The Department of Justice (DoJ) has recovered the ransom in Bitcoins that Colonial Pipeline paid to the DarkSide ransomware operation. However, the amount recuperated is roughly half of what the company initially coughed up to bring its operations back online.
A U.S. FBI agent confirmed to the DoJ that the agency has successfully seized control of a hardware wallet. The wallet belonged to the DarkSide ransomware operation. The wallet contained the majority of Bitcoins that Colonial Pipeline paid to secure a decryption key.
U.S. forces DarkSide Ransomware group to shut down their operation while FBI goes after cryptocurrencies paid as ransom:
The DarkSide Ransomware went after one of the most important companies in the United States. As expected, it is now on the run from the law. Earlier this month, the creators of the ransomware successfully crippled Colonial Pipeline, forcing them to shut down their fuel pipeline operation.
BREAKING: Justice Department announces it has recovered a majority of ransom paid to DarkSide hacker group in Colonial Pipeline hack.
"Ransomware attacks are always unacceptable, but when they target critical infrastructure, we will spare no effort in our response." pic.twitter.com/PYopINvk3J
— MSNBC (@MSNBC) June 7, 2021
Colonial Pipeline paid a $4.4 million ransom to the DarkSide ransomware operation. In return, the gang sent a decryption key. The company used the decryption key to quickly bring their systems back online.
Sensing the increasing danger to critical, national infrastructure, including utilities, transportation, healthcare, etc. the U.S. law enforcement has begun hunting down and shutting operations of ransomware creators.
Using open source tools I was able to work out how the FBI recovered funds from Darkside pic.twitter.com/bu2MkN7KIV
— Keith Jarvis (@atlantajerk) June 7, 2021
Faced with increased scrutiny by the US government and law enforcement, the DarkSide ransomware gang reportedly shut down its operation. In addition to shutting down their operations, the FBI also claims it recovered a hardware wallet that contained the ransom that Colonial Pipeline paid to the DarkSide gang.
The U.S. DoJ recovered only a portion of the ransom payment that Colonial Pipeline paid:
In a press conference, the US Department of Justice announced that the FBI had seized a cryptocurrency wallet that DarkSide ransomware used. The wallet contained the ransom payment from Colonial Pipeline.
An FBI agent stated that law enforcement gained control of a private key belonging to a DarkSide wallet holding the Colonial Pipeline ransom payment. Needless to mention, the company had paid the ransom in Bitcoins.
Fantastic-investigators tracked the ransom as it moved through a maze of at least 23 different electronic accounts belonging to DarkSide, the hacking group, before landing in one that a federal judge allowed them to break into, according to law enforcement https://t.co/anJ6zMgwel
— Clint Watts (@selectedwisdom) June 8, 2021
Having physical access to a hardware wallet essentially grants the FBI control over the funds that are within the same. Using the same, the FBI reportedly recovered 63.7 Bitcoins of approximately 75 Bitcoins.
The federal government says it seized by court order $2.3 million of the ransom paid by Colonial Pipeline.
The FBI had the password to the hackers' Bitcoin account, @PeteWilliamsNBC reports.
“Today we turned the tables on DarkSide,” says Deputy Attorney General Lisa Monaco.
— Geoff Bennett (@GeoffRBennett) June 7, 2021
It is interesting to note that although the FBI recovered 63.7 Bitcoins or about 85 percent of the ransom, the agency can recover only $2.26 Million of the $4.4 Million that Colonial Pipeline paid to DarkSide.
Owing to a devasting downward trend in all cryptocurrencies, Bitcoin too lost a lot of value recently. The cryptocurrency is gradually regaining its value. If the FBI doesn’t reconvert the recovered Bitcoin into U.S. dollars, they might be able to regain a lot more in dollar value.