Jump to content
  • US recovers most of Colonial Pipeline's $4.4M ransomware payment


    Karlston

    • 650 views
    • 2 minutes
     Share


    • 650 views
    • 2 minutes

    US recovers most of Colonial Pipeline's $4.4M ransomware payment

     

    The US Department of Justice has recovered the majority of the $4.4 million ransom payment paid by Colonial Pipeline to the DarkSide ransomware operation.

     

    On May 7th, Colonial Pipeline suffered a DarkSide ransomware attack that forced them to shut down their fuel pipeline operation. This shutdown led to temporary gas shortages on the east coast as people began to rush to stock up on gasoline.

     

    Due to the critical nature of the outage, Colonial Pipeline paid a $4.4 million ransom to the DarkSide ransomware operation that allowed them to receive a decryption key and quickly bring their systems back online.

     

    Faced with increased scrutiny by the US government and law enforcement, the DarkSide ransomware shut down their operation after claiming that they lost access to some of their servers and their cryptocurrency was transferred to an unknown address.

     

    "In addition, a couple of hours after the seizure, funds from the payment server (belonging to us and our clients) were withdrawn to an unknown account," the DarkSide ransomware operation told its affiliates.

    DOJ recovers a portion of ransom payment

    In a Justice Department press conference, the US Department of Justice announced today that seized a cryptocurrency wallet used by DarkSide ransomware that contained the ransom payment from Colonial Pipeline.

     

    In an affidavit submitted to the U.S. Court for the Northern District of California, an FBI agent states that law enforcement gained control of a private key belonging to a DarkSide Bitcoin wallet holding the Colonial Pipeline ransom payment.

     

    Having access to a cryptocurrency wallet's private key allows for full access to the wallet, and the funds contained within it.

     

    Using this key, the FBI recovered 63.7 Bitcoins of the approximately 75 Bitcoin payment sent by Colonial Pipeline.

     

    This aligns with the DarkSide admin's statement that they lost access to funds in one of their cryptocurrency wallets after the attack.

     

    This recovery may be the first time the US government has publicly stated that they have recovered a ransom payment paid to a ransomware operation.

     

     

    US recovers most of Colonial Pipeline's $4.4M ransomware payment


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...