AMSTERDAM (Reuters) - Dutch police said on Thursday they had arrested two men on suspicion of using malicious software known as "CoinVault" to try to extort money from victims whose computers they hacked.
CoinVault, first identified by online security firm Kaspersky Lab in 2014, encrypts a target computer's files and then posts a message on the screen demanding a ransom in exchange for the digital key needed to decrypt them.
The suspects, 18 and 22 years old, were arrested on Monday in the town of Amersfoort, national police spokesman Thomas Aling said. They were to be arraigned in Rotterdam on Thursday. The police and court did not release their names.
The Netherlands' High Tech Crime Unit said in a statement that the suspects were thought to have encrypted 1,500 computers in the Netherlands, United States, Germany, France and Britain.
"Victims who refused to pay lost their files, for instance vacation photos, videos and presentations," it said.
Aling said it was not clear how many of the 1,500 actually paid a ransom, though at least some did.
The CoinVault software instructs its victims to pay with bitcoin, the digital currency, in a bid to keep criminals' identity concealed.
The two suspects were identified with the help of Kaspersky Lab, Aling said.
The company said in a press release that samples of CoinVault software it submitted to police contained "flawless Dutch phrases", suggesting a Netherlands connection.
Aling said he could not disclose how the individual suspects were further identified.
"We don't know why these guys were doing this" he said. "You could look at their age, but this is a very serious matter."
(Reporting by Toby Sterling, editing by Larry King)