Dutch University set to recover more than twice the paid BTC ransom in 2019

Published at: July 5, 2022

Netherland-based Maastricht University (UM) is set to recover nearly €500,000 ($512,150) worth of Bitcoin (BTC) after the police authorities managed to solve the infamous ransomware attack in December 2019.

In 2019, a ransomware hack targeted the said university and froze all its research data, emails and library resources. The hackers demanded €200,000 in BTC and the university, fearing losing critical research data, decided to pay the said amount .

The Dutch Public Prosecution Service (DDPS) managed to track down one of the crypto wallets associated with the hack in 2020 to Ukraine and froze funds in the account valued at only €40,000 at the time. In the next two years, the DPPS managed to secure the contents of the account including nearly one-fifth of the stolen BTC.

The value of the part ransom recovered by the authorities has reached €500,000, more than double the amount university paid two and a half years ago, thanks to the price surge of the top cryptocurrency during the bull run in 2021.

Related: Chainalysis launches reporting service for businesses targeted in crypto-related cyberattacks

The university in its official statement said that even though the monetary value of the recovered ransom is higher, it cannot undo the damages done by hackers. The university in an official blog post said:

“The Netherlands Public Prosecution Service was able to seize cryptocurrencies worth approximately €500,000, which may be made available to UM. This is still less than the damages incurred by the university, but it is a nice sum to be used to support students in need.”

The seized funds are currently with the DPPS and a legal proceeding has been initiated to transfer the funds to the university. The executive board of the university has decided to utilize the recovered funds to help students in financial need.

The seizure of crypto funds by authorities highlights the importance of th decentralized and transparent public ledger system used by BTC and crypto in general. While critics often portray crypto as an opaque and anonymous system preferred by criminals, research data indicate that less than 1% of current crypto in circulation is associated with illicit activities.

Even stolen and ransom crypto funds are often tracked down and recovered. For example, the United States authorities managed to recover $2.3 million in crypto from the Colonial Pipeline ransom.

Tags
Bitcoin
Regulation
Bitcoin Price
Cryptocurrencies
Hacks
Hackers
Ransomware
Police
Netherlands
Related Posts
Bitgrail's founder contributed to $150M loss, Italian authorities allege
Italian authorities have found Bitgrail’s founder responsible for fraudulent activity related to the 2018 hack of the platform that resulte in the loss of $150 million. Francesco Firano, the sole director of now-defunct cryptocurrency exchange Bitgrail, is accused of taking over customer funds prior to reporting the theft of crypto from the exchange. According to a Dec. 21 announcement by the Postal and Communications Police — a cybercrime unit of the State Police of Italy — Firano kept the platform intact for months despite having identified a major security breach involving Nano cryptocurrency: “In keeping the platform open, despite having …
Bitcoin / Dec. 21, 2020
UK High Court Orders Freeze on $1M of Bitcoin in Ransomware Case
A United Kingdom High Court ordered a proprietary injunction on Bitcoin (BTC) obtained through a ransomware attack on a Canadian insurance company. A proprietary injunction is an order which prevents a person from dealing with their own assets when it is subject of a proprietary claim. On Jan. 17, the UK High Court released documents concerning a ransomware attack, in which over 1,000 computers of the insurance company were rendered unusable through the use of malware that encrypted files, making them unaccessible. The unidentified attackers demanded $1.2 million in Bitcoin in exchange for decrypting the data. The firm’s insurer covered …
Bitcoin / Jan. 28, 2020
Sodinokibi Crypto Ransomware Switches from Bitcoin to Monero to Hide Money Trail
A kind of ransomware — a malware that encrypts user data and asks for a ransom to restore access to it — switched from Bitcoin (BTC) to Monero (XMR) to better protect the hackers’ identities. According to an April 11 report by cybersecurity news outlet BleepingComputer, using Monero will make it harder for law enforcement to track ransom payments to the hackers behind Sodinokibi. As the article mentions, Europol strategy analyst Jerek Jakubcek explained during a February webinar how anoncoins influence legal investigations: “Since the suspect used a combination of TOR and privacy coins, we could not trace the funds. …
Bitcoin / April 13, 2020
Europol Arrests Six People Allegedly Behind $27 Million Bitcoin Theft
Europol, in conjunction with the United Kingdom’s South West Regional Cyber Crime Unit, the Dutch police, Eurojust, and the U.K.’s National Crime Agency (NCA), has coordinated the arrests of six people suspected of stealing over $27 million in cryptocurrency, according to a press release on June 25. The attackers reportedly were involved in typosquatting, a fraudulent means to steal credentials by setting up a scam website with a similar name to an established one—hence the “typo” in “typosquatting”—and then recording login data. In this case, the report notes that Europol believes the hackers were able to use typosquatting to steal …
Bitcoin / June 25, 2019
FBI seeks Bitcoin wallet information of ransomware attackers
Three federal agencies in the United States — the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency and the Multi-State Information Sharing and Analysis Center — jointly issued an advisory seeking information to curb ransomware attacks. As part of the #StopRansomware campaign, the joint cybersecurity advisory alerted citizens of Vice Society, a ransomware-type program that encrypts data and demands ransom for decryption. The trio anticipates a spike in ransomware attacks, primarily aimed at educational institutions, adding that “School districts with limited cybersecurity capabilities and constrained resources are often the most vulnerable.” While proactive measures remain vital to …
Blockchain / Sept. 7, 2022