Dutch brothers sentenced to community service for involvement in CoinVault ransomware distribution
28.7.18 securityaffairs Ransomware
On Thursday, two Dutch brothers were sentenced to 240 hours of community service for creating and using the CoinVault ransomware.
In 2015, Melvin (25) and Dennis van den B. (21), were arrested from a district court in Rotterdam for their alleged involvement in CoinVault ransomware creation and distribution.
On Thursday, the Dutch men were sentenced to 240 hours of community service for creating and using the CoinVault ransomware.
The men were accused of breaking into computers, make other people’s work inaccessible, and extortion of 1295 people.
“The court today sentenced two men to hack computers and then extort a large group of people. The suspects were 22 and 18 years old at the time. The court finds that there are very serious facts and that a substantial prison sentence is in place.” reads the Rechtspraak.
“The reasons for not imposing an unconditional prison sentence are the fact that they have cooperated fully in the police investigation and in limiting the (digital) damage, their blank criminal record and that they have not committed any new criminal offenses in the past three years. “
CoinVault ransomware was first spotted in the wild in May 2014, it infected more than 14,000 Windows computers worldwide, most of them in the Netherlands, the US, the UK, Germany, and France.
In 2015, after the arrest of the suspects, the authorities seized the command and control server. Kaspersky researchers released a decryption tool for the ransomware allowing victims to decrypt their files for free.
The two suspects are Duch brothers and were identified with the help of experts from Kaspersky Labs due to bad opsec. The experts from Kaspersky reverse-engineered the malicious code created by the duo and discovered the full name of one of the suspects and their IP address on the command and control server.
“Another thing that we as Kaspersky Lab kept from the public, is that in our initial blogpost about Coinvault we had a screenshot with one of the suspect’s first name in the pdb path.” reported Kaspersky.
The two men, that have a clean criminal record, avoided the jail by collaborating in the investigation conducted by the authorities. The course sentenced them with 240 hours of community service, that corresponds to the maximum term of community service condemned people can serve.
The court has also ordered the Dutch brothers to pay compensation to some of their victims.
In order to protect your computer from malware:
Ensure your system software and antivirus definitions are up-to-date.
Avoid visiting suspicious websites.
Regularly backup your important files to a separate drive or storage that are only temporarily connected.
Be on high alert for pop-ups, spam, and unexpected email attachments.