Ransomware made headline news over the last few weeks when the Wannacry virus spread to a large number of computers around the world virtually overnight. It hit many parts of the NHS in England which may be the reason for its fame, however everyone who got infected had to ask themselves the same question. Do we pay the ransom or restore from backups (or restore from nothing for some!)

The virus itself encrypted computers and demanded a ransom of $300 in Bitcoins in order for people to get the “key” which could unencrypt their files. The virus did millions worth of damage in lost productivity and lost data, but how much did it earn the people who deployed it?

The answer is probably not as much as you think…

Bitcoin wallets are all public so anyone can see the contents of someone else’s wallet, A security researcher from the UK took the details of the wallets which Wannacry victims were told to send the ransom to and made a twitter bot which kept track of how many people had coughed up.

You can follow the bot here: twitter.com/actual_ransom

as of writing, the Bitcoin wallets have around $112,000 in them from 317 payments. It might seem like a large number, but remember that this virus caused millions in damage and infected over 300,000 computers (wikipedia estimate)

More importantly the bot also reports that there have been 0 withdrawls from the wallet, which means there is a high chance the bandits have just ditched it for fear of being caught after generating so much publicity.

Reminds me of the old saying : Crime doesn’t pay