Posted 1 year ago | by Ben Armstrong

$1M USD of Bitcoin Ordered Frozen in Ransomware Case

A United Kingdom High Court ordered a proprietary injunction on Bitcoin (BTC) holdings after a ransomware attack on a Canadian insurance company. A proprietary injunction prevents a person from dealing with their assets when it is subject to the claim.

UK High Court released documents that pertain to a ransomware attack, the documents were made public on Jan 17, 2020. The victim of the ransomware attack wan an insurance company with over 1,000 computers that were rendered unusable due to the use of malware that encrypted files, and made them inaccessible.

The unidentified attackers asked for $1.2 million USD in Bitcoin to exchange for decrypting the data. In addition to the cash losses, the company also suffered from a substantial amount of downtime.

The Damage of Ransomware

The client’s losses from cybercrime were covered by the company’s insurer. The firm also agreed to pay $950,000 USD in Bitcoin to decrypt the files and received a tool to unlock them 24 hours after making the payment. Then, all of its systems, including 20 servers and 1,000 desktop computers, needed 10 days to be restored.

The company’s insurer hired Chainalysis, a blockchain major analytics firm, to track the ransom. It revealed that most of the Bitcoin had been immediately laundered through crypto exchange Bitfinex.

Chainalysis Director of Communications Maddie Kennedy said in a statement that:

"a leading cyber insurer used Chainalysis software to investigate ransomware payments made on behalf of their clients and trace the flow of funds from the point of extortion to known services such as exchanges."

The Risks of Using Digital Systems

"A significant amount" of this ransom was tracked to a user on Bitfinex, and the insurance firm's lawyers were able to successfully petition for a freeze on these funds, according to a person close to the case.

Also, the court asked Bitfinex to provide any information which concerns the holder of the account that received the ransom by Dec. 18, 2019.

When Cointelegraph contacted Bitfinex, instead of clarifying the status of the ransomers’ Bitcoin or what data was handed over to the court, Bitfinex stated:

“Bitfinex has robust systems in place to allow it to assist law enforcement authorities and litigants in cases such as this. In this case, we have assisted the Claimant to trace the stolen Bitcoin and we understand the focus of the Claimant’s attention is no longer on the Bitfinex platform. It now appears Bitfinex is an entirely innocent party mixed up in this wrongdoing.”

According to the New Money Review reported on Jan. 25, the case is still ongoing.

Cointelegraph reported in early December 2019, a Texas-based data center provider CyrusOne paid a $600,000 USD ransom in BTC in such an attack and in June 2019, Florida agreed to pay $600,000 USD worth of Bitcoin to the hackers who managed to infect the systems of the city council of Riviera Beach with ransomware and encrypt government files.