Security News > 2021 > June > FBI Claws Back Millions of DarkSide’s Ransom Profits
United States law enforcement has clawed back approximately $2.3 million of the ransom allegedly paid to DarkSide by Colonial Pipeline last month, the Department of Justice and FBI announced in a joint press conference on Monday.
Law enforcement tracked multiple transfers of bitcoin and were able to identify that about 63.7 of the bitcoins paid by Colonial Pipeline Co. after the May 7 ransomware attack were transferred to a specific address - an address that the FBI controls.
The FBI laid the snare from the get-go, when Colonial alerted the bureau to the attack, the DOJ said during Monday's press conference.
The ransomware attack also triggered the Biden administration to issue an emergency declaration that covered 17 states and Washington D.C. Perhaps the tables were turned, but only about half-way: Colonial reportedly shelled out $5 million in ransom to DarkSide.
DarkSide said the same thing early on in this, the attack that sent out still-spreading ripples: they were after profit, not to disrupt critical infrastructure.
Monday's announcement demonstrates how crucial it is to notify law enforcement early on if an organization is targeted with ransomware, Monaco said, thanking Colonial for doing just that: Quickly notifying the FBI when the company learned that it had been targeted by DarkSide.
News URL
https://threatpost.com/fbi-claws-back-millions-darksides-ransom/166705/