back to article WannaCrypt victims paid out over $140k in Bitcoin to get files unscrambled

More than $140,000 (£105,000) in Bitcoin has been paid out by victims of the global WannaCrypt ransomware outbreak from May. The money was removed from the online wallets at 4am UTC on Thursday. The Bitcoin activity was noticed by a Twitter bot set up by Quartz journalist Keith Collins. It tweeted: Status of WannaCrypt …

  1. nuked

    Eh?

    I would love to see the evidence relied upon to blame a backward retrograde nation, barely capable of wiping their own arses. So what could a well funded, capable nation achieve in terms of havoc if this is what we can expect from North Korea? It's just not credible; sorry.

    1. Robert Carnegie Silver badge

      Re: Eh?

      It's been covered extensively.

      1. wolfetone Silver badge

        Re: Eh?

        "It's been covered extensively."

        So was the "fact" that Liverpool fans pissed on policemen during Hillsborough. They weren't right then either.

      2. Doctor Syntax Silver badge

        Re: Eh?

        "It's been covered extensively."

        What has? The North Koreans' arses?

    2. DougS Silver badge

      Backward?

      North Korea may be "backward", but they have one of the top offensive cyberwarfare capabilities in the world.

      They have also built a working ICBM and a working atomic bomb, how many countries can boast that? Granted they can't feed all their people, but priorities...

      1. Anonymous Coward
        Anonymous Coward

        Re: Backward?

        "North Korea may be "backward", but they have one of the top offensive cyberwarfare capabilities in the world."

        This what made many people initially doubt the attribution to North Korea. Wannacry was a very amateurish attack, and not what you would expect from a relatively sophisticated actor like North Korea.

        A popular interpretation now is that it was an inadvertant release of early development code. Clearly they need better devops processes.

    3. VulcanV5
      Facepalm

      Re: Eh?

      If you knew anything at all about North Korea -- which you all too obviously don't -- you'd know it was a new Reich dressed up in Communist Party clothes controlled by a viciously mad elite which terrorises its citizens into submission and consigns entire families to punishment camps (aka concentration camps) from which they're unlikely ever to return. Like Nazi Germany, and Hitler in particular, its contempt for its own ordinary people is exceeded only by its adoration of military might. It is not merely the lunatic in the global room but the homicidal lunatic in the room, one which believes it can do and say anything and, indeed, does precisely that.

      Your question : 'What could a well funded capable nation achieve in terms of havoc if this is what we can expect of North Korea?' manages to betray your own epic ignorance whilst answering itself at the same time, because North Korea, lunatic state thought it may be, is 'well funded' and is 'capable' -- capable, unfortunately, of anything.

      For now, the lunatic is waging cyber war. It needs to be neutralised before its madness takes it from the virtual to the real because the lesson of history is that if you want to protect your future, you don't sit on your arse doing nothing in the present. Capable, well-funded, and dangerously deranged though it is, North Korea is one against the many. The many should be hitting back. Hard.

  2. Aladdin Sane Silver badge

    Quartz speculated that the WannaCrypt bitcoins will be put through a "mixer", with the currency transferred and mixed into a larger series of payments to obscure where it ends up laundered.

    FTFY.

  3. Andy The Hat Silver badge

    The most worrying comment is ...

    "NHS Digital stopped short of advising health organisations in England not to pay the ransom because it couldn't be certain that all hospitals had backed up patient records."

    A massive organisation, generating and routinely manipulating data for arguably the most important records relating to the citizens of the UK admitting that it may not have secure, regular and reliable backup procedures in place? If that's not verging on the incompetent, I don't know what is ...

    1. Don Dumb

      Re: The most worrying comment is ...

      @Andy The Hat -

      But it isn't a massive organisation so much as a massive collection of organisations, each with their own levels of competence, funding and priorities. I'm not at all surprised that NHS Digital can't be sure about every NHS body.

      This is one of the reasons it is so difficult to get a pan-NHS IT system.

      1. Anonymous Coward
        Anonymous Coward

        Re: The most worrying comment is ...

        Don, you are exactly correct.

        The NHS is a massive Leviathan monster, stumbling around, blindly consuming unbelievable amounts of money, wasting a huge amount of it as it eats. It's too big to effectively control or change at a national level. It's also completely adamantine : nothing and no-one can touch it or effectively reform it. Nigel Lawson (yes, I know) once said : "The NHS is the closest thing the English have to a religion". To change or reform it is heresy to most voters, and politicians know it.

        1. Doctor Syntax Silver badge

          Re: The most worrying comment is ...

          "To change or reform it is heresy to most voters, and politicians know it."

          Which is why it's a given of British politics for each party to accuse the other party of doing so.

        2. strum Silver badge

          Re: The most worrying comment is ...

          >The NHS is a massive Leviathan monster, stumbling around, blindly consuming unbelievable amounts of money

          The NHS is a collection of hundreds of entities, delivering high-quality health care at a fraction of the cost of other nations.

      2. Doctor Syntax Silver badge

        Re: The most worrying comment is ...

        I'm not at all surprised that NHS Digital can't be sure about every any NHS body.

        FTFY

    2. Mark 85 Silver badge

      Re: The most worrying comment is ...

      If that's not verging on the incompetent, I don't know what is ...

      Well, it wouldn't be "verging on the incompetent"... it would be way past that.

    3. Vic

      Re: The most worrying comment is ...

      If that's not verging on the incompetent

      It isn't.

      There's no "verging" involved...

      Vic.

  4. Doctor Syntax Silver badge

    Do we know whether anyone who did pay actually got their files decrypted?

    1. Geoff May (no relation)

      And even if they did, chances are they'll have to pay some more for the decrypting tools and they'll have a life of 15 minutes and then you'll need to pay some more to get a new tool that lasts another 15 minutes ...

      1. Aladdin Sane Silver badge

        Isn't that Decryption as a Service?

    2. sisk Silver badge

      I read somewhere (not sure where) that security researchers had analyzed the data stream on an infection and figured out that the malware discarded the key rather than sending it to the C&C server, so decryption wasn't actually possible even if you paid the ransom.

      1. FlamingDeath Bronze badge

        Historically, cryptolocker varieties have created a bitcoin wallet to be paid into, per infection, making it possible to identify those who have paid the rasnom.

        If it all goes into one pot, how do they know who has paid and who hasnt? answer, they dont. There never was any intention to unfuck these infections for the victims

        Honestly, this whole wannacry saga is the work of USA / UK unintelligence agencies and if you haven't figured that out yet, you need to look to history.

        1. DougS Silver badge

          If it was the work of US/UK intelligence

          Care to clue us into why, Mr. Tinfoil Hat? What do they have to gain? They don't do things - especially things that cause issues in the public sphere - unless they have a reason.

          There's not much point to attempting to frame North Korea - this is about 1/10000000th of the seriousness of gaining ICBM capability to add to their nuclear capacity, so it isn't exactly moving the needle in making them look like a danger to the world at large.

          1. sisk Silver badge

            Re: If it was the work of US/UK intelligence

            Care to clue us into why, Mr. Tinfoil Hat? What do they have to gain? They don't do things - especially things that cause issues in the public sphere - unless they have a reason.

            The US government has done worse to the public than WannaCry - Tuskagee for instance - and attempted even worse than that - Operation Northwoods for example. And that's just what they openly admit to. When you get into the top secret stuff, who knows what goes on in the minds of spooks.

            Not that I actually believe for an instant that this was a US/UK intelligence mission. That's absurd. But don't kid yourself into think that the reason it's absurd is because they wouldn't. If some CIA analyst thought that the US might stand half a chance to gain something of even the most wispy significance from it they absolutely would, and their reasoning would not necessarily be readily apparent. It's absurd because the whole thing was orders of magnitude less sophisticated than it would be had it come from a group of 1st world state sponsored hackers.

            1. DougS Silver badge

              @sisk

              I didn't say they wouldn't, I said they wouldn't without a reason. Unless someone can come up with an even slightly plausible reason why releasing WannaCry would benefit the CIA or GCHQ, I'm gonna file that under "silly conspiracy theory".

              Obviously our governments are capable of some really stupid and really horrible things, but they don't do them without reason. Maybe not a reason we agree with, but a reason nonetheless.

        2. Doctor Syntax Silver badge

          "There never was any intention to unfuck these infections for the victims."

          Those running serious ransomware businesses need to ensure that files get decrypted. Failing to do so wrecks the trust the victims have to have if they're to pay up. Goose, golden egg etc.

          Not providing keys would be an indicator of purely malicious intent or incompetence.

      2. Doctor Syntax Silver badge

        "the malware discarded the key rather than sending it to the C&C server"

        Wasn't that the later one distributed by the MEDoc server?

    3. Arachnoid

      Who would pay.........

      I would`nt put it past some security agencys to pay an intreging amount for a chance to trace the money through the wash system.They may not get the root of this particular problem doing so but it would give a working knowledge and a fingerprint for furure issues.

  5. FlamingDeath Bronze badge

    General Consensus

    "The general consensus among security experts and government agencies is that North Korea was behind the WannaCrypt attack"

    Security experts (who?)

    Government agencies (which ones?)

    These phrases like "general consensus" without actually defining who they're talking about, is a bit like saying "international community" where really they just mean USA and UK, is just Orwellian language, double speak for we're making this shit up

    Vault7 UMBRAGE is all I have to say on this matter.

  6. Arachnoid

    WMD`s......

    Was`nt there a "general consensus" about those too.........

  7. Aodhhan Bronze badge

    Everyone is so .... duh.

    It's irritating when you know the truth and everyone else appears clueless. So I'm going to let you know where some of the worst malware comes from.

    In a joint CIA/NASA venture which monitors signals from space. About 12 years ago, they began focusing on a system nearly 200 light years away which communicates heavily using narrow spectrum and light waves to transmit computer signals. The CIA has captured some of the worse malware used by this system and began using it for it's own covert reasons. However, it's been noticed, reverse engineered and also leaked to computer engineers and scientists throughout the world who are now using it for monetary gain.

    It's also theorized, North Korea's leader is so large he can pick up these signals at mealtime, each time he opens his mouth. This is why their offensive cyber operations is so effective against other nations.

    So now you know and can blame the system correctly.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019