The hackers behind the global WannaCry ransomware attacks appear to be hard at work. Shortly after emptying out the three bitcoin wallets tied to WannaCry, the hackers are now reportedly converting the bitcoins paid by victims to the privacy-oriented cryptocurrency – Monero.
The hackers reportedly used a Swiss cryptocurrency conversion platform called ShapeShift to convert the bitcoins to Monero.
ShapeShift confirmed that "the WannaCry attacker did breach its terms of service and utilized the services to move a portion of their proceeds of crime," Cyberscoop reported. However, the service said that they have blacklisted all addresses associated with the WannaCry hackers.
The WannaCry hackers, who have previously been linked to North Korea, didn't convert all of their over $140,000 (£106, 400) loot to Monero. Forbes reported that only around $37,000 of the money was moved, according to cryptocurrency tracking firm Chainalysis' co-founder Jonathan Levin.
Why convert the bitcoins to Monero? It's because the cryptocurrency is nearly impossible to track. "You cannot track a Monero address," said Alberto Ornaghi, chief technology officer of the Italian cryptocurrency intelligence firm Neutrino's. "You cannot even check the balance or when the address is used to move the funds.
"Monero is totally anonymous so far," Giancarlo Russo, Neutrino.nu CEO told Forbes. "By design, the Monero blockchain doesn't publish transaction amounts and so it is not possible to follow them as we do for bitcoins."
However, given that the hackers are now blacklisted by ShapeShift, their attempt at cashing out will likely be more challenging. What is more, ShapeShift has also said that they are "engaging directly with law enforcement involved with the WannaCry case" to help apprehend the hackers.
However, it is still unclear how effective this will be in stopping and apprehending the hackers.
"Professional cybercriminals have well-established contacts with organized crime, financial institutions and even law enforcement agencies," Ilia Kolochenko, CEO of security firm High-Tech Bridge told IBTimes UK. "It's a not a big problem to find a virtually untraceable way for bitcoin laundering. A lot of amateur cyber criminals were traced by various mistakes when they were trying to 'cash out', but professionals have different ways to stay in the shadows."