Hackers who launched NotPetya ransomware on many companies operating in Ukraine and Europe on June 27th,2017 seem to have obtained success with their second move. The cyber crooks on Tuesday night moved more than £8,000 worth of bitcoins from the account used to receive the ransoms to an undisclosed e-wallet.
It is a known fact that all those transactions taking place in the world of cryptocurrency are almost impossible to trace.
So, security experts who were closely watching the next move of hackers discovered yesterday that the digital currency was moved to an undisclosed destination. However, two smaller payments, of £200 each, went to the accounts used by two text sharing websites, Pastebin and DeepPaste.
Just 10 minutes before the payments in smaller amounts were made to accounts owned by two text sharing websites, a group of anonymous hackers posted a message on the said websites that they are ready to decrypt all hard disks infected with the Golden Eye or NotPetya ransomware in exchange for a payment of 100 Bitcoins worth $256,000.
But there is no guaranty that the hackers will keep their word as soon as the payment is made.
Meanwhile, experts from Cisco Talos confirmed that not even a single infected machine in more than 60 countries was decrypted by the hackers even after the payment of $300 was transferred to the Ransom depositing e-wallet by some NotPetya victims.
This clearly suggests that the motive behind the cyber attack was not to gain financial means but to cause mass destruction and panic among the affected populace.
Ukraine’s cyber crime unit in the meantime is continuing its investigation. It released a media briefing a few hours ago in which it claimed that it had seized ME Doc servers as new malware activity was detected on those servers.
The law enforcement agency also said that the proliferation of the malware was done from the Intellect Service servers offering software updates to ME Doc users.
More details will be updated shortly!
