US government officials have seized more than $ 2 million worth of cryptocurrencies that were used to pay ransom money after an attack on the Colonial Pipeline system.
At a press conference on Monday, the deputy attorney general did Lisa Monaco said the task force “found and recovered” millions of dollars in Bitcoin (BTC) related to the Russian hacker group DarkSide. most of the $ 4.4 million originally paid. The Justice Department later clarified that authorities had recovered $ 2.3 million in cryptocurrencies.
Monaco said the action was the first major operation as part of the task force’s mission to investigate, disrupt and prosecute ransomware attacks:
“Today we managed to reverse the situation with DarkSide […] By tracking the entire ecosystem that powers ransomware and digital extortion attacks, including criminal proceeds in the form of digital currency, we will continue to leverage all the tools and resources in our power to increase the costs and consequences of ransomware attacks.
DarkSide’s attack on the main pipeline last month resulted in fuel shortages for many people in the United States. Monaco said the company was quick to alert authorities of the issue and the ransom demand, which led to the engagement of the task force.
Speaking at the same press conference, the FBI Deputy Assistant Director, Paul Abatte said authorities seized funds from a BTC wallet that was used to pay the ransom for the cyber attack. However, at the time of this writing, it is not clear what method will be used to restore the cryptocurrencies. A CNN report said officials may have identified DarkSide as the culprit and used its network to track funds shortly after the attack, but that method has had mixed success with ransomware groups.