British Court Freezes $860,000 in Bitcoin Linked to Ransomware Payout

[TravelMug]

A U.K. court has ordered Bitfinex to freeze bitcoin worth $860,000 after the crypto exchange and blockchain sleuthing firm Chainalysis traced the funds to a ransomware payment.

The victim of the ransomware attack had paid $950,000 in bitcoin to the perpetrator through an insurance company, according to a filing published last week by the England and Wales High Court (Commercial Court) and first reported by New Money Review. While some of the bitcoin was converted into fiat currency, the remainder appears to have been sent to an address on the Bitfinex platform.

The court ordered Bitfinex to freeze the address and share its know-your-customer (KYC) information about the account's owner.

https://www.coindesk.com/british-court-freezes-860000-in-bitcoin-linked-to-ransomware-payout

This could be the first case wherein we where able to see the victims find justice in this kind of exploits (ransomware). So let's see if Bitfinex are going to cooperate and exposed their customers KYC details.

But I was thinking that the cyber criminals might used fake identifications here, so it will be interesting what will be the outcome.

[stompix]

Reading through the file:
https://www.bailii.org/ew/cases/EWHC/Comm/2019/3556.html

Am I the only one thinking that since they've received the BTC almost 3 months ago:

The ransom was subsequently paid at 12.24 on 10th October 2019 and by way of email IRC requested confirmation from the first respondent:

they are damn stupid to leave bitcoin on an exchange or to even try to convert such a big part of using a single account?

In the present case, it was possible to track the Bitcoins that had been transferred as a ransom. Whilst some of the Bitcoins was transferred into "fiat currency" as it is known, a substantial proportion of the Bitcoin, namely, 96 Bitcoins, were transferred to a specified address. In the present instance, the address where the 96 Bitcoins were sent is linked to the exchange known as Bitfinex operated by the third and fourth defendants.

How where they able to identify that the other stash was transformed into fiat?

ps, I think this is the tx:
https://blockchair.com/bitcoin/address/3PdcHjdfnCRXLpVoWjkApUmn8svsWa7JtD

[davis196]

Some hackers can be dumb.Not using multiple wallets and addresses,not using bitcoin mixers,not dividing a large sum and depositing it into multiple crypto exchange accounts(with different IPs,emails and other data).
This is good news.Every ransomware hacker worldwide has to be punished and his identity has to be revealed.I'm sick and tired of all the "bitcoin-ransomware" FUD that gets spread every day.

[bitcoinwhoswho]

ps, I think this is the tx:
https://blockchair.com/bitcoin/address/3PdcHjdfnCRXLpVoWjkApUmn8svsWa7JtD

Why do you think this is the address?

[Kemarit]

Some hackers can be dumb.Not using multiple wallets and addresses,not using bitcoin mixers,not dividing a large sum and depositing it into multiple crypto exchange accounts(with different IPs,emails and other data).
This is good news.Every ransomware hacker worldwide has to be punished and his identity has to be revealed.I'm sick and tired of all the "bitcoin-ransomware" FUD that gets spread every day.

Yeah, we always thought that these supposedly crypto hackers are very intelligent individuals. But they can be dumb sometimes and thought that they can get away with it.

But the victims try to fight back or at least the insurance company and hire Chainalysis to track down where the Bitcoin is going and lo and behold a Bitfinex account pops out. So that's a first step to identity the hackers that could lead to jail time.

[Wexnident]

Some hackers can be dumb.Not using multiple wallets and addresses,not using bitcoin mixers,not dividing a large sum and depositing it into multiple crypto exchange accounts(with different IPs,emails and other data).
This is good news.Every ransomware hacker worldwide has to be punished and his identity has to be revealed.I'm sick and tired of all the "bitcoin-ransomware" FUD that gets spread every day.

Guess they turned lazy. Like really so. Or they underestimated the British cyber security team. Which isn't really all that surprising. Most hackers are self-educated which makes their brain go inflated all the way to the top, that is until reality hits them hard. Just like how most geniuses meet their end anyway.

Tried looking up if there were any follow up news regarding this, but I couldn't find any. It seemed like Bitfinex is planning to cooperate as long as the Court files an official statement regarding the situation. Sadly though, this also brings to light that crypto may not be as anonymous as we expect it to be, especially with CEXs.

[pooya87]

to be honest i am having a very hard time believing this news. it is filled with plot holes.
1. it is hard to believe that ransomware hackers didn't mix their coins in first place to let something like Chainanalysis find out what they are doing with the funds. that should have been the first thing they did, and most probably it is. which raises the question about what the heck did chainanalysis find?

2. who sends nearly $1 million worth of bitcoin to an exchange, not to mention that it is illegal funds! normal people don't take such risks let alone criminals that know blockchain analyzers are looking at them and follow their transactions.

3. who leaves this much money on exchanges for such a long time (3 months)?

[Debonaire217]

I have encountered many people asking for their laptops and their computers to be repaired because their files has been compromised because of enormous ransom wares, most of the time, they think about paying it with BTC but I advised that there is no guarantee that the creator of the ransom ware will retrieve the files. Going back, $860,000 bitcoin is quite too high, I wonder how important the files are, that the company want's to pay in order to get it back.

That is why we should always have a backup database in order to make our system still accessible, and just format the units that are affected.

[stompix]

ps, I think this is the tx:
https://blockchair.com/bitcoin/address/3PdcHjdfnCRXLpVoWjkApUmn8svsWa7JtD

Why do you think this is the address?

https://www.bailii.org/ew/cases/EWHC/Comm/2019/3556.html

transferred 109.25 Bitcoins to the address that was provided
.............
The ransom was subsequently paid at 12.24 on 10th October 2019
......
a substantial proportion of the Bitcoin, namely, 96 Bitcoins, were transferred to a specified address.

Matches perfectly with the details in the documents issued by the high court.

[hatshepsut93]

to be honest i am having a very hard time believing this news. it is filled with plot holes.
1. it is hard to believe that ransomware hackers didn't mix their coins in first place to let something like Chainanalysis find out what they are doing with the funds. that should have been the first thing they did, and most probably it is. which raises the question about what the heck did chainanalysis find?

2. who sends nearly $1 million worth of bitcoin to an exchange, not to mention that it is illegal funds! normal people don't take such risks let alone criminals that know blockchain analyzers are looking at them and follow their transactions.

3. who leaves this much money on exchanges for such a long time (3 months)?

Don't underestimate human stupidity, all these hackers and malware spreaders aren't necessarily the brightest people, it doesn't take tremendous skill to compile a payload with other people's malware and setup some spamming server, or add it to some torrent. It's easy to judge people when you deal with Bitcoin every single day, but for someone who uses it for the first time, it's easy to make the mistake of putting all your coins into your exchange account, especially if you didn't read any guides prior to starting to use Bitcoin.