There's a fee attached to receiving money over a postgiro-account as the article explained, the hack is that the fee is larger than the money they receive and not that they could keep it. Your ability to (maybe) get the money back is just an extra step you could take if you wanted to cause more harm.
In Sweden there are laws that if you transfer money to someone by accident they are required to return it and this is a Swedish bank account and a Swedish law firm. I have no idea if those laws would actually apply in this case though, seeing how I'm not a lawyer or anything.
On a related note it's nice to know those laws exist when you accidently pay the rent to your webbhost.
Except that the bank can also refuse to consider these transfers to be made "in error", given the vast publicity this has been given on the web. Indeed, given the fraudulent intent behind these transactions, the bank can simply keep the money (without forcing the intended recipient to swallow the costs of the transfer) to pay for its own costs in handling the transfer.
On top of that, above a certain dollar limit (don't know what it is in this case), this gives the Swedish court jurisdiction for criminal charges for the mastermind, for bank fraud.
In Sweden there are laws that if you transfer money to someone by accident they are required to return it and this is a Swedish bank account and a Swedish law firm. I have no idea if those laws would actually apply in this case though, seeing how I'm not a lawyer or anything.
On a related note it's nice to know those laws exist when you accidently pay the rent to your webbhost.