US recovers part of ransom after cyber attack on pipeline

The US government managed to recover most of the ransom paid by Colonial Pipeline after a cyber attack on its biofuel pipeline.

Exactly one month after the massive cyber attack that paralyzed a major fuel pipeline on the East Coast of the United States for days, a press conference was held on Monday about the incident. Deputy Justice Minister Lisa Monaco said the department “found and recovered most of the ransom”. It relates to 63.7 bitcoins, or 1.7 million euros.

Colonial Pipeline paid DarkSide, which was behind the cyber attack, nearly $5 million (€4.1 million) in ransom. As the cryptocurrency had been selling off for several weeks – and took another hit on Tuesday – those 63.7 bitcoins were much more valuable at the time of the hack.

5

Million dollars

Colonial Pipeline paid the Darkside hacking group nearly $5 million (4.1 million euros) in ransom.

The FBI obtained bitcoins again, after the detective agency was able to obtain the private key — the password, so to speak — of a bitcoin wallet. It was not disclosed how this works. “New technology that seeks to anonymize payments should not act as a screen behind which criminals can empty the pockets of hard-working Americans,” the statement said.

A meeting between Biden and Putin

US President Joe Biden wants to question Russian President Vladimir Putin about the incident at their meeting next week in Geneva. DarkSide is known as a Russian group that markets itself as a group of Robin Hoods who steal from the rich and share with the poor. It does this using ransomware, which is malicious software that encrypts and cripple networks in order to extort money.

While there are no direct links between the Kremlin and Darkside, Biden has previously indicated that Russia has “some responsibility.” It is known that groups such as DarkSide remain untouched in Russia. The embassy in the United States officially replied that “Russia does not conduct any malicious activity in cyberspace.”

Leave a Reply

Your email address will not be published.