The US government has recovered ransomware money from cyber criminals and returned it to hospitals that had paid to criminals to be able to function properly:
https://www.bbc.com/news/technology-62239638
Excerpt:
” It is not known how the FBI was able to seize the funds but Tom Robinson, founder and chief scientist of Elliptic, which analyses Bitcoin payments, told the BBC the seizure may have come about as the hackers tried to exchange their Bitcoin to traditional currency.
“It’s likely that the investigators were able to trace the cryptocurrency to an exchange platform, where the launderers would have sent the funds in order to cash out. Exchanges are regulated businesses and can seize their customers’ funds if compelled to do so by law enforcement,” he said.
“Another possibility is that the cryptocurrency was seized directly from the launderers’ own wallet. This is more challenging to do as it would require access to the wallet’s private key – a passcode that allows cryptocurrency in a wallet to be accessed and moved.”
US authorities are increasingly using new tactics to steal back extorted funds from cyber-criminals operating in jurisdictions like North Korea and Russia, where law enforcement agencies do not co-operate with Western requests for assistance.
“These seizures are still very rare, and it highlights the value of speedy reporting of cyber-extortion incidents, and working with law enforcement,” says Jen Ellis, from cyber-security firm Rapid7.” ”
Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).
MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV
