More than US$140,000 worth of bitcoins have been removed from online wallets, previously paid by WannaCry victims.
The victims were ordered to pay US$300 – US$600 in bitcoins to get their systems back, and the ransomware infected and encrypted multiple computers on corporate networks.
The “vast majority” of bitcoins were withdrawn last Thursday, according to the BBC, leaving security experts “confused”.
The bitcoins are now thought to be in a “mixer”, making it harder to track where the currency ends up.
Senior manager at F-Secure, Andy Patel, said in a recent statement to the BBC: “I have no idea why they would move that money, to be honest.
“I wouldn’t imagine that they are going to try and turn those bitcoins into real money. If they do, it’s going to give someone a way to track them to an actual person.”
Ilia Kolochenko, CEO of web security company, High-Tech Bridge, added: “Professional cybercriminals have well-established contacts with organised crime, financial institutions and even law enforcement agencies.
“It’s a not a big problem to find a virtually untraceable way for bitcoin laundering. A lot of amateur cyber criminals were traced by various mistakes when they were trying to ‘cash out’, but professionals have different ways to stay in the shadows.”
Patel also noted that funds could be used to pay for dark web services.
Written by Leah Alger