The proceeds of a ransomware attack have been tracked down to a Bitfinex account, and a British court has ordered the company to freeze about $860,000.
A British firm was extorted for more than 100 ₿ last year and paid through an insurance company. Cyber security insurance is a growing trade. The insurance company paid the ransom, but not without the caveat that it engaged the services of none other than Chainalysis.
Chainalysis is a firm that takes the controversial path of exploiting the blockchain’s transparency. The firm was able to verify that most of the funds made their way to a Bitfinex account.
The insurance firm then filed with the British court system, demanding relief. Now it has received it, with the funds being frozen and presumably in the early stages of getting transferred back to their rightful owner.
Ransomware attacks involving Bitcoin have become the norm. Many companies are resorting to engaging the services of insurance companies.
In this case, it paid off. The insurance provider knew exactly what to do. More importantly, what they did worked out.
It’s unclear whether more will come of the seizure. Certainly, Bitfinex will need to hand over the identifying information about the account holder. There’s no evidence to suggest, necessarily, that they and the person who own the BTC are one and the same. Just as the person hacked a firm for nearly $1 million, they could hack into a Bitfinex account with the express purpose of dumping BTC.
While that’s possible, it’s perhaps more likely that the account holder is indeed the hacker.
Compliant, Not Defendant
Bitfinex, for its part, has complied with court orders.
Initially, the company and its parent company were listed as defendants in the court filings around the case.
However, Bitfinex has now done its part and its no longer being viewed as an accomplice.
Ransomware extortions have become relatively routine in the modern world. This firm was extorted for 100 ₿. The City of Baltimore was initially extorted for less, but it chose not to pay. Now it has some insurance, as well. It was not even the first time a ransomware attack had successfully compromised the city’s operations.
Nearby New York State wants to make it illegal to pay ransomware demands. It’s unclear whether that strategy will prove out or not. Just because it’s illegal, doesn’t mean the hackers can’t demand it.
Whatever the case, ransomware won’t be fully fixed until the underlying security flaws that hackers take advantage of are fixed. These flaws, rather than the hackers themselves, are ultimately to blame for the lost funds, time, and productivity.
That’s not to say the hackers aren’t also to blame. Of course they are. They’re the ones actively doing the dirty work. Nonetheless, without security flaws to exploit, they wouldn’t have much to go on. So who is really to blame?