The United States Department of Justice said that it recovered over $2 million worth of bitcoin, which was the majority of the ransom paid by the U.S. oil pipeline giant Colonial Pipeline to cybercriminal group DarkSide.
DoJ Recovers 63.7 BTC
The DoJ made the announcement in a press release on Monday (June 7, 2021). According to it, the department retrieved 63.7 bitcoins, worth $2.1 million, at the time. The operation was undertaken by the Ransomware and Digital Extortion Task Force, a unit created by the Justice Department in April to combat ransomware attacks.
Back in May, Colonial Pipeline suffered a ransomware attack from a criminal hacking group known as DarkSide, thereby crippling the company’s operations. Colonial Pipeline halted operations for almost a week due to the attack, causing general panic and shortages at gas stations.
The company paid a ransom of 75 bitcoins, worth $4.4 million at the time. Although Colonial Pipeline complied with the ransom demand, the company did not waste time in informing law enforcement about the attack. Meanwhile, the FBI was able to trace the transfer of about 63.7 BTC to a particular wallet address, with the law enforcement agent having the private key for the address.
In the DoJ’s announcement, Lisa Monaco, the U.S. Deputy Attorney General, said the Justice Department was committed to bringing down ransomware attack groups. According to Monaco:
“We will continue to target the entire ransomware ecosystem to disrupt and deter these attacks. Today’s announcements also demonstrate the value of early notification to law enforcement; we thank Colonial Pipeline for quickly notifying the FBI when they learned that they were targeted by DarkSide.”
As previously reported by CryptoPotato in May, Colonial Pipeline was not DarkSide’s first victim to make ransom payments. The cybercriminal group, according to blockchain security company Elliptic, received $90 million in payments from over 40 victims.
U.S. Government Keen on Ending Ransomware Attacks
Meanwhile, there has been a growing attack on the United States.-based companies by ransomware hackers in 2021 alone. In February, the U.S. branch of the major car manufacturer, KIA Motors, was attacked, with the hackers threatening to raise their demand to 600 BTC if the company failed to pay within the specified timeframe.
The Steamship Authority of Massachusetts and JBS, the world’s largest meat processor, was also affected by ransomware attacks. The latter suspended cattle slaughter across its U.S. plants but later resumed operations.
In response to these attacks, the U.S. government is planning to track cryptocurrency transactions in a bid to prevent further ransomware attacks. Two U.S. senators also called for increased regulation and tracing of cryptocurrencies.
Indeed, cybercriminals demanding bitcoin payment as ransom fuels critics’ negative opinions about bitcoin and other crypto-assets. While there seems to be a rise in the use of crypto for ransom payment, cash still remains a top choice for hackers and other criminal acts.