EN
  • Cyber stability
  • Secops
  • Risks management
  • Digital transformation
  • Digital Sovereignty
  • Cybercrime
  • Industry and OT
  • Fraud
  • Digital identity
  • Cyber +
    • Dutch police trick DeadBolt ransomware gang

    Dutch police trick DeadBolt ransomware gang

    Written by
    The Editorial Team
    10.21.22
    Cybercrime
    01
    MIN
    Dutch police trick DeadBolt ransomware gang
    Dutch police trick DeadBolt ransomware gang
    Dutch police trick DeadBolt ransomware gang
    Image Europol Head of Operations discusses [dismantling of LockBit]
    Cybercrime
    04.02.24 Cybercrime
    Next article
    Europol Head of Operations discusses dismantling of LockBit
    Read
    02
    MIN
    Image Russian DDoS attack hits French news agency AFP 
    Cybercrime
    03.20.24 Cybercrime
    Next article
    Russian DDoS attack hits French news agency AFP 
    Read
    01
    MIN
    Image Microsoft facing new attacks from Midnight Blizzard 
    Cybercrime
    03.16.24 Cybercrime
    Next article
    Microsoft facing new attacks from Midnight Blizzard 
    Read
    02
    MIN
    Image Dark web marketplace specialized in narcotics extorts users 
    Cybercrime
    03.15.24 Cybercrime
    Next article
    Dark web marketplace specialized in narcotics extorts users 
    Read
    02
    MIN

    By faking ransom payments, the Dutch police and the cybersecurity firm Responders recovered 155 decryption keys from the cybercriminal group DeadBolt

    DeadBolt is a ransomware gang that appeared in January 2022, targeting Qnap network storage servers and Asustor devices. It asks for a ransom of 0.03 bitcoin (about 600 euros) to unlock data and has reportedly claimed over 20,000 victims worldwide.

    Dutch police and cybersecurity firm Responders found that the group automated the creation of a BitCoin transaction containing the decryption key as soon as the ransom was paid.

    So, they waited for a bottleneck in the BitCoin blockchain to initiate transactions, which were cancelled in the process before they had time to be permanently recorded in the blockchain. The operation fooled DeadBolt’s automation, which delivered a total of 155 decryption keys.

    Responders made these keys available to potential victims of the ransomware gang. For its part, DeadBolt finally realized the scheme and set up a double confirmation mechanism before sending the decryption keys.

    The Editorial Team
    10.21.22
    Articles by the same author:
    1
    04.08.24 Cybercrime
    AT&T data theft: 73 million accounts compromised
    Read
    01
    MIN
    2
    04.08.24 Industry and OT
    Kaspersky notes slight decrease in attacks against ICS 
    Read
    02
    MIN
    3
    04.05.24 Digital Sovereignty
    DMA: European Commission to investigate Alphabet, Apple and Meta 
    Read
    02
    MIN
    4
    04.02.24 Digital Sovereignty
    Atos/Eviden: Airbus throws in the towel (again)
    Read
    02
    MIN
    Image Europol Head of Operations discusses [dismantling of LockBit]
    Cybercrime
    04.02.24 Cybercrime
    Next article
    Europol Head of Operations discusses dismantling of LockBit
    Read
    02
    MIN
    Image Russian DDoS attack hits French news agency AFP 
    Cybercrime
    03.20.24 Cybercrime
    Next article
    Russian DDoS attack hits French news agency AFP 
    Read
    01
    MIN
    Image Microsoft facing new attacks from Midnight Blizzard 
    Cybercrime
    03.16.24 Cybercrime
    Next article
    Microsoft facing new attacks from Midnight Blizzard 
    Read
    02
    MIN
    Image Dark web marketplace specialized in narcotics extorts users 
    Cybercrime
    03.15.24 Cybercrime
    Next article
    Dark web marketplace specialized in narcotics extorts users 
    Read
    02
    MIN
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.