Bitcoin Forum
November 24, 2017, 09:21:51 AM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 3 4 5 6 7 8 9 »  All
  Print  
Author Topic: Monitoring WannaCry hackers' bitcoin addresses in real time  (Read 21989 times)
coinits
Legendary
*
Offline Offline

Activity: 1092


011110000110110101110010


View Profile
May 13, 2017, 04:13:09 PM
 #1

For a global attack they have not collected a lot of bitcoin yet. Results as of 16:00 GMT

Address 1: 12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw

live link: https://blockchain.info/address/12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw

31 transactions = 4.65255659 BTC



Address 2: 115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn

live link: https://blockchain.info/address/115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn

27 transactions = 3.10004389 BTC



Wallet 3: 13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94

live link: https://blockchain.info/address/13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94

36 transactions = 6.53259945 BTC



~ 14.28 BTC x $1735.35 per BTC = $24,781 ransom paid thus far.



Add more addresses as you find them.

Jump you fuckers! | The thing about smart motherfuckers is they sound like crazy motherfuckers to dumb motherfuckers. | My sig space for rent for 25 btc per week.
Join ICO Now Coinlancer is Disrupting the Freelance marketplace!
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1511515311
Hero Member
*
Offline Offline

Posts: 1511515311

View Profile Personal Message (Offline)

Ignore
1511515311
Reply with quote  #2

1511515311
Report to moderator
1511515311
Hero Member
*
Offline Offline

Posts: 1511515311

View Profile Personal Message (Offline)

Ignore
1511515311
Reply with quote  #2

1511515311
Report to moderator
Qunenin
Hero Member
*****
Offline Offline

Activity: 686



View Profile
May 13, 2017, 05:13:35 PM
 #2

For a global attack they have not collected a lot of bitcoin yet. Results as of 16:00 GMT

Address 1: 12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw

live link: https://blockchain.info/address/12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw

31 transactions = 4.65255659 BTC



Address 2: 115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn

live link: https://blockchain.info/address/115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn

27 transactions = 3.10004389 BTC



Wallet 3: 13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94

live link: https://blockchain.info/address/13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94

36 transactions = 6.53259945 BTC



~ 14.28 BTC x $1735.35 per BTC = $24,781 ransom paid thus far.



Add more addresses as you find them.

As compare to a massive world wide attack, the amount collected so far is not as much as it should be.  I also wonder if the people after paying the ransom, were there computer back to normal or still they remain affected by virus ?

    ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄   
   ████████████████████████████████  
     ▀██████████████████████████▀    
        ▀████████████████████▀       
          ████████████████▀         
            █████████████           
            ▀████████████▀           
             ▀██████████▀            
              ██████████             
               ████████              
               ▀██████▀              
                ██████               
                  ▀                  
.
.trade.io.
██████
██████
███
███
███
███
███
███
███
███
███
██████
██████

▄██████████████████▄
███       ▀███████
███       █████████
███       █████████
███       █████████
███              ██
███   ▄▄▄▄▄▄▄▄   ███
███   ▄▄▄▄▄▄▄▄   ███
███              ███
███▄▄▄▄▄▄▄▄▄▄▄▄▄▄███
██████████████████▀

▄██████████████████▄
███████████▀ ███████
█████████▀   ███████
███████▀     ██▀ ███
███ ▀▀       █▄▄████
███          █▀▀▀▀██
███ ▄▄       ███████
██████▄     █▄ ▀███
█████████▄   ███▄███
███████████▄ ███████
▀██████████████████▀

▄██████████████████▄
████████████████████
███████████████▀▀ ██
█████████▀▀     ███
████▀▀     ▄█▀   ███
███▄    ▄██      ███
█████████▀      ▄██
█████████▄     ████
█████████████▄ ▄████
████████████████████
▀██████████████████▀
██████
██████
   ███
   ███
   ███
   ███
   ███
   ███
   ███
   ███
   ███
██████
██████
.
.Join the Trading Revolution.
coinits
Legendary
*
Offline Offline

Activity: 1092


011110000110110101110010


View Profile
May 13, 2017, 05:23:54 PM
 #3


For a global attack they have not collected a lot of bitcoin yet. Results as of 16:00 GMT

Address 1: 12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw

live link: https://blockchain.info/address/12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw

31 transactions = 4.65255659 BTC



Address 2: 115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn

live link: https://blockchain.info/address/115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn

27 transactions = 3.10004389 BTC



Wallet 3: 13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94

live link: https://blockchain.info/address/13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94

36 transactions = 6.53259945 BTC



~ 14.28 BTC x $1735.35 per BTC = $24,781 ransom paid thus far.



Add more addresses as you find them.

As compare to a massive world wide attack, the amount collected so far is not as much as it should be.  I also wonder if the people after paying the ransom, were there computer back to normal or still they remain affected by virus ?

I assume the following:
- that some institutions reverted to clean backups
- there are more than 3 addresses
- spread was stopped by a blogger who discovered a kill switch in the virus (this has been verified) - https://www.theguardian.com/technology/2017/may/13/accidental-hero-finds-kill-switch-to-stop-spread-of-ransomware-cyber-attack

Jump you fuckers! | The thing about smart motherfuckers is they sound like crazy motherfuckers to dumb motherfuckers. | My sig space for rent for 25 btc per week.
Iranus
Hero Member
*****
Offline Offline

Activity: 504


View Profile
May 13, 2017, 07:27:06 PM
 #4

Do people really not back up their files regularly?

I would assume that a huge part of the reason the thieves aren't getting as much money as we'd expect is because most people back up their files at least every month or so.  Institutions should back up their files much more regularly than that.

Unless there's very significant new sensitive information that needs decrypting, there's not much reason for people to pay such a big ransom.  If it was $20 instead, I would probably pay it anyway, but there's really no point.

NeuroticFish
Legendary
*
Offline Offline

Activity: 1316


Tooth Fairy, do you have an USB miner for me?


View Profile
May 13, 2017, 07:33:45 PM
 #5

If it was $20 instead, I would probably pay it anyway, but there's really no point.

Yes, that's why they don't really target individuals. But if they've found a couple of sloppy companies, jackpot!


I assume the following:
- that some institutions reverted to clean backups
- there are more than 3 addresses
- spread was stopped by a blogger who discovered a kill switch in the virus (this has been verified) - https://www.theguardian.com/technology/2017/may/13/accidental-hero-finds-kill-switch-to-stop-spread-of-ransomware-cyber-attack

There have to be more than 3 addresses. And it's Saturday, many companies cannot access their money until the banks open Monday. Only then we'll see how big the damage is...

.BITSLER.                 ▄███
               ▄████▀
             ▄████▀
           ▄████▀  ▄██▄
         ▄████▀    ▀████▄
       ▄████▀        ▀████▄
     ▄████▀            ▀████▄
   ▄████▀                ▀████▄
 ▄████▀ ▄████▄      ▄████▄ ▀████▄
█████   ██████      ██████   █████
 ▀████▄ ▀████▀      ▀████▀ ▄████▀
   ▀████▄                ▄████▀
     ▀████▄            ▄████▀
       ▀████▄        ▄████▀
         ▀████▄    ▄████▀
           ▀████▄▄████▀
             ▀██████▀
               ▀▀▀▀
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄            
▄▄▄▄▀▀▀▀    ▄▄█▄▄ ▀▀▄         
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄      
█  ▀▄▄  ▀█▀▀ ▄      ▀████   ▀▀▄   
█ █▄  ▀▄   ▀████       ▀▀ ▄██▄ ▀▀▄
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
█  ▀▀       ▀▄▄ ▀████      ▄▄▄▀▀▀  █
█            ▄ ▀▄    ▄▄▄▀▀▀   ▄▄  █
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
█ ▄▄   ███   ▀██  █           ▀▀  █ 
█ ███  ▀██       █        ▄▄      █ 
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀  
▀▄            █        ▀▀      █  
▀▀▄   ███▄  █   ▄▄          █   
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀    
▀▀▄   █   ▀▀▄▄▄▀▀▀         
▄▄▄▄▄▄▄▄▄▄▄█▄▄▀▀▀▀              
              ▄▄▄██████▄▄▄
          ▄▄████████████████▄▄
        ▄██████▀▀▀▀▀▀▀▀▀▀██████▄
▄     ▄█████▀             ▀█████▄
██▄▄ █████▀                ▀█████
 ████████            ▄██      █████
  ████████▄         ███▀       ████▄
  █████████▀▀     ▄███▀        █████
   █▀▀▀          █████         █████
     ▄▄▄         ████          █████
   █████          ▀▀           ████▀
    █████                     █████
     █████▄                 ▄█████
      ▀█████▄             ▄█████▀
        ▀██████▄▄▄▄▄▄▄▄▄▄██████▀
          ▀▀████████████████▀▀
              ▀▀▀██████▀▀▀
            ▄▄▄███████▄▄▄
         ▄█▀▀▀ ▄▄▄▄▄▄▄ ▀▀▀█▄
       █▀▀ ▄█████████████▄ ▀▀█
     █▀▀ ███████████████████ ▀▀█
    █▀ ███████████████████████ ▀█
   █▀ ███████████████▀▀ ███████ ▀█
 ▄█▀ ██████████████▀      ▀█████ ▀█▄
███ ███████████▀▀            ▀▀██ ███
███ ███████▀▀                     ███
███ ▀▀▀▀                          ███
▀██▄                             ▄██▀
  ▀█▄                            ▀▀
    █▄       █▄▄▄▄▄▄▄▄▄█
     █▄      ▀█████████▀
      ▀█▄      ▀▀▀▀▀▀▀
        ▀▀█▄▄  ▄▄▄
            ▀▀█████
[]
leopard2
Legendary
*
Offline Offline

Activity: 1239


View Profile
May 13, 2017, 08:57:22 PM
 #6

LOL hourly rate of hackers is not so good IMHO, maybe honest contract work would have been better... (they obviously have skills) Grin

Truth is the new hatespeech.
FruitsBasket
Legendary
*
Offline Offline

Activity: 952


Lordmancer II - a game where you can mine


View Profile WWW
May 13, 2017, 08:59:45 PM
 #7

If it was $20 instead, I would probably pay it anyway, but there's really no point.

Yes, that's why they don't really target individuals. But if they've found a couple of sloppy companies, jackpot!


I assume the following:
- that some institutions reverted to clean backups
- there are more than 3 addresses
- spread was stopped by a blogger who discovered a kill switch in the virus (this has been verified) - https://www.theguardian.com/technology/2017/may/13/accidental-hero-finds-kill-switch-to-stop-spread-of-ransomware-cyber-attack

There have to be more than 3 addresses. And it's Saturday, many companies cannot access their money until the banks open Monday. Only then we'll see how big the damage is...
Do you really think that those big companies that are affected by the virus will be paying bitcoins to decrypt their infected files? I think they just get specialist to remove the ransomware, but I am not sure if that is even possible with this big infection from last week.

.▄▄▄▄▄▄▄      ▄▄▄▄▄▄       ▄▄▄▄▄      ▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄ 
░░░░░░░█    █░░░░░░▀▄   ▄▀░░░░░█    █░░░░░░░░░░░░░░
 ▀█░░░█▀      ▀█░░░░░█  ▄▀░░░░█▀      ▀█░░░█▀ ▀█░░░█▀
  █░░░█        █░░░░░░█ █░░░░░░█       █░░░█   █░░░█ 
  █░░░█    ▄▄  █░░░░░░░░░░░░█       █░░░█   █░░░█ 
  █░░░█   █░░█ █░░██░░░░░░██░░░█       █░░░█   █░░░█ 
 ▄█░░░▀▄▄▄▀░░█▄█░░█▄█░░░░█▄█░░░█▄     ▄█░░░█▄ ▄█░░░█▄
░░░░░░░░░░░░░░░░░░██░░██░░░░░░░█   █░░░░░░░░░░░░░░
 ▀▀▀▀▀▀▀▀▀▀▀▀ ▀▀▀▀▀▀  ▀▀  ▀▀▀▀▀▀▀     ▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀

  Lordmancer II — MMO RPG where you can mine cryptocurrency 
   Pre ICO: 21.08.2017 WhitePaper ANN Bounty ICO: 07.11.2017
   Website ~ Telegram ~ FB ~ Reddit ~ Twitter
Janation
Hero Member
*****
Offline Offline

Activity: 532



View Profile
May 13, 2017, 10:42:26 PM
 #8

LOL hourly rate of hackers is not so good IMHO, maybe honest contract work would have been better... (they obviously have skills) Grin

Maybe they are tired being bossed around and not satisfied with what they are earning. So, since they have skills, why not do something that will make them earn more than they usually do. But, they are wasting their skills making such crimes, they can do better than that.



         ▄▄██████████▄▄
      ▄█████████████████                                ▄▄▄▄     ▄▄▄▄     ▄▄▄▄
    ▄███████▀▀   ▀▀██████                              ██████   ██████   ██████
   ▄██████▀        ██████                              ▀████▀   ▀████▀   ▀████▀
  ▐██████          ▀▀▀▀▀▀
  ██████
 ▐██████
 ██████      ███████████▌    ████████▄▄       ▄███▌     ▄██████████ ███████████▌
▐██████      ███████████    ▐███   ▀███▌     ▄████▌     ███▌           ▐███
██████▌          ██████▌    ███▌    ███▌    ███▀███     ███            ███▌
██████▌          ██████    ▐███▄▄▄▄███▀    ███  ███    ▐█████████      ███
███████         ███████    ████▀▀▀███▄    ███   ███▌   ███▀▀▀▀▀▀      ▐███
 ▀███████▄▄▄▄▄████████    ▐███     ███  ▄██████████▌  ▐███            ███▌
  ▀████████████████▀      ███▌    ▐███ ▄███     ▐███  ███▌           ▐███
     ▀▀███████▀▀▀         ▀▀▀     ▀▀▀▀ ▀▀▀       ▀▀▀  ▀▀▀            ▀▀▀▀

║▮
║▮
║▮

▮║
▮║
▮║



                 ▄████▄▄    ▄
██             ████████████▀
████▄         █████████████▀
▀████████▄▄   █████████████
▄▄█████████████████████████
██████████████████████████
  ▀██████████████████████
   █████████████████████
    ▀█████████████████▀
      ▄█████████████▀
▄▄███████████████▀
   ▀▀▀▀▀▀▀▀▀▀▀



       ▄▄▄▄▄▄
    ▄████████
    █████▀▀▀▀
   ▐████
   ▐████
████████████
████████████
   ▐████
   ▐████
   ▐████
   ▐████
   ▐████




                      ▄▄████
                ▄▄▄████████▌
          ▄▄▄███████▀▄█████
     ▄▄█████████▀▀ ▄██████▌
▄▄███████████▀  ▄█████████
 ▀▀▀█████▀    ▄██████████▌
       ██   █████████████
        █▄ █████████████▌
        ▐█▄███▀▀████████
         ███▀    ▀▀████▌
                    ▀▀█


                   ▄▄▄    ▄▄██▄▄
                   ██▀▀██████████
                  ██     ████████
                 ▐█▀      ▀████▀
   ▄▄▄▄    ▄▄██████████▄▄    ▄▄▄▄
 ▄████████████████████████████████▄
▐██████████████████████████████████▌
▐██████████   ▀██████▀   ███████████
 █████████▌    ██████    ██████████
  ▀██████████████████████████████▀
   ▀████████▀▀████████▀▀████████▀
     ▀███████▄        ▄████████▀
       ▀████████████████████▀
          ▀▀▀▀█████████▀▀▀▀
stripykitteh
Hero Member
*****
Offline Offline

Activity: 840


"Flixxo - Watch, Share, Earn!"


View Profile
May 13, 2017, 10:54:29 PM
 #9

For a global attack they have not collected a lot of bitcoin yet. Results as of 16:00 GMT

Address 1: 12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw

live link: https://blockchain.info/address/12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw

31 transactions = 4.65255659 BTC



Address 2: 115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn

live link: https://blockchain.info/address/115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn

27 transactions = 3.10004389 BTC



Wallet 3: 13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94

live link: https://blockchain.info/address/13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94

36 transactions = 6.53259945 BTC



~ 14.28 BTC x $1735.35 per BTC = $24,781 ransom paid thus far.



Add more addresses as you find them.
That’s a pretty nice payday for not really doing anything all day. I am pretty sure that the hacker might’ve paid for the ransom software so he might be in the negative right now.
What is kind of surprising to me is that these people have Bitcoin already installed or they have already verified their profiles on Bitcoin Exchanges that allowed them to pay the ransom. That was really fast considering how Bitcoin is pretty new to the scene, somebody should fire the tech guy.

X       ▄▄█████████▄▄
    ▄██▀▀         ▀▀██▄
  ▄██▀              ▀██▄
 ▄██     ██▄▄          ██▄
▄██      █████▄▄        ██▄
██       ████████▄▄      ██
██       ███████████▄    ██
██       ██████████▀     ██
▀██      ███████▀       ██▀
 ▀██     ████▀         ██▀
  ▀██▄   █▀          ▄██▀
    ▀██▄▄         ▄▄██▀
       ▀▀█████████▀▀
.flixxo    X▄████████████████████▄
██████████████████████
██████████████████████
████████████▀▀███████
█████▀████░░░░░░▄████
█████░░░░▀░░░░░▄█████
█████▄░░░░░░░░░░██████
██████░░░░░░░░░███████
███████░░░░░░▄████████
████▄▄░░░░▄▄██████████

██████████████████████
██████████████████████
▀████████████████████▀
▄████████████████████▄
██████████████████████
█████████▀█▀██████████
██████▀▀▀▀▀████████
██████▄▄░░▄▄▄░░███████
████████░░███░░███████
████████░░░░░░▀███████
████████░░███▄░░██████
██████▀▀░░▀▀▀░░░██████
██████▄▄▄▄▄▄███████
█████████▄█▄██████████

██████████████████████
▀████████████████████▀
X[[]]X
crairezx20
Hero Member
*****
Offline Offline

Activity: 854



View Profile WWW
May 13, 2017, 11:11:43 PM
 #10

If it was $20 instead, I would probably pay it anyway, but there's really no point.

Yes, that's why they don't really target individuals. But if they've found a couple of sloppy companies, jackpot!


I assume the following:
- that some institutions reverted to clean backups
- there are more than 3 addresses
- spread was stopped by a blogger who discovered a kill switch in the virus (this has been verified) - https://www.theguardian.com/technology/2017/may/13/accidental-hero-finds-kill-switch-to-stop-spread-of-ransomware-cyber-attack

There have to be more than 3 addresses. And it's Saturday, many companies cannot access their money until the banks open Monday. Only then we'll see how big the damage is...
Do you really think that those big companies that are affected by the virus will be paying bitcoins to decrypt their infected files? I think they just get specialist to remove the ransomware, but I am not sure if that is even possible with this big infection from last week.
Ransomware honestly its so easy to remove there are many software that can remove those ransomeware upon experience this virus before by many laptops and computers when i was repairing their computer i notice that they are just hiding the files and only the created and copy of your files are in same folder that you can only seen if you turn of the hide system files..
Kaspersky is 1 of the tool that can recover your files from ransomware  this link may help you to recover all of your files from ransomware.
https://noransom.kaspersky.com/
many different ransomware so you can test them all to clean affected computer..

The other thing to make clean your computer is advanced hirens not a free 1 i think the hirens that i use for repairing by many years its i think hirens restored edition proteus.. this is not recommended for beginners . you can find this tool in piratebay..

    ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄   
   ████████████████████████████████  
     ▀██████████████████████████▀    
        ▀████████████████████▀       
          ████████████████▀         
            █████████████           
            ▀████████████▀           
             ▀██████████▀            
              ██████████             
               ████████              
               ▀██████▀              
                ██████               
                  ▀                  
.
.trade.io.
██████
██████
███
███
███
███
███
███
███
███
███
██████
██████

▄██████████████████▄
███       ▀███████
███       █████████
███       █████████
███       █████████
███              ██
███   ▄▄▄▄▄▄▄▄   ███
███   ▄▄▄▄▄▄▄▄   ███
███              ███
███▄▄▄▄▄▄▄▄▄▄▄▄▄▄███
██████████████████▀

▄██████████████████▄
███████████▀ ███████
█████████▀   ███████
███████▀     ██▀ ███
███ ▀▀       █▄▄████
███          █▀▀▀▀██
███ ▄▄       ███████
██████▄     █▄ ▀███
█████████▄   ███▄███
███████████▄ ███████
▀██████████████████▀

▄██████████████████▄
████████████████████
███████████████▀▀ ██
█████████▀▀     ███
████▀▀     ▄█▀   ███
███▄    ▄██      ███
█████████▀      ▄██
█████████▄     ████
█████████████▄ ▄████
████████████████████
▀██████████████████▀
██████
██████
   ███
   ███
   ███
   ███
   ███
   ███
   ███
   ███
   ███
██████
██████
.
.Join the Trading Revolution.
BitMaxz
Hero Member
*****
Offline Offline

Activity: 896


View Profile
May 13, 2017, 11:12:57 PM
 #11

I think computer that has no anti virus can be affected easily most of those virus is from torrent and some files we are download so always check that you are using a good antivirus to protect your file..  i already experience my computer was affect the exe files almost all are affected but i just use and update my os and the internet security and fix my issue.

every time i open my computer there is a welcome note that i need to pay for the amount to recover all the files effected they said its not  a virus but they are giving a password to decrypt affected computer after payment..
But  never pay them because i know many ways to fix the computer.

freebutcaged
Sr. Member
****
Offline Offline

Activity: 476


https://gexcrypto.io


View Profile
May 13, 2017, 11:29:47 PM
 #12

I think Windows is trying to take ransom from me Smiley for a few days when I open my laptop with Windows 10 installed which I downloaded from official MicroSoft source now I get a watermark note in bottom right corner that asks me to activate Windows, wtf is this related to the hacking currently?

               ███
     ▄▄▄▄▄     ▀▀▀
  ▄█████████▄
 ███▀     ▀███▄
███         ███
███         ███
 ███▄     ▄████
  ▀████████████
     ▀▀▀▀▀  ███
            ███
███▄       ▄███
 ▀███▄▄▄▄▄███▀
   ▀▀█████▀▀
gexcrypto
E X C R Y P T O

Global Trading Corp.
████
████
████
████
████  ████
████  ████
████  ████
████  ████
████  ████
      ████
      ████
      ████
      ████
YOUR COMPREHENSIVE CRYPTO TRADING PLATFORM
|       WHITEPAPER       |       FACEBOOK       |       TWITTER       |       ANN THREAD       |
████
████
████
████
████  ████
████  ████
████  ████
████  ████
████  ████
      ████
      ████
      ████
      ████
coinits
Legendary
*
Offline Offline

Activity: 1092


011110000110110101110010


View Profile
May 13, 2017, 11:40:31 PM
 #13

If it was $20 instead, I would probably pay it anyway, but there's really no point.

Yes, that's why they don't really target individuals. But if they've found a couple of sloppy companies, jackpot!


I assume the following:
- that some institutions reverted to clean backups
- there are more than 3 addresses
- spread was stopped by a blogger who discovered a kill switch in the virus (this has been verified) - https://www.theguardian.com/technology/2017/may/13/accidental-hero-finds-kill-switch-to-stop-spread-of-ransomware-cyber-attack

There have to be more than 3 addresses. And it's Saturday, many companies cannot access their money until the banks open Monday. Only then we'll see how big the damage is...
Do you really think that those big companies that are affected by the virus will be paying bitcoins to decrypt their infected files? I think they just get specialist to remove the ransomware, but I am not sure if that is even possible with this big infection from last week.

If the files are truly encrypted, removing the ransomware will not get the files back. Unless there is a clean backup you either lose the data or pay the ransom, and there is no guarantee that the key to decrypt will be supplied.


Jump you fuckers! | The thing about smart motherfuckers is they sound like crazy motherfuckers to dumb motherfuckers. | My sig space for rent for 25 btc per week.
coinits
Legendary
*
Offline Offline

Activity: 1092


011110000110110101110010


View Profile
May 14, 2017, 02:13:52 AM
 #14

For a global attack they have not collected a lot of bitcoin yet. Results as of 16:00 GMT

Address 1: 12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw

live link: https://blockchain.info/address/12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw

31 transactions = 4.65255659 BTC



Address 2: 115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn

live link: https://blockchain.info/address/115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn

27 transactions = 3.10004389 BTC



Wallet 3: 13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94

live link: https://blockchain.info/address/13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94

36 transactions = 6.53259945 BTC



~ 14.28 BTC x $1735.35 per BTC = $24,781 ransom paid thus far.



Add more addresses as you find them.


UPDATE: 02:15 GMT

Address 1: 39 transactions = 6.97303882 BTC
Address 2: 30 transactions = 3.64134512 BTC
Address 3: 35 transactions = 5.00218759 BTC

EDIT: How could an address grow in transactions and shrink in total BTC when no withdrawals have taken place? (see address #3)

Jump you fuckers! | The thing about smart motherfuckers is they sound like crazy motherfuckers to dumb motherfuckers. | My sig space for rent for 25 btc per week.
Korporal
Full Member
***
Offline Offline

Activity: 210



View Profile WWW
May 14, 2017, 02:48:10 AM
 #15

If it was $20 instead, I would probably pay it anyway, but there's really no point.

Yes, that's why they don't really target individuals. But if they've found a couple of sloppy companies, jackpot!


I assume the following:
- that some institutions reverted to clean backups
- there are more than 3 addresses
- spread was stopped by a blogger who discovered a kill switch in the virus (this has been verified) - https://www.theguardian.com/technology/2017/may/13/accidental-hero-finds-kill-switch-to-stop-spread-of-ransomware-cyber-attack

There have to be more than 3 addresses. And it's Saturday, many companies cannot access their money until the banks open Monday. Only then we'll see how big the damage is...
Do you really think that those big companies that are affected by the virus will be paying bitcoins to decrypt their infected files? I think they just get specialist to remove the ransomware, but I am not sure if that is even possible with this big infection from last week.

If the files are truly encrypted, removing the ransomware will not get the files back. Unless there is a clean backup you either lose the data or pay the ransom, and there is no guarantee that the key to decrypt will be supplied.

Not necessarily.
If your files are on magnetic HD and not on an SSD, you could try to recover encrypted files by using a decent file recovery program. As long as the encryption process doesn't do too many passes on the file location on the platter you "might" be able to recover the original version.
Haven't tried it but its worth a shot. What other options do you have?
I've recovered files deleted 8 years ago off a customers pc a few years ago. BTW, I was using forensic-level recovery programs tho.
jaberwock
Legendary
*
Offline Offline

Activity: 1260


View Profile
May 14, 2017, 03:05:51 AM
 #16

Now how they will spend their hard earned hacking money, considering the addresses are known and probably are blacklisted everywhere?

shinratensei_
Hero Member
*****
Offline Offline

Activity: 784



View Profile
May 14, 2017, 03:14:43 AM
 #17

If it was $20 instead, I would probably pay it anyway, but there's really no point.

Yes, that's why they don't really target individuals. But if they've found a couple of sloppy companies, jackpot!


I assume the following:
- that some institutions reverted to clean backups
- there are more than 3 addresses
- spread was stopped by a blogger who discovered a kill switch in the virus (this has been verified) - https://www.theguardian.com/technology/2017/may/13/accidental-hero-finds-kill-switch-to-stop-spread-of-ransomware-cyber-attack

There have to be more than 3 addresses. And it's Saturday, many companies cannot access their money until the banks open Monday. Only then we'll see how big the damage is...
Do you really think that those big companies that are affected by the virus will be paying bitcoins to decrypt their infected files? I think they just get specialist to remove the ransomware, but I am not sure if that is even possible with this big infection from last week.
Ransomware honestly its so easy to remove there are many software that can remove those ransomeware upon experience this virus before by many laptops and computers when i was repairing their computer i notice that they are just hiding the files and only the created and copy of your files are in same folder that you can only seen if you turn of the hide system files..
Kaspersky is 1 of the tool that can recover your files from ransomware  this link may help you to recover all of your files from ransomware.
https://noransom.kaspersky.com/
many different ransomware so you can test them all to clean affected computer..

The other thing to make clean your computer is advanced hirens not a free 1 i think the hirens that i use for repairing by many years its i think hirens restored edition proteus.. this is not recommended for beginners . you can find this tool in piratebay..
Are you sure? In this time I was assuming if Wannacry is a new ransom and it's not registered on the database.
The ransom must be registered on the database and the software can be identifying the kind of ransom and try to recover the computer. I can't get your point but it seems impossible right now. Because WannaCry has made on 14 April and it's new ransom.

██
█║█
║║║
║║║
█║█
██
'BTC MULTI-WALLET SOON'
▬▬▬▬ Download WHITEPAPER ▬▬▬▬

                    ▄██▄
                  ▄██████▄
                ▄██████████
              ▄██████████▀   ▄▄
            ▄██████████▀   ▄████▄
          ▄██████████▀    ████████▄
         ██████████▀      ▀████████
         ▀███████▀   ▄███▄  ▀████▀   ▄█▄
    ▄███▄  ▀███▀   ▄███████▄  ▀▀   ▄█████▄
  ▄███████▄      ▄██████████     ▄█████████
  █████████    ▄██████████▀    ▄██████████▀
   ▀█████▀   ▄██████████▀    ▄██████████▀
     ▀▀▀   ▄██████████▀    ▄██████████▀
          ██████████▀    ▄██████████▀
          ▀███████▀      █████████▀
            ▀███▀   ▄██▄  ▀█████▀
                  ▄██████▄  ▀▀▀
                  █████████
                   ▀█████▀
                     ▀▀▀
e i d o o
██

███▀▀
▐▐▌
▐▌
▐▌
▐▐▌
███▄▄
▀▀███
▐▌▌
▐▌
▐▌
▐▌▌
▄▄███
coinits
Legendary
*
Offline Offline

Activity: 1092


011110000110110101110010


View Profile
May 14, 2017, 03:30:22 AM
 #18

Question: Once you pay the ransom, how does the hacker know it was you who paid?

I missed that part. I mean people are sending their BTC to them. How are they tying the payment to the computer?

Jump you fuckers! | The thing about smart motherfuckers is they sound like crazy motherfuckers to dumb motherfuckers. | My sig space for rent for 25 btc per week.
lausam
Full Member
***
Offline Offline

Activity: 126



View Profile
May 14, 2017, 04:12:31 AM
 #19

To get anything will be done in various ways for the sake of individual pleasure .. that's the brightness that does not care about each other ..
Wendigo
Legendary
*
Offline Offline

Activity: 1484


Travelling around the world


View Profile
May 14, 2017, 04:30:56 AM
 #20

Now how they will spend their hard earned hacking money, considering the addresses are known and probably are blacklisted everywhere?


Putting the coins through a mixing service most likely.

Pages: [1] 2 3 4 5 6 7 8 9 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!