Uncle Sam recovers 63.7 of 75 Bitcoins Colonial Pipeline paid to ransomware crew

2021-06-08 03:26

The US Department of Justice on Monday said it has recovered 63.7 Bitcoins, right now worth $2.1m and falling, of the 75 or so BTC the Colonial Pipeline operators paid the ransomware miscreants who infected the fuel provider's computers.

Deputy Attorney General Lisa Monaco said Colonial contacted the Feds shortly after some of its internal IT systems were infected by the extortionware in early May, causing a temporary halt in operations.

A ransom of about $5m or 75 BTC was paid to the Darkside crew behind the attack.

So it is quite possible Darkside's infrastructure was commandeered by the Feds, who were able to return the 75 BTC ransom minus the fee already paid by the ransomware gang to their affiliate that did the actual job of infecting the Colonial Pipeline's computers - which was said to have occurred via a compromised VPN account.

"It's not the first time that the government has ever seized cryptocurrency in connection with ransomware attacks," said Monaco.

The Deputy AG continued that the Bitcoin seizure - authorized by a magistrate judge in California - was only possible because the Colonial Pipeline's operators got the FBI involved early in the process.

News URL

https://go.theregister.com/feed/www.theregister.com/2021/06/08/antiransomware_task_force/

#bitcoin #ransomware