Last week a Dutch mobile bank found itself battling to keep its app up and running in the face of a sustained DDoS attack. This week, the culprit was unmasked. Russian mobsters? North Korean officials? No, a local schoolboy who turned up to the Bunq office to confess and agreed to carry out community service in penitence.
In a message on its site, Bunq says that, after seeing off last week's attack, it has been focusing on finding the perpetrator.
"As we got closer he decided to step forward himself. He, J., just visited our office to apologise for his actions. He is 18 and still in school. He apologised sincerely."
The bank has decided not to press charges, "which could result in one year of prison time along with hefty fines. Effectively destroying his life."
Instead, for the "youthful sin", J has agreed to carry out a week of community service for Amnesty International.
According to local publication RTLZ, J bought a botnet to carry out the attack in response to a recent move by Bunq to hike its monthly fees from EUR1 to EUR7.99 month.