Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Crime Bitcoin

School Recovers Ransomware Paid in Bitcoin - Makes a Profit (dw.com) 51

Slashdot reader thegarbz writes: In 2019 Maastricht University in the Netherlands was hit with a ransomware attack which locked 25,000 staff and students out of their research data. The university agreed to pay a ransom of €200,000 to unlock the encrypted data, reports German broadcaster DW. It seems that a small part of the ransom has been recovered, but with a twist.

As part of an investigation into the cyberattack, Dutch police tracked down a bank account belonging to a money launderer in Ukraine, into which a relatively small amount of the ransom money — around €40,000 worth of Bitcoin — had been paid.

Prosecutors were able to seize the account in 2020 and found a number of different cryptocurrencies. The authorities were then able to return the ransom back to the university after more than two years. But the value of the Bitcoin held in the Ukrainian account has increased from its then-value of €40,000 to €500,000.

A university official said the money will go into "a fund to help financially strapped students."


This discussion has been archived. No new comments can be posted.

School Recovers Ransomware Paid in Bitcoin - Makes a Profit

Comments Filter:
  • by greytree ( 7124971 ) on Sunday July 03, 2022 @10:52AM (#62669858)
    The criminals won't stop when ransoms are being paid.

    Paying ransoms is an ANTISOCIAL act and should be a criminal offence.
    • Comment removed based on user account deletion
    • by stephanruby ( 542433 ) on Sunday July 03, 2022 @01:19PM (#62670126)

      Paying ransoms is an ANTISOCIAL act and should be a criminal offence.

      I'm not disagreeing with you, but at the same time, we can't turn victims into criminals.

      If we do that, they'll just pay the ransom and hide the fact that they were victimised.

      • "If we do that, they'll just pay the ransom and hide the fact that they were victimised."

        Or they might, you know, not pay the ransom ?
        Especially government bodies or large companies, like the university in this case.
      • Which is you why you add a monetary reward for reporting the payment. Something like a 1000% fine over what you paid to ransom, with a full 100% share paid directly to the individual who reported it.

        Still not perfect, but I bet that would significantly cut down on the ransoms paid.

    • by xlsior ( 524145 )

      The criminals won't stop when ransoms are being paid. Paying ransoms is an ANTISOCIAL act and should be a criminal offence.

      Unfortunately it's basically the prisoner's dilemma, where the victim of a ransomware attack has an incentive to make a decision that goes against the collective interest of the group as a whole.
      Sure, if NO ONE paid then the incentive for the attackers goes away, but that does nothing to get a victim today get their irreplaceable files back.

      • If you make it illegal then public companies, universities, etc - anywhere where a board has to collectively agree to break the law - WILL stop paying.
        So they won't be attacked.
        No dilemma.
        • by xlsior ( 524145 )
          It's already explicitly against US law for American companies to pay bribes, but it still happens all day, every day, especially in their offshore subsidiaries.
          • So let's hope someone prominent at Maastricht University goes on holiday to the US and ... doesn't come back for a while.
            • These ransomware attacks are actually a good thing and should be encouraged.

              They put a sharp focus on computer security which is otherwise happily ignored by cost conscious CIOs.

              If there is ever real trouble with China, what they could do to us makes ransomware seem trivial by comparison.

              So be grateful for ransomware, at least some systems might be *properly* backed up now.

    • Yeah. I thought government institutions were banned from paying ransoms in most countries for exactly this reason. If they weren't banned it is their own fault for being hacked. If you ban paying, there would be no money in hacking you.

    • Criminals won't stop if you don't pay either because there is always someone else more desperate who will pay.

      You would pay too, it's just a matter of cost benefit. You can talk all high and mighty, but if the cost benefit works out in your favour you too will cave. Everyone has a price.

      • You are missing the point.

        Maybe I would pay, but a board of directors or whoever is running a university would not collectively vote to pay, to avoid putting themselves at risk of collective liability.

        So, making it illegal will remove public companies and universities as targets.
  • Where can I pay some ransomware, that's a really good rate of return compared to a savings account or todays stock market!

  • I'm Dutch, and somehow i don't like the situation that's created here.

    First of all, the money should've gone to covering the cost of the investigation. They (police) did all the work, and were funded by public money aka tax.

    Second, the fact that they payed a ransom in the first place. Ok, that anger is not new but a couple year old (it was public at the time that they payed). Yet, their (the university's) behavior is the reason such criminals exist and run a successful business. Imho it should simply be ill

    • by thegarbz ( 1787294 ) on Sunday July 03, 2022 @11:23AM (#62669946)

      First of all, the money should've gone to covering the cost of the investigation.

      If you report your car stolen and the police recover it they don't turn around and say hahahah f-you and sell it to cover their costs. Police are funded by taxes *for a reason*. For profit policing, or cost recovery policing is a social disaster. "Oh you were sexually assaulted? Well we can't sell that so you're on your own, but you drove over the speed limit to get to the hospital so have 200EUR fine for your trouble."

      Second, the fact that they payed a ransom in the first place.

      There's no right answer to this. Yes you're perpetuating the business of scammers, but what do you do? Fuck the staff and students when you have a relatively low cost and within budget way to get everything back up and running? Additionally by paying a ransom with cryptocurrency you leave a nice little breadcrumb trail for police to actually track down the scammers by following money. We know for a fact that no amount of making it illegal to pay scammers will prevent scams. People are too attached to their data for that.

      • Even with recovered stolen cars, the owner still has to pay for towing and storage costs which are exorbitant.
        If this was money stolen, than why is more money being returned?
        If the Bitcoin is not money for property, than only the exact Bitcoins paid in ransom should be eligible to return to school. Just because some of the ransom Bitcoin was deposited should not mean any other Bitcoins in the account should given to the school. That would be like returning a different car to a person whose car was stolen.

        • by splutty ( 43475 )

          You didn't read the article I guess?

          They got 20% of what they paid back. In Bitcoin. Paid in 2019. Which is now worth 12 times as much. They didn't "Get all the bitcoinz OHNOES!"..

        • Even with recovered stolen cars, the owner still has to pay for towing and storage costs which are exorbitant.

          Towing and storage yes, not for investigation or crime fighting. There's no storage cost associated with a bitcoin wallet. People get charged for physical expenses unrelated to police activities. You're literally not paying the police, but rather a 3rd party.

          If this was money stolen, than why is more money being returned?

          It's not. 70 bitcoin were paid as ransom. Around 20 bitcoin were returned. The fact that the value changed is immaterial.

          Just because some of the ransom Bitcoin was deposited should not mean any other Bitcoins in the account should given to the school. That would be like returning a different car to a person whose car was stolen. Can anybody tell if the exact coins the University paid were returned?

          The great thing about the blockchain is you can directly track which bitcoins belong to which crime as the funds were being laundere

        • If the university paid 1 bitcoin in 2019 and got 1 bitcoin back at the peak of its value, then they would, in fact, receive much more than they paid, in financial value. The problem is equating bitcoin to dollar value. If i paid in a 1k diamond, and I received a 1k diamond back, no rule says my diamond cant have increased in value should I sell it. Its not a real currency. As far as im concerned, it might as well be a +3 Minecraft sword people are bidding over.
        • by ceoyoyo ( 59147 )

          There's no such thing as "the exact same bitcoins" any more than if you pay for something with debit or credit you can insist on being refunded with "the exact same dollars."

      • If you report your car stolen and the police recover it they don't turn around and say hahahah f-you and sell it to cover their costs.

        Yes they do:

        https://en.wikipedia.org/wiki/... [wikipedia.org]

        https://www.aclu.org/issues/cr... [aclu.org]

        • We're talking about civilised worlds here. The American Civil Forfeiture process is insanely corrupt and not a good example of what is normally considered how police operate.

      • Not only is for-profit policing a theoretical disaster, you should look into the outright theft by law enforcement in the name of Asset Forfeiture and police auctions. There was a guy who owned a bunch of vending machines about a decade ago, when they were still primarily cash driven. Because of the cash deposits it required the bank to report it. The local sheriff subpoenaed his entire bank account of $500,000 and never paid him back during a lengthy 'investigation' his life savings without due
        • Absolutely. The shitshow which is Asset Forfeiture is precisely what I had in the back of my mind when I wrote about how it is a policing disaster. And to be clear policing in the USA *is* a disaster. Some other people replying here have normalised that being the way police work, but in many parts of the world that just isn't the case.

          • Amendment V: .. nor be deprived of life, liberty, or property, without due process of law; nor shall private property be taken for public use, without just compensation.

            Amendment XIV section 1: .. nor shall any State deprive any person of life, liberty, or property, without due process of law; nor deny to any person within its jurisdiction the equal protection of the laws.

            Both federal and states are barred from doing it. Yet we have let this happen since we started the war on drugs. We envisioned hurti
  • to fund their studies with speculation but they are worthless now. Full circle.

  • A university official said the money will go into "a fund to help financially strapped students."

    NO! The fund first and foremost should be used to ensure you don't pay the ransom the next time you get hit with ransomware! They have clearly learned nothing from this experience.

    • Or better yet: Ban institutions from paying. So hackers will know there won't be a pay out before hand.

      • Nope, there's always a payout. One person not paying won't stop them from trying someone else, and at some point the cost benefit becomes compelling such that the victim would even risk breaking the law to get up and running even if institutions are banned from paying.

        You're no different. You'd pay too if a hacker deprived you of something sufficiently important and offered you a sufficiently cheap way of recovering said important thing. It's only a question of threshold. Everyone has a price, even keyboard

        • That is why it has to be against the law. Punishable with jail time similar to corruption to pay. They would still attack private individuals but there would be no point in attacking government institutions except as terrorism.

    • The only idiot here is the one who assumes they've done nothing in the past several years. It would be even more idiotic to only do something if you get the money back.

      I tried interpreting your statement in as many ways and for as many scenarios as possible, but I can't find a way of interpreting it which isn't stupid.

  • So imagine that the police manage to trace and recover more - or even all - of the remaining/missing bitcoins? Will they return those to the university as well? And if so, what will the university do next?
    • by ebvwfbw ( 864834 )

      So imagine that the police manage to trace and recover more - or even all - of the remaining/missing bitcoins? Will they return those to the university as well? And if so, what will the university do next?

      They'll return it to the University of course.
      Getting real, they probably recovered the entire amount. They took their cut and passed the rest along.

After all is said and done, a hell of a lot more is said than done.

Working...