Bitcoin ransom paid in the Colonial Pipeline hack recovered by federal authorities
By Bob Garcia
The Department of Justice has been able to take back most of the money paid during the attack
Since the Colonial Pipeline case, federal officials have been working around the clock to recover the Bitcoin (BTC) that this entity had to pay during a recent ransomware attack. Finally, good news has arrived and, after an announcement yesterday by the Department of Justice, it has been said that the efforts have paid off and that the FBI was able to recover at least $2.3 million in BTC. That is reportedly a little more than half of what was taken during the attack.
Attackers linked to the Darkside ransomware group forced Colonial Pipeline to pay them a whopping $4.4 million in BTC after they were able to freeze its systems last month. Due to these circumstances, the company was forced to stop transporting fuel across the east coast of the US and this caused unimaginable havoc as many states were likely to run out of gas. According to Deputy Attorney General Lisa Monaco, the company had immediately contacted law enforcement. This prompted an investigation in which federal agents did their best to track down and ultimately seize some of the money paid. “The Department of Justice has found and recovered most of the ransom paid,” said Monaco.
Details of the entire investigation were further elaborated in a sworn affidavit that was filed by an FBI agent. According to what is indicated in those documents, this agent used all his ingenuity and was finally able to trace the Bitcoin Colonial sent to Darkside through several transactions recorded in the Bitcoin ledger, making use of a block explorer. “The private key to the subject address is in the possession of the FBI in the Northern District of California,” the affidavit reads.
It is estimated that the perpetrators still have around $2 million in crypto, but at least the agency was able to recover more than half. Such attacks have been on the rise as the cryptocurrency boom continues. Because of this, Monaco has urgently warned companies to take the necessary measures to protect their systems from similar situations in the future.