Malware victim robbed of 16 Bitcoin to sue parents of young hackers

In 2018, a U.S man named Andrew Schober fell foul to a malware hack, resulting in the loss of 16.4 Bitcoin, around $800,000 at todays price.

After spending $10,000 to hire forensic specialists, Schober thinks hes tracked down the culprits. But it turns out the alleged perpetrators are thousands of miles away, in England. The real kicker is that the suspected pair were minors at the time of the crime.

Somewhat appropriately, both are currently studying computer science at different U.K universities.

The defendants admit to the Bitcoin theft, but with a twist

As some would do in this situation, Schober tried to reason with the parents. His initial course of action was to write to the parents and explain the situation in the hopes of coming to a resolution.

Schober stated his case, giving details of his investigation that led him to the suspects in question. He also wrote about the financial and emotional toll the hack has had on his life.

“Losing that money has been financially and emotionally devastating. He might have thought he was playing a harmless joke, but it has had serious consequences for my life.”

Rather reasonably, Schober also said he would drop all action if they return the Bitcoin, plus an additional sum (of 0.555 BTC) to cover his costs in pursuing the case.

However, the letters were met with a wall of silence, forcing Schober to continue with his course of action.

In May 2021, Schober filed a lawsuit against Benedict Thompson, Oliver Read, and their parents at Colorada District Court.

In turn, this prompted a response from the defendants, who filed a motion to dismiss on August 6, 2021. Their reasoning comes down to the case being statute-barred, having taken too long to come to court.

“Plaintiff alleges two common law causes of action (conversion and trespass to chattel), for which a three-year statute of limitations applies. Plaintiff further alleges a federal statutory cause of action, for which a two-year statute of limitations applies. Because Plaintiff did not file his lawsuit until May 21, 2021, three years and five months after his injury, his claims should be dismissed.”

The defendants also filed another motion with the court dated August 2021, stating the pair had voluntarily attended a police interview on the matter.

How did it happen？

Investigations determined that Schobers computer had become infected with malware after clicking a Reddit link to download a wallet called “Electrum Atom.”

The malware lay dormant waiting for Schober to copy a cryptocurrency address. When this happened, it replaced the copied address with a wallet address controlled by the defendants.

A report by cyber security firm Total 360 Security, found that clipboard hacking trojans were found on more than 300,000 computers within a week of testing. They recommend taking the time to double-check all addresses before sending.

As for Schobers case, complications to do with the statute barred limitations, plus the involvement of the U.S justice system in the U.K, suggest he has a mountain to climb to get justice.