U.S.investigators recovered $2.3 million worth of cryptocurrency paid as a ransom to the hackers that forced the shut down of Colonial Pipeline.
- The seizure warrant was authorised through the U.S. Attorney's Office for the Northern District of California.
- Investigators seized the majority of the ransom that Colonial Pipeline paid to hackers who used malware developed by DarkSide, a Russia-linked hacking group, to encrypt and lock up the company’s computer systems.
U.S. investigators recovered $2.3 million worth of cryptocurrency paid as a ransom to the hackers that forced the shut down of Colonial Pipeline.
The cyberattack on Colonial Pipeline forced the company to shut down its operations for five days, triggering significant shortages at gas stations up and down the East Coast.
The FBI Deputy Director Paul Abbate reported that investigators were able to track the payment to a “virtual currency wallet, ” then seized $2.3 million in cryptocurrency paid to a criminal hacking group known as DarkSide.
Although it is uncertain the hackers would ever face charges in the U.S., the action depicted a significant strike against such groups, "depriving" them of the illegal benefit they seek.
Colonial Pipeline Co. CEO Joseph Blount said in an interview published last month that the company complied with the $4.4 million ransom demand because officials didn't know the extent of the intrusion by hackers and how long it would take to restore operations.
“When Colonial was attacked on May 7, we quietly and quickly contacted the local FBI field offices in Atlanta and San Francisco, and prosecutors in Northern California and Washington D.C. to share with them what we knew at that time. The Department of Justice and FBI were instrumental in helping us to understand the threat actor and their tactics. Their efforts to hold these criminals accountable and bring them to justice are commendable," said Joseph Blount.
“The extortionists will never see this money,” Stephanie Hinds, acting U.S. attorney for the Northern District of California, where the seizure warrant was obtained, told reporters. “This case demonstrates our resolve to develop methods to prevent evildoers from converting new methods of payment into tools and extortion for undeserved profits.”
“Ransom payments are the fuel that propels the digital extortion engine, and today’s announcement demonstrates that the U.S. will use all available tools to make these attacks more costly and less profitable for criminal enterprises," said Monaco. "We will continue to target the entire ransomware ecosystem to disrupt and deter these attacks."
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?