Another option is that the BTC was nothing but proof that they compromised those accounts. They had full access to the compromised accounts including any private messages. Now there is public proof that they compromised those accounts and a BTC account they can send funds from to prove it is the same group. This allows them to sell those private DMs along with proof of authenticity.
This possibility makes quite a bit of sense to me. It explains why the attackers went to so much trouble, given that world leader and major CEO DMs could be quite valuable, while also explaining why they bothered with the seemingly trivial crypto scam.
They also don't even need incriminating DMs, they can release fake DMs and use the BTC address to prove "authenticity" to the media. Released at the right time that could be quiet valuable to certain people.
