NetWalker ransomware, which last week triggered cybersecurity flash warnings from the Federal Bureau of Investigation (FBI), has extorted $25 million in bitcoin from its victims during the months of the pandemic, according to a report by McAfee and CipherTrace.
- NetWalker is a “ransomware-as-a-service” that gains its access through COVID-19 phishing emails, encrypts infected systems and steals internal documents. Ransomware operators then threaten to publish victims’ documents if they fail to pay up.
- Victims, most of whom are large organizations like companies and governments, appear to been obliging the hackers throughout the pandemic. McAfee and CipherTrace traced 2,795 bitcoin ($25 million) to NetWalker wallet addresses from March 1 through July 27.
- NetWalker’s developers refined their handling of bitcoin payments months before the pandemic began by swapping in SegWit addresses in place of legacy wallets, the report said.
- “This transition into SegWit could indicate that they are utilizing a new hardware wallet to store their BTC or just an indication of a desire for cheaper transactions,” said Pamela Clegg, director of financial investigations for CipherTrace.
- Clegg told CoinDesk that “large amounts of bitcoin” – up to 640 – appear to be sitting in cold storage. She said that smaller amounts have been deposited at Russian crypto exchange CointoCard.org.
- The cybersecurity report follows last week’s warning from the FBI that NetWalker has been successfully exploiting COVID-19 in recent months. FBI warns targeted institutions against paying hackers’ bitcoin ransom payments.
Donate Bitcoin to this address
Scan the QR code or copy the address below into your wallet to send some Bitcoin
Donate Ethereum to this address
Scan the QR code or copy the address below into your wallet to send some Ethereum
Donate Litecoin to this address
Scan the QR code or copy the address below into your wallet to send some Litecoin
Donate Zcash to this address
Scan the QR code or copy the address below into your wallet to send some Zcash
294 Interactions, 2 today