DOJ announces recovery of millions paid in ransom to pipeline hackers News
MichaelWuensch / Pixabay
DOJ announces recovery of millions paid in ransom to pipeline hackers

The US Department of Justice (DOJ) announced Monday that it seized 63.7 Bitcoins—currently valued at roughly $2.3 million—in ransom payments made to the hacking group Darkside, following the targeted cyberattack on the Colonial Pipeline in May.

According to an anonymous FBI agent’s affidavit, law enforcement tracked several transfers of Bitcoin and ultimately found that 63.7 of the Bitcoins paid by Colonial had been transferred to a single specific address, for which the FBI possessed a “private key” (the Bitcoin address equivalent of a password). Though not the entirety of the ransom paid to Darkside, the DOJ maintains that the 63.7 Bitcoins “represent proceeds traceable to a computer intrusion and property involved in money laundering and may be seized pursuant to criminal and civil forfeiture statutes.”

“Following the money remains one of the most basic, yet powerful tools we have,” said DOJ Deputy Attorney General Lisa Monaco in a press release.

Ransom payments are the fuel that propels the digital extortion engine, and today’s announcement demonstrates that the United States will use all available tools to make these attacks more costly and less profitable for criminal enterprises. We will continue to target the entire ransomware ecosystem to disrupt and deter these attacks.

The Georgia-based Colonial Pipeline ransomware attack resulted in widespread network disruptions, causing gas shortages and panic buying across the US. The FBI confirmed the attack was successful in stealing confidential data from the pipeline’s computer system. Within the week, the New York Times reported that Colonial had paid DarkSide “roughly 75 Bitcoin—or nearly $5 million—to recover its stolen data.”

Following the attack, US President Joe Biden signed an executive order seeking to improve the nation’s cybersecurity and protect federal government networks. Additionally, Monaco sent all federal prosecutors a four-page memo regarding ransomware and digital extortion cases, emphasizing that “[DOJ’s] efforts in combatting digital extortion are focused, coordinated, and appropriately resourced.”