Cryptocurrency News

DOJ Recovers $2.3 Mln In BTC Ransom Paid By Colonial Pipeline Co.

The DOJ [Department of Justice] earlier today on Monday successfully recovered around US$2.3 Mln in cryptocurrency ransom paid by Colonial Pipeline Co, cracking down on hackers who launched the foremost disruptive United States cyberattack on record.

Deputy Attorney General Lisa Monaco said investigators had seized 63.7 bitcoins, now valued at about US$2.3 Mln, paid by Colonial after earlier month’s hack of its systems that led to massive shortages at the United States East Coast gas stations.

The DOJ has “found and recaptured the majority” of the ransom paid by Colonial, Monaco revealed.

An affidavit filed on Monday outlined that the FBI was in possession of a personal key to unlock a bitcoin wallet that had received most of the funds. However, it is unclear for now, how the FBI gained access to the key.

A judge in San Francisco approved the seizure of funds from this “cryptocurrency address”, which the filing revealed was linked within the Northern District of California.

Colonial Pipeline had outlined earlier that time that it paid the hackers nearly US$5 Mln to regain access.

Bitcoin seizures are rare, but authorities have stepped up their expertise in tracking the flow of digital money as ransomware has become a growing national security threat and put an extra strain on relations between the U.S. and Russia, where many of the gangs are based.

“Right now, the prosecution may be a pipedream,” vice-chairman John Hultquist of the Mandiant cybersecurity firm added in praising the move. “Disrupt. Disrupt. Disrupt.”

The hack, attributed by the FBI to a gang referred to as DarkSide, caused a days-long shutdown that led to a spike in gas prices, panic purchasing as well as localized fuel shortages. It posed a serious political headache for President Joe Biden as the United States economy was beginning to emerge from the ongoing coronavirus outbreak.

The White House urged corporate executives and business leaders last week to intensify security measures to guard against ransomware attacks after the Colonial hack and later intrusions that disrupted operations at a serious meatpacking company.

The deputy FBI Director Paul Abbate, who spoke at an official press conference in Monaco earlier today on Monday, described DarkSide as a Russia-based cybercrime group.

Abbate outlined that the FBI was tracking over 100 ransomware variants. DarkSide itself victimized a minimum of 90 United States-based companies, including manufacturers and healthcare providers, he revealed.

Colonial Chief Executive Joseph Blount, who will testify before the Senate on Tuesday, outlined that the corporate had worked closely with the FBI from the start and was “grateful for their swift work and professionalism.”

“Holding cybercriminals accountable and disrupting the ecosystem that permits them to deter and defend against future attacks,” Blount added.

Tom Robinson, the co-founder of the renowned crypto tracking firm Elliptic, outlined that the bitcoin wallet from which the funds were taken had contained 69.6 bitcoins. The seizure announced on Monday was of just 63.7 bitcoins, which Robinson said likely represented the share that had gone to the DarkSide “affiliate” who had initially hacked into Colonial.

DOJ Investigators added that DarkSide often used a collaboration model with other hacking groups to compromise several numerous victims.

DarkSide would normally keep a smaller share for its role in offering the encryption software and negotiating with the victim, Robinson outlined. On Monday, minutes after the primary funds were transferred out, the remaining thus followed. The United States government might have seized that second amount but has not yet announced it, Robinson added.

Leave a Comment

Your email address will not be published. Required fields are marked *