Connect with us

Hi, what are you looking for?


Justice Dept. Recovers Most of Colonial Pipeline Ransom

The Justice Department said on Monday that it had recovered much of the ransom paid to hackers last month who shut down the computer systems of Colonial Pipeline, a critical pipeline operator.

Colonial had paid a ransom worth roughly $4.4 million in Bitcoin to the Russian hacking group DarkSide after it used ransomware, a form of malicious software, to hold up the company’s business networks in May. That payment cleared the way for Colonial to resume pumping fuel through its pipeline, which stretches from Texas to New Jersey and accounts for nearly half of all transport fuels that flow up the East Coast.

The seizure on Monday marked a first-of-its-kind effort by a new Justice Department task force to hijack a cybercriminal group’s profits through a hack of its Bitcoin wallet. The Justice Department said that it had seized 63.7 Bitcoins, currently valued at about $2.3 million. (The value of a Bitcoin has dropped over the past month.)

“Earlier today, the Department of Justice has found and recaptured the majority of the ransom Colonial paid to the DarkSide network,” the deputy attorney general, Lisa O. Monaco, said at a news conference Monday.

“Using technology to hold businesses, and even whole cities, hostage for profit is decidedly a 21st-century challenge, but the old adage, ‘follow the money,’ still applies,” Ms. Monaco said.

Officials said that they identified a virtual currency account, often referred to as a “wallet,” that DarkSide had use to collect payment from one of its ransomware victims, and that a magistrate judge in the Northern District of California had granted a warrant to seize funds from the wallet earlier in the day.

The New York Times had earlier reported that Colonial Payment’s ransom payout — as well as that of a German company, Brenntag — had been removed from DarkSide’s Bitcoin wallet, though it was not clear who had orchestrated the move.

Colonial shut down its pipeline in response to the cyberattack, which included hackers threatening to release the company’s data to the public, setting off panic buying and a fuel shortage that sent gas prices soaring and forced airlines to make extra fuel stops.

Weeks after DarkSide attacked Colonial, hackers associated with a Russian hacking group called Revil, used ransomware in an attempt to extort money from JBS, the world’s largest meat processor. The attack forced JBS to shutter nine U.S. beef plants and disrupted poultry and pork plants. Cybersecurity researchers said that DarkSide is an offshoot of Revil.

The back-to-back attacks showed that hackers who once focused on stealing corporate secrets have begun to disrupt critical infrastructure. And the episodes raised questions about whether U.S. corporations could protect themselves against cyberthreats.

The White House held emergency meetings to address the attack, which led the Biden administration to make a series of announcements related to cyberattacks and ransomware.

Source link

Leave your vote



You May Also Like


Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae.


Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.


Quis autem vel eum iure reprehenderit qui in ea voluptate velit esse quam nihil molestiae consequatur, vel illum qui dolorem eum.


Neque porro quisquam est, qui dolorem ipsum quia dolor sit amet, consectetur, adipisci velit, sed quia non numquam eius modi tempora.

Log In

Forgot password?

Forgot password?

Enter your account data and we will send you a link to reset your password.

Your password reset link appears to be invalid or expired.

Log in

Privacy Policy

Add to Collection

No Collections

Here you'll find all collections you've created before.