Well, well, well. Crime does pay: Ransomware creeps let off with community service

Two men who masterminded various Coinvault ransomware infections will carry out 240 hours of community service as punishment for screwing over 1,200 computers and banking around €10,000 (£9k, $12k) in profit.

The sentence was handed down by a court in Rotterdam, in the Netherlands, where it was ruled brothers Melvin and Dennis van den B. had earned leniency based on their cooperation with police, lack of a criminal record, and young ages at the time they were collared in 2015. Melvin was 22 and Dennis 18 at the time of their arrest.

Prosecutors had asked they receive a year in prison in addition to the 240 hours of community service.

Coinvault surfaced in 2014 as a high-profile file-scrambling malware. The software encrypted victims' documents, and demanded they pay a ransom of one Bitcoin (worth a few hundred Euros at the time) to restore access to their data.

While the pair was only charged with infecting 1,259 machines, researchers have estimated that the actual number of PCs hit with the malware was more like 14,000, with victims in more than 20 countries.

It was claimed in court that about 100 people coughed up the ransom demands before antivirus makers were able to develop a decryption tool to unscrambled hostage files. The malware would only be eradicated fully in 2015 when the brothers were arrested and the full decryption keys were recovered.

Interestingly, it was the pair's Dutch nationality that brought them down. Researchers were able to pinpoint the locality of the authors to the Netherlands after finding snippets of the code containing "flawless Dutch phrases" that are usually only bandied about by native speakers of the notoriously difficult language.

Kaspersky Lab, who helped lead the investigation and eventual takedown of Coinvault, said that, despite the lenient sentence, the ultimate takeaway from the three-year ordeal should be that, in the end, extortionists get caught.

"Cybercrime doesn’t pay," said Kaspersky Lab researcher Jornt van der Wiel. "If you become a victim of criminal or ransomware activity, keep your files and report the incident to the police. Never pay the ransom and be confident that not only will the decryption tool appear, but also that justice will triumph in regards to the criminals." ®