Reported by Jonathan Greig

The $370,000 ransom paid to a hacker involved in the massive theft of data from telecom giant AT&T is currently being laundered through a variety of cryptocurrency mixing platforms and gambling services, according to researchers tracking the funds. 

TRM Labs, a blockchain analysis company, has been tracking a ransom payment of 5.72 BTC — about $370,000 — made on May 17. Last week, AT&T revealedthat a hacker stole metadata from “nearly all” call logs and texts made by about 109 million AT&T customers over a six-month period in 2022. 

The stolen data includes records that identify phone numbers that interacted with AT&T numbers, the number of interactions, the call durations and cell site identification numbers. 

At least one of the hackers involved has been apprehended, according to AT&T’s filings with regulators. But reporters from WIRED and Bloomberg spoke to another hacker who claimed to have been paid by AT&T, providing both outlets with a Bitcoin wallet address and a video of themselves deleting the data.  

TRM Labs used that address provided to the reporters to track the funds. AT&T has declined to comment on reports of the company paying the ransom.   

Chris Janczewski, head of global investigations at TRM Labs, said about $150,000 went to wallets at two different centralized exchanges and a small deposit was made to a gambling service. 

Read full report: https://therecord.media/att-ransom-laundered-mixers-research