. member

Activity: 1400

Merit: 269

You can actually decrypt the zip file of wannacry ransomware
the password is WNcry@2017.

You can thank me for that if get infected by it. Dont give this hackers bitcoin!

coinits

legendary

Activity: 1582

Merit: 1019

011110000110110101110010

Quote from: piyo-maru on May 14, 2017, 09:10:25 PM

hi!
Maybe this address is also used.
===
1QAc9S5EmycqjzzWDc1yiWzr9jJLC8sLiY
===

from:
https://twitter.com/malwrhunterteam/status/851687635554848768

Appears so

https://blockchain.info/address/1QAc9S5EmycqjzzWDc1yiWzr9jJLC8sLiY

12 transactions = 3.25249956 BTC as of 01:50 GMT

aso118

legendary

Activity: 1918

Merit: 1012

★Nitrogensports.eu★

Quote from: unamis76 on May 14, 2017, 03:39:54 PM

Addresses are a little over 20 BTC. Never thought they'd see this much money, actually...

Quote from: coinits on May 13, 2017, 11:30:22 PM

Question: Once you pay the ransom, how does the hacker know it was you who paid?

I missed that part. I mean people are sending their BTC to them. How are they tying the payment to the computer?

I was questioning myself exactly this. Maybe the ransomware hás a place to input txid?

Hmm... The ransomware would then need to centrally keep track of which transaction ids have been used.
What is somebody just copies the transaction id once the transaction is broadcast and keys it into the ransomware?

piyo-maru

newbie

Activity: 1

Merit: 0

hi!
Maybe this address is also used.
===
1QAc9S5EmycqjzzWDc1yiWzr9jJLC8sLiY
===

from:
https://twitter.com/malwrhunterteam/status/851687635554848768

Harry Callahan

sr. member

Activity: 350

Merit: 250

Quote from: btcforall777 on May 14, 2017, 03:42:49 PM

Some of the media are blaming them on the drop in BTC price as they happened simultaneously. Make sense to me. What do you think?

I really do not see any major drop in the price of bitcoin,which charts are you watching. Thought is going for a correction yesterday but the price re bounded pretty soon.I am sure the authorities will be monitoring their moves and if they do something foolish then it is time they go inside bars for a long time. These kind of cheats and extortionist must be brought to the law.

coinits

legendary

Activity: 1582

Merit: 1019

011110000110110101110010

Quote from: btcforall777 on May 14, 2017, 07:22:34 PM

Quote from: coinits on May 14, 2017, 04:17:48 PM

Quote from: btcforall777 on May 14, 2017, 03:42:49 PM

Some of the media are blaming them on the drop in BTC price as they happened simultaneously. Make sense to me. What do you think?

I doubt it. The bulk of people being affected don't control the btc market. The whole market is in a bubble. Bubbles burst...eventually.

Maybe the market is just looking for a reason or reasons. Like you said people are afraid to jump.

20.95 BTC hardly seems like enough to manipulate the market. Fear could but I don't see the fearful affecting this market because I doubt that many have more than a cursory knowledge of bitcoin.

btcforall777

full member

Activity: 235

Merit: 250

Quote from: coinits on May 14, 2017, 04:17:48 PM

Quote from: btcforall777 on May 14, 2017, 03:42:49 PM

Some of the media are blaming them on the drop in BTC price as they happened simultaneously. Make sense to me. What do you think?

I doubt it. The bulk of people being affected don't control the btc market. The whole market is in a bubble. Bubbles burst...eventually.

Maybe the market is just looking for a reason or reasons. Like you said people are afraid to jump.

Yakamoto

legendary

Activity: 1218

Merit: 1007

Quote from: coinits on May 14, 2017, 04:17:48 PM

Quote from: btcforall777 on May 14, 2017, 03:42:49 PM

Some of the media are blaming them on the drop in BTC price as they happened simultaneously. Make sense to me. What do you think?

I doubt it. The bulk of people being affected don't control the btc market. The whole market is in a bubble. Bubbles burst...eventually.

I've been thinking the same thing since we crossed $1,600. It seems like the market is growing too big for its own good and there's a relatively high chance we're in the middle of a bubble.

I do not believe that the ransomware had that much of an effect on the value of Bitcoin, it likely had a small impact on the value at most.

coinits

legendary

Activity: 1582

Merit: 1019

011110000110110101110010

Quote from: VarDiff on May 14, 2017, 05:42:40 PM

Realtime balance for all WannaCry' wallets here:

https://whitesunset.github.io/wannacrypt_balance/

Good link. Saves me the time copying and pasting.

I am still not buying that there are only 3 addresses though.

VarDiff

full member

Activity: 196

Merit: 100

Realtime balance for all WannaCry' wallets here:

https://whitesunset.github.io/wannacrypt_balance/

coinits

legendary

Activity: 1582

Merit: 1019

011110000110110101110010

Quote from: btcforall777 on May 14, 2017, 03:42:49 PM

Some of the media are blaming them on the drop in BTC price as they happened simultaneously. Make sense to me. What do you think?

I doubt it. The bulk of people being affected don't control the btc market. The whole market is in a bubble. Bubbles burst...eventually.

coinits

legendary

Activity: 1582

Merit: 1019

011110000110110101110010

Quote from: User365 on May 14, 2017, 11:58:52 AM

WannaCry 2.0 is out and, guess what there is no killswitch anymore Grin

If you wanna protect against such threats, check out https://bitcointalksearch.org/topic/m.18888453
Its impossible to get infected with WannaCry if you follow the whole guide

Was just in to sat the same thing. Crooks read the headlines and fixed their kill switch.

btcforall777

full member

Activity: 235

Merit: 250

Some of the media are blaming them on the drop in BTC price as they happened simultaneously. Make sense to me. What do you think?

MingLee

hero member

Activity: 490

Merit: 520

Quote from: joshy23 on May 14, 2017, 09:10:05 AM

Quote from: Wendigo on May 14, 2017, 12:30:56 AM

Quote from: jaberwock on May 13, 2017, 11:05:51 PM

Now how they will spend their hard earned hacking money, considering the addresses are known and probably are blacklisted everywhere?

Putting the coins through a mixing service most likely.

Next logical step maybe is to try to talk to this mixing services and to not let them used their services. But I doubt any agency specially UK and USA will do this for the sake of capturing the culprit. Or maybe the mixing services will do their own action, so that they can't used any exchange to convert the bitcoin they stole to fiat. Its like releasing the bitcoin wallet to all exchanges so that it will be blacklisted.

If they put it into an exchange and take it out again there's a decent chance that they're never really going to be ID'd as long as they use means to conceal where they are and other information about themselves. Sending it into an exchange, waiting, then sending it into a mixer, then another, and then doing whatever, might enough to break up their trail but dedicated individuals might keep diving deeper.

unamis76

legendary

Activity: 1512

Merit: 1009

Addresses are a little over 20 BTC. Never thought they'd see this much money, actually...

Quote from: coinits on May 13, 2017, 11:30:22 PM

Question: Once you pay the ransom, how does the hacker know it was you who paid?

I missed that part. I mean people are sending their BTC to them. How are they tying the payment to the computer?

I was questioning myself exactly this. Maybe the ransomware has a place to input txid?

lite

legendary

Activity: 1400

Merit: 1009

Quote from: Iranus on May 13, 2017, 03:27:06 PM

Do people really not back up their files regularly?

No, they're too lazy to do it! i keep most of my files on external hdd and some important files on google drive(automatic sync) and i don't use windows. Wink

why isn't ETH demanded as ransom? leave bitcoin alone.

deisik

legendary

Activity: 3458

Merit: 1280

English ⬄ Russian Translation Services

Quote from: pixie85 on May 14, 2017, 11:54:06 AM

Quote from: deisik on May 14, 2017, 11:39:06 AM

Quote from: rifiuti on May 14, 2017, 10:38:58 AM

Almost $32k received based on the current btc rate.

That's nothing in terms of impact on Bitcoin price

I'd say that's a fair amount of money for making an encrypting trojan. It paid well for the time they spent making it, especially well since they left an easy to find way to shut it all down. Also I don't think the price decreased purely because of this hack. It didn't target the Bitcoin network, so there was no reason to panic and the price was peaking for days. People were waiting to take their profits.

Well, we don't know that for sure

Maybe, they didn't pay anything at all and just stole the code from the Alphabet agency (maybe, it was one of their employees or something to that tune). We don't know either if they will be caught but if they do get caught eventually, no amount of profit will be worth it unless they get off cheaply while extorting literally millions of dollars (like Cryptsy scammers did). Regarding Bitcoin prices, I'm never tired to repeat that with higher price we should expect higher volatility, even in relative terms, so the price swings of 200 dollars shouldn't surprise anyone any more. My best bet is for 1,200 dollars as a new support level and 2,000 dollars as a new resistance level

streazight

hero member

Activity: 910

Merit: 502

Quote from: Qunenin on May 13, 2017, 01:13:35 PM

Quote from: coinits on May 13, 2017, 12:13:09 PM

For a global attack they have not collected a lot of bitcoin yet. Results as of 16:00 GMT

Address 1: 12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw

live link: https://blockchain.info/address/12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw

31 transactions = 4.65255659 BTC

Address 2: 115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn

live link: https://blockchain.info/address/115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn

27 transactions = 3.10004389 BTC

Wallet 3: 13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94

live link: https://blockchain.info/address/13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94

36 transactions = 6.53259945 BTC

~ 14.28 BTC x $1735.35 per BTC = $24,781 ransom paid thus far.

Add more addresses as you find them.

As compare to a massive world wide attack, the amount collected so far is not as much as it should be. I also wonder if the people after paying the ransom, were there computer back to normal or still they remain affected by virus ?

The virus made the files encrypted and then it will decrypted once you pay $300 as a ransom.
To help reducing further spreading of the ransomware possible measurement should be taken to avoid opening unknown emails and especially the one related to invoice.

User365

sr. member

Activity: 434

Merit: 251

physics, mathematics and engineering

WannaCry 2.0 is out and, guess what there is no killswitch anymore Grin

If you wanna protect against such threats, check out https://bitcointalksearch.org/topic/m.18888453
Its impossible to get infected with WannaCry if you follow the whole guide

Topic: Monitoring WannaCry hackers' bitcoin addresses in real time - page 7. (Read 22954 times)