Next Score View the next score

    ‘Ransomware’ victims have paid hackers nearly $59,000 so far

    Ransomware cyberattack
    A suspected screenshot of the ransomware attack in Beijing.

    The “ransomware” cyberattack that launched Friday has roiled the global tech community, but so far has left the culprits with a relatively small payout.

    Victims of the worldwide “ransomware” cyberattack had paid nearly $59,000 to the hackers as of midafternoon Monday, online records show.

    US Homeland Security Advisor Tom Bossert cited a similar figure in a press briefing Monday, saying that less than $70,000 had been paid. He also said that officials were not aware of any payments that had allowed victims to recover data.


    Since Friday, the malware — called “WannaCry” — has held hostage more than 300,000 computers across more than 150 countries worldwide, making it one of the largest ransomware attacks ever recorded.

    Get Metro Headlines in your inbox:
    The 10 top local news stories from metro Boston and around New England delivered daily.
    Thank you for signing up! Sign up for more newsletters here

    Computers running factories, banks, government agencies, and transport systems were paralyzed by the attack. Among those hit were Russia’s Interior Ministry, Britain’s National Health Service, and companies including Spain’s Telefonica and FedEx Corp. in the US.

    Here’s how the malware works: It freezes infected computers, greeting users with a pop-up message saying that the files in the computer have been encrypted or locked.

    The message threatens to erase all the files on the computer within seven days unless the user sends money to the attackers. The message demands $300 if victims pay within three days, and says it must be paid in the digital currency bitcoin. After three days, the price doubles to $600.

    The ransom messages have ordered the money be sent to one of three bitcoin accounts, also known as bitcoin addresses or “wallets,” according to RedSocks, a Netherlands-based cyber security firm, and other experts,


    Bitcoin transactions are anonymous, but they are publicly displayed, so it’s possible to track money going to the three bitcoin accounts provided by the criminals.

    Online records show that as of about 3 p.m. Monday, 227 payments had been made to the three bitcoin accounts linked to the cyberattack.

    The amounts paid so far equaled about $58,750.

    Monday marks the third day since the attacks were reported, so there are still several days before victims will face the seven-day deadline threatened in the malware’s message. Another factor that may explain the low payment totals so far is that many people are unfamiliar with bitcoin, how to buy it, and how to send it to someone else.

    While the current payout may sound light given the number of victims, the eventual payoff from the scheme could be hefty. If all 200,000 victims were to pay $300, the hackers would rake in $60 million. If the victims each paid $600, the haul would balloon to $120 million.

    Material from the Associated Press was used in this report. Hiawatha Bray of the Globe staff contributed to this report. Matt Rocheleau can be reached at Follow him on Twitter @mrochele