Sign Up
All SecurityCyber-crimePatchesResearchCSO
All Off-PremEdge + IoTChannelPaaS + IaaSSaaS
All On-PremSystemsStorageNetworksHPCPersonal TechCxOPublic Sector
All SoftwareAI + MLApplicationsDatabasesDevOpsOSesVirtualization
All OffbeatDebatesColumnistsScienceGeek's GuideBOFHLegalBootnotesSite NewsAbout Us

Security

Well, well, well. Crime does pay: Ransomware creeps let off with community service

Dutch court goes easy on Coinvault duo

Shaun Nichols in San Francisco Fri 27 Jul 2018  //  07:02 UTC

Two men who masterminded various Coinvault ransomware infections will carry out 240 hours of community service as punishment for screwing over 1,200 computers and banking around €10,000 (£9k, $12k) in profit.

The sentence was handed down by a court in Rotterdam, in the Netherlands, where it was ruled brothers Melvin and Dennis van den B. had earned leniency based on their cooperation with police, lack of a criminal record, and young ages at the time they were collared in 2015. Melvin was 22 and Dennis 18 at the time of their arrest.

Prosecutors had asked they receive a year in prison in addition to the 240 hours of community service.

Coinvault surfaced in 2014 as a high-profile file-scrambling malware. The software encrypted victims' documents, and demanded they pay a ransom of one Bitcoin (worth a few hundred Euros at the time) to restore access to their data.

While the pair was only charged with infecting 1,259 machines, researchers have estimated that the actual number of PCs hit with the malware was more like 14,000, with victims in more than 20 countries.

It was claimed in court that about 100 people coughed up the ransom demands before antivirus makers were able to develop a decryption tool to unscrambled hostage files. The malware would only be eradicated fully in 2015 when the brothers were arrested and the full decryption keys were recovered.

Interestingly, it was the pair's Dutch nationality that brought them down. Researchers were able to pinpoint the locality of the authors to the Netherlands after finding snippets of the code containing "flawless Dutch phrases" that are usually only bandied about by native speakers of the notoriously difficult language.

Kaspersky Lab, who helped lead the investigation and eventual takedown of Coinvault, said that, despite the lenient sentence, the ultimate takeaway from the three-year ordeal should be that, in the end, extortionists get caught.

"Cybercrime doesn’t pay," said Kaspersky Lab researcher Jornt van der Wiel. "If you become a victim of criminal or ransomware activity, keep your files and report the incident to the police. Never pay the ransom and be confident that not only will the decryption tool appear, but also that justice will triumph in regards to the criminals." ®
Send us news
35 Comments

Head of Israeli cyber spy unit exposed ... by his own privacy mistake

Plus: Another local government hobbled by ransomware; Huge rise in infostealing malware; and critical vulns

Ransomware feared as IT 'issues' force Octapharma Plasma to close 150+ centers

Source blames BlackSuit infection – as separately ISP Frontier confirms cyberattack

US House approves FISA renewal – warrantless surveillance and all

PLUS: Chinese chipmaker Nexperia attacked; A Microsoft-signed backdoor; CISA starts scanning your malware; and more

Mandiant: Orgs are detecting cybercriminals faster than ever

The 'big victory for the good guys' shouldn't be celebrated too much, though

UnitedHealth admits IT security breach could 'cover substantial proportion of people in America'

That said, good ol' American healthcare system so elaborately costly, some are forced to avoid altogether

185K people's sensitive data in the pits after ransomware raid on Cherry Health

Extent of information seized will be a concern for those affected

Leicester streetlights take ransomware attack personally, shine on 24/7

City council says it lost control after shutting down systems

MITRE admits 'nation state' attackers touched its NERVE R&D operation

PLUS: Akira ransomware resurgent; Telehealth outfit fined for data-sharing; This week's nastiest vulns

MGM says FTC can't possibly probe its ransomware downfall – watchdog chief Lina Khan was a guest at the time

What a twist!

Change Healthcare’s ransomware attack costs edge toward $1B so far

First glimpse at attack financials reveals huge pain

Change Healthcare faces second ransomware dilemma weeks after ALPHV attack

Theories abound over who's truly responsible

Ransomware gang <em>did</em> steal residents' confidential data, UK city council admits

INC Ransom emerges as a growing threat as some ex-LockBit/ALPHV affiliates get new gigs