Special Report: Feds Step Up Ransomware Fight by Seizing DarkSide Hackers' Bitcoin
FBI seized $2.2 million in bitcoin allegedly paid by Colonial Pipeline, DoJ plans to follow the money to undermine further ransomware, How the FBI seized attackers' wallet is an intentional mystery
Check out my CSO column from this morning for some theories on how the FBI might have gained access to the private key of the DarkSide gang’s wallet.
The U.S. Justice Department yesterday took a swing at ransomware attackers by seizing nearly 65 bitcoins worth around $2.3 million from a DarkSide gang cryptocurrency wallet allegedly containing some portion of the $4.4 million in ransom paid by the Colonial Pipeline company following its early May ransomware attack.
The somewhat mysterious seizure of the wallet came about with the cooperation of Colonial Pipeline in what the Justice Department called “following the money” to deprive ransomware attackers of their financial rewards. Deputy Attorney General Lisa Monaco said that “today’s announcements also demonstrate the value of early notification to law enforcement; we thank Colonial Pipeline for quickly notifying the FBI when they learned that they were targeted by DarkSide.”
It’s not clear how the FBI, which seized the wallet under a seizure warrant granted by the U.S. District Court for the Northern District of California, was able to identify the wallet as belonging to the attackers. However, the warrant application stated that the FBI has possession of the wallet’s private key.
However the FBI obtained the wallet key, it’s clear that the feds’ ability to trace the payment transaction could give future attackers pause before they launch any other major ransomware attacks.
Related: Telegraph, Wired, Al Jazeera English, Washington Post, Slashdot, Startups News | Tech News, Dark Reading: Attacks/Breaches, New York Post, Reddit - cybersecurity, Washington Examiner, New York Post, JD Supra, New York Times, CBSNews.com, Startups News | Tech News, Business Insider, Daily Maverick, The Age, Reuters, News : NPR, Justice.gov, ABC News: U.S., BBC News - Home, News.com, Lawfare, CNN.com - Politics, WA Today, AOL, AP Top News, The Independent, Capital Gazette, ZDNet Security, Cyberscoop, Reuters: World News, Bleeping Computer, Law & Disorder – Ars Technica, rthk.hk World News, The Sun, Krebs on Security, Raw Story, Bitcoin News, SC Magazine, SlashGear, PYMNTS.com, Slashdot, isssource.com, Mediaite, CRN, South China Morning Post, Axios, Mercury News, CBSNews.com, Threatpost, Engadget, FCW, FBI, The Hill: Cybersecurity, Japan Today, Fox Business, CNET News, UPI.com, Bloomberg, France 24, BBC News - World, Reddit - cybersecurity, ABC News: U.S., CNN, The Record by Recorded Future, Reddit - cybersecurity, CBSNews.com, Technology News | Boston.com, PerthNow, ABC News: U.S., Chicago Sun-Times - All, Financial Times Technology, Decrypt, Courthouse News Service, POLITICO, Deutsche Welle, HotHardware.com, Washington Examiner, RT USA, Daily Dot, DataBreaches.net, Financial Times Technology, The Guardian, SecurityWeek, TribLIVE Today's Stories, PerthNow, Sky News, Reddit - cybersecurity, Bloomberg, Marketwatch, Tech Xplore, BBC News - World, ABC.net.au, New York Times, Gizmodo, CNBC Technology
André Gustavo Stumpf from Brasil, CC BY 2.0 via Wikimedia Commons