Security News > 2021 > June > US recovers most of Colonial Pipeline's $4.4M ransomware payment
The US Department of Justice has recovered the majority of the $4.4 million ransom payment paid by Colonial Pipeline to the DarkSide ransomware operation.
On May 7th, Colonial Pipeline suffered a DarkSide ransomware attack that forced them to shut down their fuel pipeline operation.
Due to the critical nature of the outage, Colonial Pipeline paid a $4.4 million ransom to the DarkSide ransomware operation that allowed them to receive a decryption key and quickly bring their systems back online.
In a Justice Department press conference, the US Department of Justice announced today that seized a cryptocurrency wallet used by DarkSide ransomware that contained the ransom payment from Colonial Pipeline.
In an affidavit submitted to the U.S. Court for the Northern District of California, an FBI agent states that law enforcement gained control of a private key belonging to a DarkSide Bitcoin wallet holding the Colonial Pipeline ransom payment.
This recovery may be the first time the US government has publicly stated that they have recovered a ransom payment paid to a ransomware operation.
News URL
Related news
- Ransom Cartel, Reveton ransomware owner arrested, charged in US (source)
- US accuses man of being 'elite' ransomware pioneer they've hunted for years (source)
- Alleged Karakut ransomware scumbag charged in US (source)
- US Marshals Service disputes ransomware gang's breach claims (source)
- Iran Cyber Attack: Fox Kitten Facilitates Ransomware in US (source)
- US sanctions crypto exchanges used by Russian ransomware gangs (source)