Special Report: Feds Step Up Ransomware Fight by Seizing DarkSide Hackers' Bitcoin

FBI seized $2.2 million in bitcoin allegedly paid by Colonial Pipeline, DoJ plans to follow the money to undermine further ransomware, How the FBI seized attackers' wallet is an intentional mystery

Check out my CSO column from this morning for some theories on how the FBI might have gained access to the private key of the DarkSide gang’s wallet.

The U.S. Justice Department yesterday took a swing at ransomware attackers by seizing nearly 65 bitcoins worth around $2.3 million from a DarkSide gang cryptocurrency wallet allegedly containing some portion of the $4.4 million in ransom paid by the Colonial Pipeline company following its early May ransomware attack.

The somewhat mysterious seizure of the wallet came about with the cooperation of Colonial Pipeline in what the Justice Department called “following the money” to deprive ransomware attackers of their financial rewards. Deputy Attorney General Lisa Monaco said that “today’s announcements also demonstrate the value of early notification to law enforcement; we thank Colonial Pipeline for quickly notifying the FBI when they learned that they were targeted by DarkSide.”

It’s not clear how the FBI, which seized the wallet under a seizure warrant granted by the U.S. District Court for the Northern District of California, was able to identify the wallet as belonging to the attackers. However, the warrant application stated that the FBI has possession of the wallet’s private key.

However the FBI obtained the wallet key, it’s clear that the feds’ ability to trace the payment transaction could give future attackers pause before they launch any other major ransomware attacks.

Related: TelegraphWiredAl Jazeera EnglishWashington PostSlashdotStartups News | Tech NewsDark Reading: Attacks/BreachesNew York PostReddit - cybersecurityWashington ExaminerNew York PostJD Supra, New York TimesCBSNews.comStartups News | Tech NewsBusiness InsiderDaily MaverickThe AgeReutersNews : NPRJustice.govABC News: U.S.BBC News - HomeNews.comLawfareCNN.com - PoliticsWA TodayAOLAP Top NewsThe IndependentCapital GazetteZDNet SecurityCyberscoopReuters: World NewsBleeping ComputerLaw & Disorder – Ars Technicarthk.hk World NewsThe SunKrebs on SecurityRaw Story, Bitcoin NewsSC MagazineSlashGearPYMNTS.comSlashdotisssource.comMediaiteCRNSouth China Morning PostAxiosMercury NewsCBSNews.comThreatpost, Engadget, FCWFBIThe Hill: CybersecurityJapan Today, Fox BusinessCNET News, UPI.comBloomberg, France 24BBC News - WorldReddit - cybersecurityABC News: U.S.CNNThe Record by Recorded FutureReddit - cybersecurityCBSNews.com, Technology News | Boston.com, PerthNowABC News: U.S.Chicago Sun-Times - AllFinancial Times Technology,  DecryptCourthouse News ServicePOLITICODeutsche WelleHotHardware.comWashington ExaminerRT USADaily DotDataBreaches.netFinancial Times Technology, The GuardianSecurityWeekTribLIVE Today's StoriesPerthNowSky NewsReddit - cybersecurityBloombergMarketwatchTech XploreBBC News - WorldABC.net.auNew York TimesGizmodo,  CNBC Technology

André Gustavo Stumpf from Brasil, CC BY 2.0 via Wikimedia Commons