The Department of Justice (DOJ) has managed to recover part of the ransom paid to the criminal hacking group believed to be responsible for the attack on the Colonial Pipeline, which disrupted a major supply of fuel to the East Coast for roughly a week in May.
Deputy Attorney General Lisa O. Monaco announced on June 7 that the DOJ, through its new Ransomware and Digital Extortion Task Force, was able to recover about 64 of the 75 bitcoins paid to the attackers by “following the money” — even though the money was in difficult-to-trace cryptocurrency. Once it knew the address of the hackers’ wallet, it was able to get a court order to seize the funds in it. The FBI apparently had the digital key needed to open the wallet. How it got that access has not been made public. The seizure is a rare example of ransomware payments being recovered.
The attack has been attributed to DarkSide, a criminal hacker group based in Eastern Europe. The pipeline, which supplies about half of the East Coast’s gasoline, went down for several days, causing gas panic-buying, shortages, and price spikes in some states. It appears to be the largest ever cyberattack on an American energy system and yet another example of cybersecurity vulnerabilities that President Joe Biden has promised to address. read the rest here