U.S. Recovers $2.3 Million Ransom Paid to Colonial Pipeline Hackers

bitcoin ransomware attack

In a significant blow, the U.S. Division of Justice on Monday mentioned it has recovered 63.7 bitcoins (at the moment valued at $2.3 million) paid by Colonial Pipeline to the DarkSide ransomware extortionists on Could 8, pursuant to a seizure warrant that was approved by the Northern District of California.

The ransomware attack additionally hobbled the pipeline firm’s gasoline provide, prompting the federal government to concern an emergency declaration, whilst the corporate shelled out a ransom quantity of roughly 75 bitcoins ($4.4 million as of Could 8) to regain entry to its techniques.

Stack Overflow Teams

Every week after the extremely publicized incident, the ransomware-as-a-service syndicate disbanded with a Could 14 farewell message to associates, stating that its web servers and cryptocurrency stash have been seized by unknown regulation enforcement entities. Whereas DarkSide’s announcement was perceived as an exit rip-off, the most recent transfer from DoJ confirms earlier speculations of regulation enforcement involvement.

bitcoin ransomware attack

Stating that “ransom funds are the gasoline that propels the digital extortion engine,” the DoJ mentioned it followed the money trails left by the DarkSide gang to a particular bitcoin tackle by reviewing the Bitcoin public ledger, to which the proceeds of the ransom cost have been transferred, finally utilizing the “private key” the FBI had in its possession to entry crypto belongings saved within the pockets in query.

“There isn’t a place past the attain of the FBI to hide illicit funds that may stop us from imposing threat and penalties upon malicious cyber actors,” said FBI Deputy Director Paul Abbate. “We’ll proceed to make use of all of our out there assets and leverage our home and worldwide partnerships to disrupt ransomware assaults and defend our personal sector companions and the American public.”

It is not instantly clear how the intelligence company got here to have the personal key, however DarkSide had beforehand claimed to have misplaced entry to one in every of their cost servers.

Prevent Data Breaches

Blockchain analytics agency Elliptic, which had recognized the bitcoin transaction representing the Colonial Pipeline ransom cost, mentioned the seized bitcoins symbolize 85% of the whole ransom quantity which is often reserved for associates, with the remaining going to the DarkSide builders. The Bitcoin tackle was emptied at round 1:40 p.m. ET on Monday, Dr. Tom Robinson, Elliptic’s co-founder and chief scientist, said.

If something, the seizure marks a first-of-its-kind orchestrated effort led by the DoJ’s newly fashioned Ransomware and Digital Extortion Activity Pressure to confiscate a cybercriminal cartel’s illicit income by breaking into its bitcoin pockets.

“Holding cyber criminals accountable and disrupting the ecosystem that enables them to function is one of the simplest ways to discourage and defend towards future assaults of this nature,” Colonial Pipeline CEO Joseph Blount said within the assertion. “The personal sector additionally has an equally essential position to play and we should proceed to take cyber threats critically and make investments accordingly to harden our defenses.”

Source link