Поделиться этой статьей
NetWalker Ransomware Gang Is Storing $7M in Bitcoin in SegWit Cold Storage
The organization that’s encrypting computers and extorting companies has taken to SegWit addresses, according to McAfee and CipherTrace.
Автор Danny Nelson
NetWalker ransomware, which last week triggered cybersecurity flash warnings from the Federal Bureau of Investigation (FBI), has extorted $25 million in bitcoin from its victims during the months of the pandemic, according to a report by McAfee and CipherTrace.
STORY CONTINUES BELOW
Не пропустите другую историю.Подпишитесь на рассылку Crypto Daybook Americas сегодня. Просмотреть все рассылки
- NetWalker is a “ransomware-as-a-service” that gains its access through COVID-19 phishing emails, encrypts infected systems and steals internal documents. Ransomware operators then threaten to publish victims’ documents if they fail to pay up.
- Victims, most of whom are large organizations such as companies and governments, appear to been obliging the hackers throughout the pandemic. McAfee and CipherTrace traced 2,795 bitcoin ($25 million) to NetWalker wallet addresses from March 1 through July 27.
- NetWalker’s developers refined their handling of bitcoin payments months before the pandemic began by swapping in SegWit addresses in place of legacy wallets, the report said.
- “This transition into SegWit could indicate that they are utilizing a new hardware wallet to store their BTC or just an indication of a desire for cheaper transactions,” said Pamela Clegg, director of financial investigations at CipherTrace.
- Clegg told CoinDesk that “large amounts of bitcoin” – up to 640 – appear to be sitting in cold storage. She said smaller amounts have been deposited at Russian crypto exchange CointoCard.org.
- The cybersecurity report follows last week’s warning from the FBI that NetWalker has been successfully exploiting COVID-19 in recent months. The FBI warns targeted institutions against paying hackers’ bitcoin ransom payments.
See also: Travel Management Firm CWT Pays Out $4.5M in Bitcoin After Ransomware Attack
Больше для вас
Что нужно знать:
- As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
- GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
- Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
Больше для вас
Coinbase Sees Crypto Recovery Ahead as Liquidity Improves and Fed Rate Cut Odds Climb
The crypto exchange also took note of a so-called AI bubble that continues to go strong and a weaker U.S. dollar.
Что нужно знать:
- Coinbase Institutional is seeing a potential December recovery in crypto, citing improving liquidity and a shift in macroeconomic conditions that could favor risk assets like bitcoin.
- The firm's optimism is driven by rising odds of Federal Reserve rate cuts, with markets pricing in a 93% chance easing next week, and improving liquidity conditions.
- Several recent institutional developments, including Vanguard's crypto ETF policy reversal and Bank of America's greenlighting of crypto allocations, have contributed to bitcoin's rebound from recent lows.
Top Stories
