British court freezes USD 1 million in extorted Bitcoin

A British High Court, the second highest judicial authority in Great Britain, has issued an emergency order against Bitcoin assets stolen by a blackmailing Trojan from a Canadian insurance company.

On 17th January the court published documents showing that more than 1,000 of the insurer’s computers were infected and disabled as part of the “ransomware” hacker attack. The Trojan had encrypted the files on the infected computers in order to blackmail the insurance company with the corresponding decryption. The attackers had demanded funds of 1.2 million US dollars in Bitcoin (BTC) for this purpose.

The insurance company in turn had its own insurance policy to protect against hacker attacks, which paid the hackers $950,000. In return, the company was given a decryption program that would unlock all infected files 24 hours after payment was received.

However, it took the insurer a total of 10 days to get all systems fully functional again. Besides the 1,000 infected computers, 20 servers were also infected.


Bitfinex is to disclose data

The insurer then commissioned the block chain researchers from Chainalysis to track the captured Bitcoin. The analysis showed that 96 BTCs were washed directly via the Bitfinex crypto exchange. As a result, the court has now ordered Bitfinex to disclose information about the owner of the account who received the blackmailed funds on December 12, 2019.

At Cointelegraph’s request, Bitfinex did not want to give any concrete details on the matter, but the crypto exchange emphasized its willingness to cooperate with the court:

“Bitfinex has a robust system that allows us to easily cooperate with law enforcement agencies and litigants. In this case we have worked with the aggrieved party to trace the stolen Bitcoin and to our knowledge the aggrieved party is no longer focused on Bitfinex. It appears Bitfinex is no longer involved in this incident.”

According to a report in the New Money Review on 25 January, however, the court case is still pending. Darragh Connell, the insurance company’s lawyer, states in this connection: “There will soon be further hearings on Mr Justice Bryan’s provisional court decision, the case alone will take over […] As this is only provisional jurisdiction, my client’s claim must also be heard separately before the London Commercial Court.

Ransomware attacks or blackmailing Trojans are becoming increasingly popular among hackers, and they are getting better and better. As Cointelegraph reported in December 2019, the Texas data center paid CyrusOne $600,000 in Bitcoin to unlock their own devices after such an attack.

In June 2019, hackers again managed to infect the systems of Riviera Beach City Council, enabling them to encrypt government documents. The US state of Florida then also paid 600,000 US dollars in BTC to the attackers to recover the files.