FBI Colonial Pipeline Ransom Recovery

FBI Agent Recovers Private Key to $2.3M in Bitcoin Ransom Paid to Colonial Pipeline Hackers

The Deputy Attorney General, US Justice Department, Lisa Monaco reported the U.S. law enforcement agency, FBI recovered the private keys of the recent Colonial Pipeline ransom. She revealed through a news conference that the agency recaptured the majority, $2.3M of ransom Colonial paid to Darkside network.

Recall that the company was reportedly shut down as of May 7 to avoid further attacks and was announced it paid Darkside hackers 63.7 bitcoin, valued at approximately $5m.

The Deputy Attorney General, Lisa Monaco made some revelations as to how the ransom was seized. She said, the Department of Justice on Monday, 7 has found and recaptured the majority of the ransom Colonial paid to the Darkside network in the wake of last month’s ransomware attack. Ransomware attacks are always unacceptable— but when they target critical infrastructure, we will spare no effort in our response,” she added.

Read more here

How Darkside network ransom was recovered. 

In her report, Monaco explained that the federal agents have flipped the script on the notorious hacker gang.

 “Today, we turned the tables on Darkside,” Monaco insisted. “By going after the entire ecosystem that fuels ransomware and digital extortion attacks, including criminal proceeds in the form of digital currency, we will continue to use all of our tools, and all of our resources to increase the cost and the consequences of ransomware attacks and other cyber-enabled attacks.” An FBI agent through an affidavit filed on June 7, 2021 said: “The private key for the Subject Address is in the possession of the FBI in the Northern District of California.” As a huge success story, there are several reports and reactions across the community discussing the seizure. according to William Callahan, the director of Government and Strategic Affairs at Blockchain Intelligence Group (CSE: BIGG) wrote to Bitcoin.com News about the FBI’s seizure: “From the moment the FBI received the intelligence that an illicit actor was threatening to shut down the Colonial Pipeline, a direct threat to our national security, and affecting millions of people along the east coast, teams of federal agents, intelligence analysts, and prosecutors from the Departments of Justice, Homeland Security and other branches of government focused on the basics techniques criminal investigators do in all financial-related crimes, ‘follow the money.’ While these are basic techniques, cryptocurrency investigations training and analysis requires advanced tools and learning.”

Blockchain Intelligence Group visualization of the Darkside wallet

Through the visualization of the Darkside wallet, the Blockchain Intelligence Group said: “With the case of Colonial, investigators ‘followed the coin,’ by exploiting data contained on the Bitcoin blockchain, a public ledger,” the Blockchain Intelligence Group investigator Callahan added. “Investigators and analysts conduct surveillance by utilizing software to track and trace the flow of the bitcoin to conduct real-time surveillance of [transactions]. This type of software, together with traditional investigative techniques and working with our foreign law enforcement counterparts is necessary to disrupt and dismantle these ransomware gangs.”