Some security commentators have expressed surprise that the funds have been accessed because of the belief that it will provide a money trail to the cyber criminals responsible for the WannaCry attacks.
Some have speculated that instead of attempting to convert the bitcoin into traditional currencies, the cyber criminals will attempt to remain anonymous by using the bitcoin on the deep web , the BBC reported.
Cyber extortionists typically demand payment in bitcoin because they believe it cannot be traced, but in recent years law enforcement has begun using software designed to link bitcoin sources and recipients.
Bitcoin tracking firm Chainalysis is a supplier of technology that enables law enforcement organisations to find the services that cyber criminals are using to convert bitcoin to cash or other digital currencies.
However, Ilia Kolochenko, CEO of web security company High-Tech Bridge, said those behind the WannaCry attacks may have enough resources to avoid discovery.
Read more about WannaCry The National Crime Agency believes the recentWannaCryattacks represent a “signal moment” in terms of awareness of cyber attacks and their real-world impact. Computers runningwindows 7accounted for thebiggest proportionof machines infected with theWannaCry ransomware, whileNHS suppliersare blamed forhampering patchingby NHS trusts. Security advisers are urging organisations to patch their Windows systems to avert a possible second wave of an unprecedented, indiscriminate ransomware attack. A failure by many organisations to take cyber security seriously has long been blamed on the lack of a single significant event to shake things up.
According to Kolochenko, professional cyber criminals have well-established contacts with organised crime, financial institutions and even law enforcement agencies.
“It’s a not a big problem to find a virtually untraceable way for bitcoin laundering. A lot of amateur cyber criminals were traced by various mistakes when they were trying to ‘cash out’, but professionals have different ways to stay in the shadows,” he said.
According to Michael Gronager, CEO and co-founder of Chainalysis, the latest bitcoins to be moved are associated with the more high-profile second wave of WannaCry attacks.
“The funds from the first campaign and the second campaign have gone through digital asset trading firm ShapeShift and into monero , a more anonymous cryptocurrency,” he told Computer Weekly.
But according to Gronager, approximately $100,000 is still sitting in the wallet of the Wannacry Ransomware 2.
“The actors’ campaign showed a lack of sophistication at the time of transaction as they used static addresses for multiple different victims making it impossible for them to tell which victim had paid. Either they have spent these months learning more about cryptocurrencies or someone is helping them,” he said.
Gronager believes that moving value online - even if more anonymous methods are employed like monero - there is a good chance that over time they will be identified.
“I agree that it is in principle possible to stay anonymous, but over time, the chances for slipping are there, and could lead to an arrest. WannaCry has a whole world of cyber investigators watching,” he said.
However, Gronager said the bigger threat probably lies in moving the funds to jurisdictions that are not willing to collaborate with law enforcement or with a poor infrastructure for oversight.“We have seen $81m being stolen through the Swift network and laundered in Asia - and that didn't involve bitcoin,” he said.
