Wan­naCry Ran­somware Hack­er Cash Out their $140,000 Bit­coin Wallet


Earlier this year in May, one of the largest cyber security attacks of recent times affected over 300,000 Windows systems worldwide with WannaCry or WannaCrypt ransomware — a malware which exploits a Windows bug and gains access to the system, locking the crucial files.

Bitcoin 2007769 1280
WannaCry Ransomware attackers wipe clean the Bitcoin Wallets associated with the attack, cashing out in the tune of $140,000

And on August 3, almost three months after the attacks, the hackers behind the attack have emptied the Bitcoin wallets associated with the payments made at the time, as reported by Quartz’ Keith Collins who had setup a bot to track transactions of that wallet.

The ransomware affected a number of countries including Russia, Ukraine, India, Spain, UK, USA, Brazil, China and several others in North and Latin America.

The ransomware which was initiated via SMB in system servers has affected over 300,000 computers worldwide, taking the files on these systems hostage until the ransom — demanded in bitcoins — is paid off by the organisations.

The vulnerability which inspired the attacks was fixed by Microsoft in an update rolled out on March 14, 2017, but those running old OS like XP as well as those who had yet not updated their systems were among the ones hit by the attack.

The three Bitcoin wallets identified by researchers had accumulated $140,000 in Bitcoins and were further given a push when the crypto currency’s value surged due to a split.


The withdrawals were made in six instalments and in a few hours, the entire money in the wallets was wiped clean.

Internet-connected devices across the globe need security updates every now and then to be able to protect users against attacks that exploit vulnerabilities found on the system.

It’s advisable to at least update your system with the security updates from the vendor which rolled out to mitigate exploits that can be used by an attacker to harm your device and files contained within.

It’s still unclear as to who was behind this attack which led to a lot of government services globally crippled. Earlier reports point towards ShadowBroker hacker group or the North Korea government.

In June this year, another Petya ransomware hit thousand of PCs in several countries. It used a modified version of the EternalBlue vulnerability exploited in the WannaCry attacks and hit more than 2000 PCs worldwide in Spain, France, Ukraine, Russia and other countries.

Although later it was found out that the main target was Ukraine and it was speculated to be a state-sponsored cyber attack by Russia.

The above article may contain affiliate links which help support Guiding Tech. However, it does not affect our editorial integrity. The content remains unbiased and authentic.

Also See
#Bitcoin #hacking

Join the newsletter


Written By


Bike enthusiast, traveller, ManUtd follower, army brat, word-smith; Delhi University, Asian College of Journalism, Cardiff University alumnus; a journalist breathing tech these days.