NetWalker Ransomware Gang Is Storing $7M in Bitcoin in SegWit Cold Storage
NetWalker ransomware, which last week triggered cybersecurity flash warnings from the Federal Bureau of Investigation (FBI), has extorted $25 million in bitcoin from its victims during the months of the pandemic, according to a report by McAfee and CipherTrace.
- NetWalker is a âransomware-as-a-serviceâ that gains its access through COVID-19 phishing emails, encrypts infected systems and steals internal documents. Ransomware operators then threaten to publish victimsâ documents if they fail to pay up.
- Victims, most of whom are large organizations such as companies and governments, appear to been obliging the hackers throughout the pandemic. McAfee and CipherTrace traced 2,795 bitcoin ($25 million) to NetWalker wallet addresses from March 1 through July 27.
- NetWalkerâs developers refined their handling of bitcoin payments months before the pandemic began by swapping in SegWit addresses in place of legacy wallets, the report said.Â
- âThis transition into SegWit could indicate that they are utilizing a new hardware wallet to store their BTC or just an indication of a desire for cheaper transactions,â said Pamela Clegg, director of financial investigations at CipherTrace.
- Clegg told CoinDesk that âlarge amounts of bitcoinâ â up to 640 â appear to be sitting in cold storage. She said smaller amounts have been deposited at Russian crypto exchange CointoCard.org.
- The cybersecurity report follows last weekâs warning from the FBI that NetWalker has been successfully exploiting COVID-19 in recent months. The FBI warns targeted institutions against paying hackersâ bitcoin ransom payments.
- Missouri Man Pleads Guilty to Trying to Buy Chemical Weapons With Bitcoin
- SEC Seeking âSmart Contractâ Tracing Tool That Can Spot Security Vulnerabilities
- Russian Votersâ Data on Sale After Blockchain Poll to Keep Putin in Power: Report
- Chinese Ex-Banker Says Digital Currency Should Replace Fiat Money