Bitcoin Forum
November 13, 2024, 09:31:30 AM *
News: Check out the artwork 1Dq created to commemorate this forum's 15th anniversary
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 [4] 5 6 7 8 9 »  All
  Print  
Author Topic: Monitoring WannaCry hackers' bitcoin addresses in real time  (Read 22954 times)
W5k
Newbie
*
Offline Offline

Activity: 26
Merit: 0


View Profile
May 15, 2017, 06:44:27 AM
 #61

https://bitinfocharts.com/bitcoin/wallet/WannaCry-wallet
3 addresses (13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94 12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw 115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn) in one chart
22.89 BTC thus far
worldmobilecoin
Member
**
Offline Offline

Activity: 159
Merit: 11

World Mobile Coin


View Profile WWW
May 15, 2017, 06:50:29 AM
 #62

Some of the media are blaming them on the drop in BTC price as they happened simultaneously. Make sense to me. What do you think?

I doubt it. The bulk of people being affected don't control the btc market. The whole market is in a bubble. Bubbles burst...eventually.

Maybe the market is just looking for a reason or reasons. Like you said people are afraid to jump.

Yea, you are right. There must be a reason to move trading market price. Especially when a speculation appear, people will afraid and left the market.

WMCC: wc1qcl3qeqkjamt8m7ass0weu9ep6s8se722y553jm
BTC: 1N1ZM9xCzHtn8mD4a4JYUm7bC5T54CBDmD
ETH: 0x6145e253196C7a7CEDDA1797B69E2ba67Fe3219b
BCH: 18CW3B95oTtW5MYG7GAs8isABA4TeNntWA
PuraPuraBego
Hero Member
*****
Offline Offline

Activity: 928
Merit: 531



View Profile
May 15, 2017, 06:59:44 AM
 #63

That's hurt for those who got that shit. Anyone have trying with paying with low cost likely possibly to tranasaction will be rejected / refunded?
zend7
Hero Member
*****
Offline Offline

Activity: 658
Merit: 501

Hackers please hack me .... if you can :)


View Profile
May 15, 2017, 07:09:10 AM
 #64

Now how they will spend their hard earned hacking money, considering the addresses are known and probably are blacklisted everywhere?


Putting the coins through a mixing service most likely.

The well known mixing service like Bitmixer and a few others will not accept mixing money from those addresses but unfortunately the deep web ones will not give a shit from which addresses the money are coming and it will mix their coins and the hackers in cyber crimes will go unpunished as always. Even the FBI admitted yesterday that they are having a hard time tracking the location or different locations of this attack as they believe to be many people from many countries. Good thing is very few bitcoins are collected from an attack of this caliber.
bitcoinvestor
Hero Member
*****
Offline Offline

Activity: 812
Merit: 501


View Profile
May 15, 2017, 07:10:19 AM
 #65

This is one very bad crime. They are washing the data and then forcing it to do a transaction with bitcoin.
This can make bitcoin less trustworthy. Just imagine they use bitcoin for crime.
It is a blow to bitcoin or crypto community. Bitcoin or crypto wil earn negative views from all many people. They will tend to mindset that cyber crimes are related to bitcoin or cryptocurrencies. That's a bad news.
ecnalubma
Sr. Member
****
Offline Offline

Activity: 1540
Merit: 420


www.Artemis.co


View Profile
May 15, 2017, 07:28:59 AM
 #66

In the beginning internet is not a safe place for everyone. Click, download, register etc. at your own risk. Grin

..A R T E M I S..|
▀▄▀ PRESALE IS NOW LIVE! VISIT THE WEBSITE ▀▄▀
|📌 TWITTER
📌 YOUTUBE
📌 TELEGRAM
|
bitbunnny
Legendary
*
Offline Offline

Activity: 2912
Merit: 1068


WOLF.BET - Provably Fair Crypto Casino


View Profile
May 15, 2017, 07:36:50 AM
 #67

This is one very bad crime. They are washing the data and then forcing it to do a transaction with bitcoin.
This can make bitcoin less trustworthy. Just imagine they use bitcoin for crime.
It is a blow to bitcoin or crypto community. Bitcoin or crypto wil earn negative views from all many people. They will tend to mindset that cyber crimes are related to bitcoin or cryptocurrencies. That's a bad news.

Exactly. Even without attaks like this many people still see Bitcoin as criminal currency and used for criminal activities and things like this only makes situation worse. That is why is necessary to inform people about good sides of Bitcoin and how could be used for good purposes.
And in regard to WannaCry the story isn't over yet.

tosmartak
Sr. Member
****
Offline Offline

Activity: 630
Merit: 250


View Profile WWW
May 15, 2017, 08:17:26 AM
 #68

That’s a pretty nice payday for not really doing anything all day. I am pretty sure that the hacker might’ve paid for the ransom software so he might be in the negative right now.
What is kind of surprising to me is that these people have Bitcoin already installed or they have already verified their profiles on Bitcoin Exchanges that allowed them to pay the ransom. That was really fast considering how Bitcoin is pretty new to the scene, somebody should fire the tech guy.

Even if you don't know about it before, there are some occasions that will warrant you to be a fast learner by all means and moreover, it doesn't take up to 30 minutes to get a verified bitcoin wallet. With someone firing the tech guy,  Grin it is possible the organisation didn't consider anything regarding cybersecurity which is a huge department on its own but at least the tech guy should have been backing up one way or the other, so I agree with you, he should be fired.
Pursuer
Legendary
*
Offline Offline

Activity: 1638
Merit: 1163


Where is my ring of blades...


View Profile
May 15, 2017, 08:32:03 AM
 #69

are we sure all of these are legit payments from victims of this malware?
I mean the hackers could have simply sent some bitcoin to those addresses just to hype things up and show others that other virtual victims are paying the ransom so you (the real victim) should pay it too!

you know like what some businesses do, put some money in to show your business is active and have customers Wink

Only Bitcoin
BitcoinHunt3r
Legendary
*
Offline Offline

Activity: 3108
Merit: 1156


Leading Crypto Sports Betting & Casino Platform


View Profile WWW
May 15, 2017, 08:49:19 AM
 #70

wonder where they will sell their coins, some big exchanger must verify id right? even in my country some fiat exchanger ask user to verify their ID and must selfie to make sure it is real person

..Stake.com..   ▄████████████████████████████████████▄
   ██ ▄▄▄▄▄▄▄▄▄▄            ▄▄▄▄▄▄▄▄▄▄ ██  ▄████▄
   ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██  ██████
   ██ ██████████ ██      ██ ██████████ ██   ▀██▀
   ██ ██      ██ ██████  ██ ██      ██ ██    ██
   ██ ██████  ██ █████  ███ ██████  ██ ████▄ ██
   ██ █████  ███ ████  ████ █████  ███ ████████
   ██ ████  ████ ██████████ ████  ████ ████▀
   ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
   ██            ▀▀▀▀▀▀▀▀▀▀            ██ 
   ▀█████████▀ ▄████████████▄ ▀█████████▀
  ▄▄▄▄▄▄▄▄▄▄▄▄███  ██  ██  ███▄▄▄▄▄▄▄▄▄▄▄▄
 ██████████████████████████████████████████
▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█  ▄▀▄             █▀▀█▀▄▄
█  █▀█             █  ▐  ▐▌
█       ▄██▄       █  ▌  █
█     ▄██████▄     █  ▌ ▐▌
█    ██████████    █ ▐  █
█   ▐██████████▌   █ ▐ ▐▌
█    ▀▀██████▀▀    █ ▌ █
█     ▄▄▄██▄▄▄     █ ▌▐▌
█                  █▐ █
█                  █▐▐▌
█                  █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█
▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀       ▐█▌       ▀█▄
██         ▐█▌         ██
████▄     ▄█████▄     ▄████
████████▄███████████▄████████
███▀    █████████████    ▀███
██       ███████████       ██
▀█▄       █████████       ▄█▀
▀█▄    ▄██▀▀▀▀▀▀▀██▄  ▄▄▄█▀
▀███████         ███████▀
▀█████▄       ▄█████▀
▀▀▀███▄▄▄███▀▀▀
..PLAY NOW..
HAARP
Full Member
***
Offline Offline

Activity: 206
Merit: 100


View Profile
May 15, 2017, 08:50:51 AM
 #71

What is the garbage they've done? What do they exactly do, I mean...
deisik
Legendary
*
Offline Offline

Activity: 3542
Merit: 1280


English ⬄ Russian Translation Services


View Profile WWW
May 15, 2017, 09:00:48 AM
 #72

Now how they will spend their hard earned hacking money, considering the addresses are known and probably are blacklisted everywhere?


Putting the coins through a mixing service most likely.

The well known mixing service like Bitmixer and a few others will not accept mixing money from those addresses but unfortunately the deep web ones will not give a shit from which addresses the money are coming and it will mix their coins and the hackers in cyber crimes will go unpunished as always. Even the FBI admitted yesterday that they are having a hard time tracking the location or different locations of this attack as they believe to be many people from many countries. Good thing is very few bitcoins are collected from an attack of this caliber.

That would do a bad service for these mixers

After all, they are there specifically to cover your steps. Indeed, it could be claimed that some mixing is legitimate while other is not but who is there to judge? If we are to distinguish between "bad" and "good" bitcoins, why not then revert the blockchain after every victim pays the ransom and successfully decrypts their files? Or just block these bitcoins in their wallets for good by demanding from miners not to confirm the transactions outgoing from the offending wallets? These are tough questions

unamis76
Legendary
*
Offline Offline

Activity: 1512
Merit: 1012


View Profile
May 15, 2017, 11:11:27 AM
 #73

Hmm... The ransomware would then need to centrally keep track of which transaction ids have been used.
What is somebody just copies the transaction id once the transaction is broadcast and keys it into the ransomware?

That's what I was suggesting.

hi!
Maybe this address is also used.
===
1QAc9S5EmycqjzzWDc1yiWzr9jJLC8sLiY
===

from:
https://twitter.com/malwrhunterteam/status/851687635554848768

Appears so

https://blockchain.info/address/1QAc9S5EmycqjzzWDc1yiWzr9jJLC8sLiY

12 transactions = 3.25249956 BTC as of 01:50 GMT

That's quite an old tweet, unrelated to this.

Looking at the image in the Twitter link above, perhaps once you send the required amount, it is automatically decrypted. They actually let you decrypt some files at no cost to prove it works. Nice of the crooks to give you a free sample.

They re-use addresses. How would they know who sent what for which computer?

Evidence?
Link?
Reference?
Why hospitals?
Stealing what exactly from them?
Are you in the right thread mate?

http://www.bbc.com/news/uk-39916778

DoublerHunter
Hero Member
*****
Offline Offline

Activity: 2590
Merit: 644


View Profile
May 15, 2017, 12:54:32 PM
 #74

They ransomware seems dominating their victims and they already getting a lot of bitcoins from getting ransom of encrypted files. If this kind of problem will continue then we should be in panic because the risk for the other bitcoin users is the price of bitcoin that can go down and we could lose a lot of money if it ever happen.
deisik
Legendary
*
Offline Offline

Activity: 3542
Merit: 1280


English ⬄ Russian Translation Services


View Profile WWW
May 15, 2017, 01:12:22 PM
 #75

They ransomware seems dominating their victims and they already getting a lot of bitcoins from getting ransom of encrypted files. If this kind of problem will continue then we should be in panic because the risk for the other bitcoin users is the price of bitcoin that can go down and we could lose a lot of money if it ever happen.

In fact, I hope that people do get infected with your panicky attitude and sentiment (since that's what your post is obviously filled up with) and actually start selling their precious coins in an overwhelming, blind panic, so that me as well as other folks could buy back what we sold at recent highs. Other than that, in a wartime people like you are shot on sight

And survivors are shot again

stompix
Legendary
*
Offline Offline

Activity: 3066
Merit: 6631


Leading Crypto Sports Betting & Casino Platform


View Profile
May 15, 2017, 01:21:53 PM
 #76

wonder where they will sell their coins, some big exchanger must verify id right? even in my country some fiat exchanger ask user to verify their ID and must selfie to make sure it is real person

They will mix their coins 2-3 times , exchange to ltc or other coin on an exchange that doesn't require id for crypto withdrawals change them back into btc on another and then coin by coin on localbitcoins to fiat .

LB is also a bit of a mixer itself so by the time people will finish tracking those coins and altcoin movements...it will be 250

..Stake.com..   ▄████████████████████████████████████▄
   ██ ▄▄▄▄▄▄▄▄▄▄            ▄▄▄▄▄▄▄▄▄▄ ██  ▄████▄
   ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██  ██████
   ██ ██████████ ██      ██ ██████████ ██   ▀██▀
   ██ ██      ██ ██████  ██ ██      ██ ██    ██
   ██ ██████  ██ █████  ███ ██████  ██ ████▄ ██
   ██ █████  ███ ████  ████ █████  ███ ████████
   ██ ████  ████ ██████████ ████  ████ ████▀
   ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
   ██            ▀▀▀▀▀▀▀▀▀▀            ██ 
   ▀█████████▀ ▄████████████▄ ▀█████████▀
  ▄▄▄▄▄▄▄▄▄▄▄▄███  ██  ██  ███▄▄▄▄▄▄▄▄▄▄▄▄
 ██████████████████████████████████████████
▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█  ▄▀▄             █▀▀█▀▄▄
█  █▀█             █  ▐  ▐▌
█       ▄██▄       █  ▌  █
█     ▄██████▄     █  ▌ ▐▌
█    ██████████    █ ▐  █
█   ▐██████████▌   █ ▐ ▐▌
█    ▀▀██████▀▀    █ ▌ █
█     ▄▄▄██▄▄▄     █ ▌▐▌
█                  █▐ █
█                  █▐▐▌
█                  █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█
▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀       ▐█▌       ▀█▄
██         ▐█▌         ██
████▄     ▄█████▄     ▄████
████████▄███████████▄████████
███▀    █████████████    ▀███
██       ███████████       ██
▀█▄       █████████       ▄█▀
▀█▄    ▄██▀▀▀▀▀▀▀██▄  ▄▄▄█▀
▀███████         ███████▀
▀█████▄       ▄█████▀
▀▀▀███▄▄▄███▀▀▀
..PLAY NOW..
alyssa85
Legendary
*
Offline Offline

Activity: 1652
Merit: 1088

CryptoTalk.Org - Get Paid for every Post!


View Profile
May 15, 2017, 01:26:02 PM
 #77

wonder where they will sell their coins, some big exchanger must verify id right? even in my country some fiat exchanger ask user to verify their ID and must selfie to make sure it is real person

If they're smart they'll just sit on them for a decade or so, until most of the mixing services don't have their address on a blacklist. At that point, they'll sell.

 
                                . ██████████.
                              .████████████████.
                           .██████████████████████.
                        -█████████████████████████████
                     .██████████████████████████████████.
                  -█████████████████████████████████████████
               -███████████████████████████████████████████████
           .-█████████████████████████████████████████████████████.
        .████████████████████████████████████████████████████████████
       .██████████████████████████████████████████████████████████████.
       .██████████████████████████████████████████████████████████████.
       ..████████████████████████████████████████████████████████████..
       .   .██████████████████████████████████████████████████████.
       .      .████████████████████████████████████████████████.

       .       .██████████████████████████████████████████████
       .    ██████████████████████████████████████████████████████
       .█████████████████████████████████████████████████████████████.
        .███████████████████████████████████████████████████████████
           .█████████████████████████████████████████████████████
              .████████████████████████████████████████████████
                   ████████████████████████████████████████
                      ██████████████████████████████████
                          ██████████████████████████
                             ████████████████████
                               ████████████████
                                   █████████
.YoBit InvestBox.|.BUY X10 AND EARN 10% DAILY.🏆
Sniper44
Hero Member
*****
Offline Offline

Activity: 714
Merit: 501


View Profile
May 15, 2017, 01:31:36 PM
 #78

wonder where they will sell their coins, some big exchanger must verify id right? even in my country some fiat exchanger ask user to verify their ID and must selfie to make sure it is real person

They will mix their coins 2-3 times , exchange to ltc or other coin on an exchange that doesn't require id for crypto withdrawals change them back into btc on another and then coin by coin on localbitcoins to fiat .

LB is also a bit of a mixer itself so by the time people will finish tracking those coins and altcoin movements...it will be 250

all the exchanges that i have seen so far (even exchanges like btc-e that are too flexible and anonymous themselves) have a line in their terms of services that says if any law enforcement asks them, they will give your information to them (full cooperation) and in case of such a big scam like this, i am sure a lot of agencies are watching where the coins are going to go and will find them if use an exchange.

to the moon with bitcoin...
iqlimasyadiqa
Legendary
*
Offline Offline

Activity: 1596
Merit: 1011



View Profile
May 15, 2017, 01:37:14 PM
 #79

They ransomware seems dominating their victims and they already getting a lot of bitcoins from getting ransom of encrypted files. If this kind of problem will continue then we should be in panic because the risk for the other bitcoin users is the price of bitcoin that can go down and we could lose a lot of money if it ever happen.
This is really a worrying thing. Already a lot of users affected by this virus. I think even if each of the victims paid then this will make the perpetrators of this crime is getting excited. They think that their work has been successful.
sportis
Sr. Member
****
Offline Offline

Activity: 406
Merit: 252


Veni, Vidi, Vici


View Profile
May 15, 2017, 02:43:21 PM
 #80

Do people really not back up their files regularly?

No they don't. Especially in public services where users call the IT for everything because they don't know or they don't like to do anything related to computers even though is a very stupid thing. So the most part of the day IT do lesser important tasks than it has to do. As an example ' local printer has a stuck piece of paper ' and so on.
 
Quote
I would assume that a huge part of the reason the thieves aren't getting as much money as we'd expect is because most people back up their files at least every month or so.  Institutions should back up their files much more regularly than that.

No most people are too lazy to do a regular back say after a month or more. I believe hackers they didn't target whom computer would infected from virus. 

Quote
Unless there's very significant new sensitive information that needs decrypting, there's not much reason for people to pay such a big ransom.  If it was $20 instead, I would probably pay it anyway, but there's really no point.

I believe that $300 as a ransom is not a big amount of money for many services or institutions especially if these are located in Europe or USA or some rich countries in Asia. I don't know for the rest countries in the world.
Pages: « 1 2 3 [4] 5 6 7 8 9 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!