WannaCry Hackers Laundering Ill-Gotten Gains Via ShapeShift

The hackers behind the WannaCry ransomware attack that spread around the globe are reportedly starting to money launder the $143,000 in bitcoin they secured using a Swiss virtual currency exchange.

According to a news report in Reuters, the hackers are using ShapeShift, the virtual currency exchange based in Switzerland, and have split the bitcoins into three wallets that are known to have been used by WannaCry malware hackers prior to sending the money to ShapeShift for conversion into Monero, which is a currency that Forbes said is very hard to track. The hackers have only moved $36,922 of the money, reported Forbes, citing Chainanalysis Co-Founder Jonathan Levin.

ShapeShift lets customers swap any currency without having to create an account, which makes it easy, quick and very anonymous. Users simply send the money, and the Swiss company sends back the equal amount in whatever cryptocurrency they want. “From start to finish, ShapeShift can change currencies in under 10 seconds, no account required,” the company says in its marketing material, noted the report.

A spokesperson for Switzerland company told Forbes the WannaCry hackers did breach the company’s terms of service and used its product “to move a portion of their proceeds of crime.”

“As of today, we have taken measures to blacklist all addresses associated with the WannaCry attackers that are known to the ShapeShift team, as is our policy for any transactions we deem breach our terms of service. We are closely watching the situation as it continues to unfold as to block any further addresses associated,” the spokesperson said, adding that “any transactions made through ShapeShift cannot be hidden or obscured and are thus 100 percent transparent, making [money] laundering of any digital tokens impossible. Additionally, we are engaging directly with law enforcement involved with the WannaCry case and will assist them with any needs they may request to apprehend the perpetrators.”