Netherlands seems to be the place to operate elaborate Bitcoin ransom schemes from. A man who extorted over $150,000 from several online services by DdoSing them and submitting a ransom request pleaded guilty last month and admitted wrongdoing. Two men behind the viral WannaCry Ransomware spree in 2017 also faced no jail time.
A minor during the attacks, which started in 2016 and ended in 2017, he did some time in juvenile detention. He will not, however, do any additional jail time.
The hacker confessed to his crimes after his arrest in October, 2017. He said he needed the money because his parents had become impoverished. He knew that the creator of the software he used, Mirai, had previously earned someone $100,000.
His botnet consisted largely of compromised Internet of Things devices. Their computing power and networking resources were diverted in a concerted effort to take sites offline. Once the sites were offline, he would communicate by e-mail, demanding a ransom to be paid in Bitcoin. An oddity of a young hacker, he communicated with two co-conspirators via Skype, rather than a more secure messaging protocol like Signal. The evidence extracted from his Skype conversations play a reportedly important role in his conviction.
Netherlands: Recommended for Criminal Hackers
American hackers of the same stripe could count on a lengthy prison sentence. The draconian Computer Fraud and Abuse Act is among the most stringent anti-hacking laws in the world, and its vague language and age make it all the more onerous for both innovators and security researchers.
Known only as S., the defendant told the court that he is now into cryptocurrency mining and speculation. The judge hilariously replied that he “will need money again soon.” His punishment is extremely light by comparison to what prosecutors wanted: 2 years in jail and restitution. S. will pay no restitution and do no additional jail time. If he neglects to violate the law for the next 360 days, he will face no real further penalty at all.
Rumor has it S. was among the top Internet of Things hackers in the world. No one has confirmed that yet, and the heavily redacted nature of the documents provided to ZDNet make it difficult to do so.
Ransomware and cryptlocking have been on the decline. Anti-virus software and other security practices have caught up with their root causes. At its zenith, the criminal activity was scheduled to become a billion dollar industry. Companies stockpiled high-priced Bitcoin throughout the boom times in order to pay any potential ransoms.
The most recent ransomware attack happened last month to the public defenders agency in Boston, Mass. The agency chose not to pay the ransom, as it had its data backed up securely, but most of its digital operations were affected nevertheless.