And on August 3, almost three months after the attacks, the hackers behind the attack have emptied the Bitcoin wallets associated with the payments made at the time, as reported by Quartz’ Keith Collins who had setup a bot to track transactions of that wallet.
The ransomware affected a number of countries including Russia, Ukraine, India, Spain, UK, USA, Brazil, China and several others in North and Latin America.
The ransomware which was initiated via SMB in system servers has affected over 300,000 computers worldwide, taking the files on these systems hostage until the ransom — demanded in bitcoins — is paid off by the organisations.
The vulnerability which inspired the attacks was fixed by Microsoft in an update rolled out on March 14, 2017, but those running old OS like XP as well as those who had yet not updated their systems were among the ones hit by the attack.
The three Bitcoin wallets identified by researchers had accumulated $140,000 in Bitcoins and were further given a push when the crypto currency’s value surged due to a split.
The withdrawals were made in six instalments and in a few hours, the entire money in the wallets was wiped clean.
Internet-connected devices across the globe need security updates every now and then to be able to protect users against attacks that exploit vulnerabilities found on the system.
It’s advisable to at least update your system with the security updates from the vendor which rolled out to mitigate exploits that can be used by an attacker to harm your device and files contained within.
It’s still unclear as to who was behind this attack which led to a lot of government services globally crippled. Earlier reports point towards ShadowBroker hacker group or the North Korea government.