US investigators have gotten back millions in crypto-currency that was paid to hackers involved in the East Coast pipeline hack, the DOJ announced on Monday.
The announcement confirms past reports of an FBI-led effort, in partnership with Colonial Pipeline, the company that was hit by the ransomware hack.
The DOJ said it seized around $2.3 million of Bitcoin sent to people in a hacking group called DarkSide. The FBI said it was investigating the group, which is reported to have shared its tools with other hackers.
The recovery, which is the first seizure done by the newly created digital extortion taskforce, is a rare ending for cyberattacks in increasing ransomware crime.
Joseph Blount, Colonial Pipeline’s CEO, reported to the WSJ that his company went along with the $4.4 million ransom due to not knowing how long it would take to bring back their operations.
But the company was taking early steps to inform the FBI and followed their instructions that aided investigators to track the payment to a wallet used by the criminal group.
“Following the money is the most powerful tool we have,” Deputy A.G. Lisa Monaco stated on Monday during the announcement, which came after reports of the recovery operation.
“Ransom payments are the foundation of these extortion criminals, and our announcement today shows that we will use every tool to make these attacks less profitable for criminal groups.”
“These criminals will never get this money,” US Attorney Stephanie Hinds stated at the press conference. “New technologies to anonymize payments will not hide criminals and allow them to steal from America.”
Blount also gave a comment after the DOJ announcement.
“When Colonial was hit on May 7, we quickly got in touch with FBI field offices and prosecutors to share with them what we understood at the time. The DOJ and FBI were crucial for helping us to understand the threat and their techniques. Their efforts to keep these criminals accountable and achieve justice are commendable,” Blount said.
Author: Steven Sinclaire