Friday’s global ransomware cyber-attack that targeted tens of thousands of computers in around 100 countries and crippled the NHS England systems appears to have raised just USD 20,000 for the hackers, according to experts working with investigators. Tom Robinson, co-founder of Elliptic, a company that identifies illicit activity involving bitcoin and provides services to most major law enforcement agencies in the U.S. and the UK, said that at least three bitcoin addresses have been identified as being associated with the malware used in Friday’s worldwide attack, reports the Guardian.
“In terms of identifying the attacker, what we can see at the moment is that around USD 20,000 worth of ransoms have been paid to these addresses,” said Robinson.
He added that there are two versions of the malware with the first appearing in April and the second version which appeared on Friday. “These three addresses have received 8.2 bitcoins to date, which is about USD 14,000 dollars, and all of those bitcoins are still within those addresses. The ransomer hasn’t withdrawn any of the funds yet so there’s no opportunity to trace them,” Robinson said.
The cyber attack ,using software called WanaCrypt0r 2.0 or WannaCry, exploits a vulnerability in Windows. Microsoft released a patch – a software update that fixes the problem – for the flaw in March, but computers that had not installed the security update were vulnerable.
Meanwhile, British Home Secretary Amber Rudd said that Friday’s cyber attack affected 48 of the 248 NHS trusts in England, with all but six now back to normal.It was reported that a pop-up message showing on the hacked computers tells users that they can recover files but only if they send USD 300 of bitcoin to a specific address.