The Federal Bureau of Investigation (FBI) has retrieved 63.7 bitcoine valued at approximately $2.3 million paid as ransom to a group of hackers known as DarkSide.
Recall that the group in May had hacked colonial pipeline, disrupting gasoline supplies across the southeastern U.S.
According to the Justice Department, the funds were said to have been proceeds of a May 8 ransom payment made by Colonial Pipeline, the largest pipeline system for refined oil products in the U.S.
The statement added that the seizure warrant was authorised earlier today by Laurel Beeler, U.S. magistrate judge for the Northern District of California.
“Following the money remains one of the most basic, yet powerful tools we have,” Lisa O. Monaco, deputy attorney general for the U.S. Department of Justice, said.
“Ransom payments are the fuel that propels the digital extortion engine, and today’s announcement demonstrates that the United States will use all available tools to make these attacks more costly and less profitable for criminal enterprises. We will continue to target the entire ransomware ecosystem to disrupt and deter these attacks. Today’s announcements also demonstrate the value of early notification to law enforcement; we thank Colonial Pipeline for quickly notifying the FBI when they learned that they were targeted by DarkSide.
Paul Abbate, FBI deputy director, said there is no place beyond the FBI’s reach to conceal illicit fund.
“There is no place beyond the reach of the FBI to conceal illicit funds that will prevent us from imposing risk and consequences upon malicious cyber actors,” he said.
“We will continue to use all of our available resources and leverage our domestic and international partnerships to disrupt ransomware attacks and protect our private sector partners and the American public.
“Cybercriminals are employing ever more elaborate schemes to convert technology into tools of digital extortion,” said Stephanie Hinds, acting U.S. attorney for the Northern District of California.
“We need to continue improving the cyber resiliency of our critical infrastructure across the nation, including in the Northern District of California. We will also continue developing advanced methods to improve our ability to track and recover digital ransom payments.”
The Justice Department said the Colonial Pipeline reported the ransomware attack to the FBI and the payment of the ransom, amounting to approximately 75 bitcoins.
“As alleged in the supporting affidavit, by reviewing the Bitcoin public ledger, law enforcement was able to track multiple transfers of bitcoin and identify that approximately 63.7 bitcoins, representing the proceeds of the victim’s ransom payment, had been transferred to a specific address, for which the FBI has the “private key,” or the rough equivalent of a password needed to access assets accessible from the specific Bitcoin address.
“This bitcoin represents proceeds traceable to a computer intrusion and property involved in money laundering and may be seized pursuant to criminal and civil forfeiture statutes.”
Ransomware, malicious software, has become a rising threat in digital extortion. Apart from facing viruses, worms, spyware, phishing, Ransomware threatens to publish victims’ data or perpetually block access to the data until a ransom is paid, usually in cryptocurrency.