DoJ seized $2.3 million paid to the Colonial Pipeline ransomware extortionists

2021-06-08 08:20

The Department of Justice has seized 63.7 bitcoins currently valued at approximately $2.3 million.

"Ransom payments are the fuel that propels the digital extortion engine, and today's announcement demonstrates that the United States will use all available tools to make these attacks more costly and less profitable for criminal enterprises. We will continue to target the entire ransomware ecosystem to disrupt and deter these attacks."

On or about May 7, Colonial Pipeline was the victim of a highly publicized ransomware attack resulting in the company taking portions of its infrastructure out of operation.

Colonial Pipeline reported to the FBI that its computer network was accessed by an organization named DarkSide and that it had received and paid a ransom demand for approximately 75 bitcoins.

As alleged in the supporting affidavit, by reviewing the Bitcoin public ledger, law enforcement was able to track multiple transfers of bitcoin and identify that approximately 63.7 bitcoins, representing the proceeds of the victim's ransom payment, had been transferred to a specific address, for which the FBI has the "Private key," or the rough equivalent of a password needed to access assets accessible from the specific Bitcoin address.

"Anyone actively stockpiling cryptocurrencies in the event of a ransomware attack or other emergency is crazy, unless that's part of this business model, like a broker. This is a dangerous endeavor. A better way to prepare for a ransomware attack is to have a comprehensive cloud backup strategy in place so if your systems go offline, you'll be able to get back online in a timely manner and potentially avoid paying the ransom at all," said Matthew Rogers, CISO at Syntax.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/vXwfcaGukqA/

#DOJ #ransomware