Dutch Police help victims obtain decryption keys by reversing Bitcoin payment
The Dutch National Police trick the DeadBolt ransomware gang, by reversing the Bitcoin ransom payments, after receiving the decryption keys for multiple victims.
Reporting a Ransomware attack is the right thing to do, as can confirm the victims that were extorted by the DeadBolt ransomware gang, after their network storage devices (NAS) were encrypted.
The Dutch Police took advantage of the delay in the Bitcoin confirmation, which could take up to 30 minutes. Only after confirmation that the transaction was included in a block, it cannot be reversed.
Through this well timed intervention, the Dutch Police managed to obtain the release of 150 decryption keys, 90% of the victims that reported the crime. Immediately after receiving the keys, the Police withdrew the payments.
While in this "smash and grab" action, ironically performed by the Dutch Police, DeadBolt had to shutdown their systems to avoid releasing more keys as an automated result of the Bitcoin payment, that would immediately after be withdrawn.
The Dutch Police announcement
The Bleeping Computer article
Reporting a Ransomware attack is the right thing to do, as can confirm the victims that were extorted by the DeadBolt ransomware gang, after their network storage devices (NAS) were encrypted.
The Dutch Police took advantage of the delay in the Bitcoin confirmation, which could take up to 30 minutes. Only after confirmation that the transaction was included in a block, it cannot be reversed.
Through this well timed intervention, the Dutch Police managed to obtain the release of 150 decryption keys, 90% of the victims that reported the crime. Immediately after receiving the keys, the Police withdrew the payments.
While in this "smash and grab" action, ironically performed by the Dutch Police, DeadBolt had to shutdown their systems to avoid releasing more keys as an automated result of the Bitcoin payment, that would immediately after be withdrawn.
The Dutch Police announcement
The Bleeping Computer article