Dutch Uni Gets Cyber Ransom Money Back… With Interest

A Dutch university that fell victim to a massive ransomware attack has partly received back its stolen money… which in the meantime more than doubled in value, a news report said on Saturday.

The southern Maastricht University in 2019 was hit by a large cyberattack in which criminals used ransomware, a type of malicious software that locks valuable data and can only be accessed once the victim pays a ransom amount.

“The criminals had encrypted hundreds of Windows servers and backup systems, preventing 25,000 students and employees from accessing scientific data, library and mail,” the daily De Volkskrant said.  

The hackers demanded 200,000 euros ($208,000) in bitcoins.

“After a week the university decide to accede to the criminal gang’s demand,” the paper said.

“This was partly because personal data was in danger of being lost and students were unable to take an exam or work on their theses,” it said.

Dutch police traced part of the ransom paid to an account belonging to a money launderer in Ukraine.

Prosecutors in 2020 seized this man’s account, which contained a number of different crypto currencies including part of the ransom money paid by Maastricht.

“When, now after more than two years, it was finally possible to get that money to the Netherlands, the value had increased from 40,000 euros to half-a-million euros,” the paper said.

Maastricht University will now get the 500,000 euros ($521,000) back.

“This money will not go to a general fund, but into a fund to help financially strapped students,” Maastricht University ICT director Michiel Borgers said.

The investigation into the hackers responsible for the attack on the university is still ongoing, De Volkskrant added.

Related: Netherlands University Pays $240,000 After Targeted Ransomware Attack