Connect with us

Hi, what are you looking for?

Cyber Security

Colonial Pipeline cyber-attack: US authorities seize $2.3m in DarkSide ransomware payments

The US Department of Justice (DoJ) has seized more than $2.3 million in bitcoin that was allegedly destined to line the pockets of those behind the Colonial Pipeline ransomware attack.

The funds are said to represent a “significant portion” of the proceeds of a ransom payment to those in the ‘DarkSide’ cybercrime group who targeted Colonial Pipeline in May, resulting in critical US infrastructure being temporarily taken out of operation.

Feds-in-the-Middle

After its corporate IT network was compromised in early May, Colonial Pipeline informed the FBI it had paid a ransom demand of approximately 75 bitcoin ($4.3 million), according to a DoJ news release issued yesterday (June 9).

As alleged in a supporting affidavit (PDF), after reviewing the bitcoin public ledger, law enforcement was able to track multiple transfers and “identify that approximately 63.7 bitcoins had been transferred to a specific address”.

“This bitcoin represents proceeds traceable to a computer intrusion and property involved in money laundering and may be seized pursuant to criminal and civil forfeiture statutes,” the DoJ said.

The FBI was able to extract the funds after obtaining the private key associated with the primary DarkSide bitcoin address.

“Despite the extraordinary lengths the criminals took to cover the digital tracks of their ill-gotten gains, FBI San Francisco’s investigative team was relentless and used all technical means to make this seizure,” said FBI special agent, Craig Fair.

“Hackers and other cybercriminals simply cannot rely on cryptocurrency to evade the reaches of law enforcement.”

Bowing to demands

Spanning nearly 9,000km between Texas and New York, the Colonial Pipeline is the largest pipeline system for refined oil products in the US. It has the capacity to carry up to 3 million barrels a day between Texas and New York.

In the days following the ransomware attack, unconfirmed reports were circulating that Colonial Pipeline had paid up to $5 million in order to regain access to its systems.

The news sparked yet more warnings from both security analysts and the FBI against the payment of ransoms by victim organizations or individuals, for fear of creating a ‘cybercrime feedback loop’.

Akin to the prevailing policies that many nations take against refusing to negotiate with those involved in carrying out maritime kidnappings, proponents of the non-payment of ransomware demands say this is the only way to ensure these types of cyber-attacks will cease.

Source: https://portswigger.net/daily-swig/colonial-pipeline-cyber-attack-us-authorities-seize-2-3m-in-darkside-ransomware-payments

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

The cybercrime group evaded remediation efforts by installing persistent backdoors and deploying “new and novel malware.” A Chinese-linked hacking group that security researchers say...

Cyber Security

Media and frequent innovative releases aggressively fuel the rapid industry rise of generative AI (Artificial Intelligence) ChatGPT.  But, besides its innovative part, cybercriminals have...

Cyber Security

The administration and its private sector partners announced a slate of new initiatives on Monday aimed at protecting the nation’s school systems and their...

Cyber Security

The Colorado Department of Higher Education (CDHE) discloses a massive data breach impacting students, past students, and teachers after suffering a ransomware attack in...

Copyright © 2023 Newsworthy News | Global | Political | Local | All News | Website By: Top Search SEO