DoJ Recovers Most Of Colonial Pipeline Ransom

The US Department of Justice has confirmed it has seized most of the ransom paid to the DarkSide criminals, who last month crippled fuel supplies to large parts of the US eastern seaboard.

On Friday 7 May a major pipeline (Colonial Pipeline) in the United States was attacked by DarkSide, causing widespread fuel shortages on the US east coast.

Indeed, so serious was the attack that the US government engaged emergency powers and US President Joe Biden received “personal briefings” about the cyberattack.

Ransom payment

And to make matters worse, the management of Colonial Pipeline paid the DarkSide hackers to restore its systems.

The CEO of the firm, Joseph Blount, weeks later confirmed that he had authorised a ransom payment of $4.4 million (75 Bitcoin).

He said they had authorised the ransom payment, because executives were unsure how badly the cyberattack had breached its systems, and consequently, how long it would take to bring the pipeline back.

This decision to pay the criminals goes against law enforcement and security professional advice.

Security researchers at London-based Eliptic subsequently identified the Bitcoin digital wallet used by DarkSide to extract ransoms from their victims.

Elliptic also revealed DarkSide and its affiliates had bagged at least $90 million in bitcoin ransom payments in total from various ransomware victims.

FBI recovery

But now the US DoJ has announced it has seized 63.7 bitcoins – currently valued at approximately $2.3 million.

This means that 12 bitcoin remain unaccounted for, valued at $393,975.

It should be remembered that the value of Bitcoin has dropped dramatically in the past month.

The total 75 Bitcoin ransom payment for example is currently worth $2.5m, as of Tuesday 8 June 2021, down from its $4.4 million value in early May.

“Following the money remains one of the most basic, yet powerful tools we have,” said Deputy Attorney General Lisa O. Monaco for the US Department of Justice. “Ransom payments are the fuel that propels the digital extortion engine, and today’s announcement demonstrates that the United States will use all available tools to make these attacks more costly and less profitable for criminal enterprises.

“We will continue to target the entire ransomware ecosystem to disrupt and deter these attacks,” said O. Monaco. “Today’s announcements also demonstrate the value of early notification to law enforcement; we thank Colonial Pipeline for quickly notifying the FBI when they learned that they were targeted by DarkSide.”

“There is no place beyond the reach of the FBI to conceal illicit funds that will prevent us from imposing risk and consequences upon malicious cyber actors,” said FBI Deputy Director Paul Abbate.

“We will continue to use all of our available resources and leverage our domestic and international partnerships to disrupt ransomware attacks and protect our private sector partners and the American public,” Abbate said.

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Spyware Maker NSO Group Found Liable In US Court

Landmark ruling finds NSO Group liable on hacking charges in US federal court, after Pegasus…

2 days ago

Microsoft Diversifying 365 Copilot Away From OpenAI

Microsoft reportedly adding internal and third-party AI models to enterprise 365 Copilot offering as it…

2 days ago

Albania Bans TikTok For One Year After Stabbing

Albania to ban access to TikTok for one year after schoolboy stabbed to death, as…

2 days ago

Foldable Shipments Slow In China Amidst Global Growth Pains

Shipments of foldable smartphones show dramatic slowdown in world's biggest smartphone market amidst broader growth…

2 days ago

Google Proposes Remedies After Antitrust Defeat

Google proposes modest remedies to restore search competition, while decrying government overreach and planning appeal

2 days ago

Sega Considers Starting Own Game Subscription Service

Sega 'evaluating' starting its own game subscription service, as on-demand business model makes headway in…

2 days ago