Ransomware: This new ransom tracker reveals how much bitcoin gangs have been paid | ZDNet Edition: Asia Australia Europe India United Kingdom United States ZDNet around the globe: ZDNet France ZDNet Germany ZDNet Korea ZDNet Japan Search What are you looking for? Go Videos Windows 10 5G Best VPNs Cloud Security AI more Working from Home Innovation Best Web Hosting ZDNet Recommends Tonya Hall Show Executive Guides ZDNet Academy See All Topics Downloads Reviews Galleries Videos Newsletters All Writers Preferences Community Newsletters Log Out What are you looking for? Go Menu Videos Windows 10 5G Best VPNs Cloud Security AI Working from Home Innovation Best Web Hosting ZDNet Recommends Tonya Hall Show Executive Guides ZDNet Academy See All Topics Downloads Reviews Galleries Videos Preferences Community Newsletters Log Out us Asia Australia Europe India United Kingdom United States ZDNet around the globe: ZDNet France ZDNet Germany ZDNet Korea ZDNet Japan Ransomware: This new ransom tracker reveals how much bitcoin gangs have been paid The new Ransomwhere site crowdsources bitcoin payments to wallets associated with ransomware gangs. By Liam Tung | July 12, 2021 -- 10:08 GMT (03:08 PDT) | Topic: Security How ransomware victims who pay the ransom just encourage more cyber attacks Watch Now A security expert has launched a site to keep a publicly trackable record of bitcoin payments to key ransomware gangs, such as REvil.  The ransomwhe.re site has been created by Jack Cable, a security researcher who works with the Krebs Stamos Group cyber consultancy and the US Defense Digital Service.  ZDNet Recommends The best cyber insurance The cyber insurance industry is likely to go mainstream and is a simple cost of doing business. Here are a few options to consider. Read More The Ransomwhere site is an open, crowdsourced ransomware payment tracker, offering a breakdown of victim payments in bitcoin to wallets linked to a dozen major ransomware variants. The payment figures can be broken down by 'all time', this year, this month, and this week.  SEE: Network security policy (TechRepublic Premium) Ransomware attacks are on the rise and now the subject of debate between world leaders after attacks on Colonial Pipeline, meat processor JBS, and last week's attack against enterprise software management firm Kaseya, which saw REvil ransomware spread to dozens of managed service providers and over 1,000 of their customers.   Across all time, the Mailto/Netwalker ransomware leads the ransomware pack, but – isolating payments to this year – the REvil/Sadinokibi – which was behind the JBS and Kaseya attacks – is the leader with $11.3 million payments received.  REvil's total for 2021 could rise significantly if it receives the $70 million it demanded last week in the Kaseya attack.  Cable joined the US Cybersecurity and Infrastructure Security Agency under then CISA director Chris Krebs to help secure election systems ahead of the US 2020 presidential elections. Cable explained his motives for building the site in a thread on Twitter, noting the data about victim payments can change the response to ransomware.  "Today, there's no comprehensive public data on the total number of ransomware payments. Without such data, we can't know the full impact of ransomware, and whether taking certain actions changes the picture," he wrote.   "Ransomwhere aims to fill that gap by tracking bitcoin transactions associated with ransomware groups. It's public, so anyone can view and download the data. And it's crowdsourced, so anyone can submit reports of ransomware they've been infected with or otherwise observed." SEE: Ransomware: Paying up won't stop you from getting hit again, says cybersecurity chief According to an FAQ on Ransomwhe.re, the Bitcoin's transparency in payments makes it easy to track payments and receipt addresses.  The site calculates the US dollar value of bitcoin payments based on the exchange rate of the day a payment was made, so it's an estimate of how much victims paid, but not how much ransomware gangs sold it for.  Security Kaseya ransomware attack: What you need to know Surfshark VPN review: It's cheap, but is it good? The best browsers for privacy Cyber security 101: Protect your privacy The best antivirus software and apps The best VPNs for business and home use The best security keys for 2FA How victims who pay the ransom encourage more attacks (ZDNet YouTube) Related Topics: Security TV Data Management CXO Data Centers By Liam Tung | July 12, 2021 -- 10:08 GMT (03:08 PDT) | Topic: Security Show Comments LOG IN TO COMMENT My Profile Log Out | Community Guidelines Join Discussion Add Your Comment Add Your Comment More from Liam Tung Security Poly Network hacker has now returned almost all the $600m in crypto taken Productivity Microsoft Teams: This new feature makes it easier to swap content with the gallery view during meetings Security This 'unique' phishing attack uses Morse code to hide its approach Security Windows 10: Microsoft just revealed another Print Spooler bug Please review our terms of service to complete your newsletter subscription. By registering, you agree to the Terms of Use and acknowledge the data practices outlined in the Privacy Policy. You will also receive a complimentary subscription to the ZDNet's Tech Update Today and ZDNet Announcement newsletters. You may unsubscribe from these newsletters at any time. You agree to receive updates, alerts, and promotions from the CBS family of companies - including ZDNet’s Tech Update Today and ZDNet Announcement newsletters. You may unsubscribe at any time. By signing up, you agree to receive the selected newsletter(s) which you may unsubscribe from at any time. You also agree to the Terms of Use and acknowledge the data collection and usage practices outlined in our Privacy Policy. Continue Newsletters See All See All Related Stories 1 of 3 NordVPN deal: Grab a year's subscription for just $47 Now you can rest easy for an entire year, knowing that you are protected online no matter where you are or what device you're using. SynAck ransomware group releases decryption keys as they rebrand to El_Cometa Emsisoft is creating its own decryption utility based on the decryption keys released by the SynAck ransomware group. The multifaceted eBPF Linux program gets its own foundation The eBPF program started as just a network filter, but it's become Linux's swiss-army knife tool and now its future will be in the hands of the eBPF Foundation. ... Researchers find vulnerabilities in Wodify gym management web application used with CrossFit The tool, used widely among CrossFit boxes, is vulnerable to attacks that would let hackers see and change workout data as well as financial information. ... 40% of orgs don't have a chief data officer: survey A wide-ranging survey from S&P Global Market Intelligence, Immuta and 451 Research found data management practices are changing rapidly. Poly Network hacker has now returned almost all the $600m in crypto taken A hacker who took over half a billion dollars has returned most of it. Ransomware: Now attackers are exploiting Windows PrintNightmare vulnerabilities Cyber-criminal groups including Vice Society and Magniber have been spotted using vulnerabilities in Windows Print Spooler to infect victims with ransomware. ... Researchers discover new AdLoad malware campaigns targeting Macs and Apple products A new study from SentinelLabs found 150 new samples of the adware that they claim "remain undetected by Apple's on-device malware scanner." Philips study finds hospitals struggling to manage thousands of IoT devices More than 13% of hospitals had no inventory and no way of knowing how many medical devices were deployed. ZDNet Connect with us © 2021 ZDNET, A RED VENTURES COMPANY. ALL RIGHTS RESERVED. Privacy Policy | Cookie Settings | Advertise | Terms of Use Topics Galleries Videos Sponsored Narratives Do Not Sell My Information About ZDNet Meet The Team All Authors RSS Feeds Site Map Reprint Policy Manage | Log Out Join | Log In Membership Newsletters Site Assistance ZDNet Academy