US DoJ Recovered $2.3 Million Ransom Paid to Pipeline Hackers

63.7 bitcoins recovered by DoJ from hackers

According to a seizure warrant issued by the Northern District of California, Colonial Pipeline paid 63.7 bitcoins (currently valued at $2.3 million) to the DarkSide ransomware extortionists on May 8.

As a result of the ransomware attack, the pipeline company was forced to halt fuel deliveries, prompting the government to declare an emergency, even as it shelled out approximately 75 bitcoins ($4.4 million as of May 8) to regain access to its systems.

Ransomware-as-a-service group Disbands With Extensive Farewell Message to Affiliates Just Weeks After Highly Publicized Incident Unknown law enforcement groups seized the group’s internet servers and cryptocurrency stash. It seems the latest move by DoJ confirms earlier speculations of law enforcement involvement despite DarkSide’s announcement being perceived as an exit scam.

FBI Deputy Director said: 

“There is no place beyond the reach of the FBI to conceal illicit funds that will prevent us from imposing risk and consequences upon malicious cyber actors. We will continue to use all of our available resources and leverage our domestic and international partnerships to disrupt ransomware attacks and protect our private sector partners and the American public.”

DarkSide had previously said they lost access to one of their payment servers, so it’s unclear how the intelligence agency obtained the private key.

It was discovered by the Blockchain analytics firm Elliptic that the Colonial Pipeline ransom payment involved bitcoins. Elliptic said the bitcoins seized represent 85% of the total ransom amount, typically allocated to affiliates, with the remaining amount going to DarkSide. It was emptied at 2:00 p.m. According to Elliptic’s chief scientist and co-founder, Dr. Tom Robinson, the company went live on Monday at ET.

A cybercriminal cartel’s illicit profits were seized by the DoJ’s newly formed Ransomware and Digital Extortion Task Force by breaking into the cartel’s bitcoin wallet for the first time ever.

CEO Joseph Blount said about ransomware: 

“Holding cybercriminals accountable and disrupting the ecosystem that allows them to operate is the best way to deter and defend against future attacks of this nature. The private sector also has an equally important role to play, and we must continue to take cyber threats seriously and invest accordingly to harden our defenses.”

Leave a Comment

Your email address will not be published.

Recent Posts


Topic(s) Of Interest

Social Share

Share this post with your friends, if you found our content interesting.

× How can we help you?