They've caused billions in damage though,and possibly death.

Yeah, and all for few thousands.

That still hasn't moved out from the wallets.

IDK. From a certain point of view, you could view them as doing a service.

What if a different kind of criminal had used these exploits? Not one that wanted $300 in bitcoin, but one that actually wanted to cause harm? They could have deleted files and never given them back, and they could have stopped any software running on the machines.

Well it looks like this malware doesn't unlock even after payment so they kind of have deleted the data.

Source?

I'm very curious it the attackers will dare to move that bitcoin given that now it's watched by half the planet.

If I would be LE I would spam tumblers with my own bitcoin, just to reduce the number of further leads.