In 2015, Melvin (25) and Dennis van den B. (21), were arrested from a district court in Rotterdam for their alleged involvement in CoinVault ransomware creation and distribution.
On Thursday, the Dutch men were sentenced to 240 hours of community service for creating and using the CoinVault ransomware.
The men were accused of breaking into computers, make other people’s work inaccessible, and extortion of 1295 people.
“The court today sentenced two men to hack computers and then extort a large group of people. The suspects were 22 and 18 years old at the time. The court finds that there are very serious facts and that a substantial prison sentence is in place.” reads the Rechtspraak.
“The reasons for not imposing an unconditional prison sentence are the fact that they have cooperated fully in the police investigation and in limiting the (digital) damage, their blank criminal record and that they have not committed any new criminal offenses in the past three years. “
CoinVault ransomware was first spotted in the wild in May 2014, it infected more than 14,000 Windows computers worldwide, most of them in the Netherlands, the US, the UK, Germany, and France.
In 2015, after the arrest of the suspects, the authorities seized the command and control server. Kaspersky researchers released a decryption tool for the ransomware allowing victims to decrypt their files for free.
The two suspects are Duch brothers and were identified with the help of experts from Kaspersky Labs due to bad opsec. The experts from Kaspersky reverse-engineered the malicious code created by the duo and discovered the full name of one of the suspects and their IP address on the command and control server.
“Another thing that we as Kaspersky Lab kept from the public, is that in our initial blogpost about Coinvault we had a screenshot with one of the suspect’s first name in the pdb path.” reported Kaspersky.
The court has also ordered the Dutch brothers to pay compensation to some of their victims.
In order to protect your computer from malware:
(Security Affairs – CoinVault Ransomware, cybercrime)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.