Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> So why are ransomware hackers never prosecuted?

Because they're typically based in Russia, and Russia has a policy that it will not prosecute its citizens for computer crimes unless they perpetrated them against Russians or Russian organizations. My understanding is most ransomware has code to detect Russian computers (e.g. by checking localization settings), and will refuse to run if it finds itself on one for that reason.

https://krebsonsecurity.com/2021/05/try-this-one-weird-trick...



So why not just send the payment to a Russian bank?


Because Russian banks need to be capable of transacting with American banks and directly receiving money that is Ransom Payment related is a bad business decision.


So you're saying sending money to a bitcoin address would help obscure the identity of the receiver?


No I'm saying a Russian bank probably doesn't look past the deposit. But if the deposit comes from America then an American bank will ask for it back when the US govt tells it to and then the bank will do so because it's good business. So I would imagine most ransomware gangs just keep the money in bitcoin and only pull out what they need to when they need to.


> So why not just send the payment to a Russian bank?

I don't know, I'm not a Russian in the ransomware business.

But I speculate that doing it that way might be so blatant and inconvenient to the Russian government that it might get the policy that protects them changed. Also, I'd imagine any bank that accepts such payments would quickly get itself blacklisted. This stuff isn't actually binary, so it's not smart to take it to the limit.


Why not set all US system to have russian locale?


That is actually done by some orgs for security purposes.




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: