The group whose WannaCry Ransomware has infected more than 200,000 computers globally has garnered around USD 64,000 through payments people have made to unlock their computers.
Elliptic, a company which identifies illicit activity on the bitcoin blockchain, is tracking the balance of the three bitcoin addresses known to be associated with the WannaCry ransomware.
The chart below shows the current balance on these three addresses.
The cyber criminals have asked for a ransom of USD 300 per computer to send the decryption key. As around 200,000 systems are being held hostage right now, the crooks behind the attack can garner approximately USD 60 million.
Hospitals, schools, private enterprises and the public in over 150 countries are affected since May 12 2017. The hackers used 28 languages including several European and Asian dialects to release ransom messages across the globe on May 15, 2017.
Anti virus company Quick Heal Technologies today announced that it has detected over 48,000 MS-17-010 Shadow Broker exploit hits responsible for ‘WannaCry ransomware’ outbreak in India.
Among the attempted attacks by the malicious WannaCry ransomware, 60 percent were targeted towards enterprises and 40 percent towards individual customers, Quick Heal said.
“Industrial networks are the technological backbone of manufacturing lines, electric grids, water supplies, and production lines. Lives often depend on it. The traditional manufacturing sector relies on outdated IT systems that are run by unsupported operating systems therefore, the risk of creating havoc to public is higher. In such environments, the malware can jump the magical air gap between IT and the SCADA/OT systems thus causing significant damage to public utilities, health and safety," said Burgess Cooper, Partner – Cyber Security at EY.
"In my opinion, majority of the Indian hospitals are quite vulnerable to critical infrastructure attacks as they rely on industrial systems that run by old outdated hardware. Despite investments in high-end security products, the cyber-breach prevention, detection and incident-response capabilities of most organizations are yet to mature in India," he adds.
"There is a higher likelihood of widespread infection of RansomWorm in the immediate future. Brace yourself for more targeted attacks (Advanced Persistent Threat) through other ShadowBroker Exploit kits," EY said. – Money Control