The developers behind the CoinVault and BitCryptor ransomware were sentenced to 240 hours of community service in a Dutch court on Thursday.
Melvin and Dennis van de B., aged 25 and 21, were convicted of accusing 1,259 computers in the Netherlands and other Western European countries with the ransomware and demanding bitcoin payments as a ransom to fix the computers. The two reportedly made roughly 10,000 euros each between 2014 and 2015, Dutch website NU.nl reported.
CoinVault would cut off victims’ access to files on their computers and demand 1 bitcoin as a ransom – equivalent to several hundred euros at that time. Almost a hundred victims paid the fee, according to NU.nl.
After the news of the malware spread, cybersecurity firm Kaspersky Lab tipped the Dutch police on the names of the hackers. The firm said it had found a bug in the CoinVault code and could see “one of the suspect’s first names in the pdb path.” Kaspersky also issued around 14,000 decryption keys for the victims of the attack, as previously reported by CoinDesk.
The men told the court they just wanted to experiment and challenge their technical skills, but the judges noted that the brothers would always ask for payment, including when some victims were asking for the return of files related to their deceased parents, the Dutch website NRC.nl reported.
Some of the victims are now demanding compensation in bitcoin, 2-spyware.com wrote.
The Public Prosecution Service had previously demanded a suspended prison sentence of one year, but the judges took into consideration that the brothers had no previous criminal record and hadn’t commit any new crimes while waiting for the trial since their arrest in 2015.
Editor’s note: some of the statements in this article were translated from Dutch.
Business miniature image via Shutterstock