Security News > 2021 > June > US recovers most of Colonial Pipeline's $4.4M ransomware payment

US recovers most of Colonial Pipeline's $4.4M ransomware payment
2021-06-07 19:28

The US Department of Justice has recovered the majority of the $4.4 million ransom payment paid by Colonial Pipeline to the DarkSide ransomware operation.

On May 7th, Colonial Pipeline suffered a DarkSide ransomware attack that forced them to shut down their fuel pipeline operation.

Due to the critical nature of the outage, Colonial Pipeline paid a $4.4 million ransom to the DarkSide ransomware operation that allowed them to receive a decryption key and quickly bring their systems back online.

In a Justice Department press conference, the US Department of Justice announced today that seized a cryptocurrency wallet used by DarkSide ransomware that contained the ransom payment from Colonial Pipeline.

In an affidavit submitted to the U.S. Court for the Northern District of California, an FBI agent states that law enforcement gained control of a private key belonging to a DarkSide Bitcoin wallet holding the Colonial Pipeline ransom payment.

This recovery may be the first time the US government has publicly stated that they have recovered a ransom payment paid to a ransomware operation.


News URL

https://www.bleepingcomputer.com/news/security/us-recovers-most-of-colonial-pipelines-44m-ransomware-payment/