Money signs in a pipe.

Ververidis Vasilis/Shutterstock (Licensed)

Colonial Pipeline pays $5 million to ransomware gang, report

The company reportedly sent 'DarkSide' a cryptocurrency payment hours after being infected.


Mikael Thalen


Posted on May 13, 2021   Updated on May 13, 2021, 12:35 pm CDT

Colonial Pipeline reportedly paid nearly $5 million to a cybercriminal gang on Friday after the company’s systems were targeted with ransomware.

Despite initial claims that the company did not intend to pay, Bloomberg reported on Thursday that Colonial Pipeline agreed to the extortion fee in an effort to restore its services.

The company, which operates a pipeline that transports close to half of the East Coast’s fuel, is said to have transferred the DarkSide ransomware gang millions of dollars in cryptocurrency just hours after being infected.

After receiving the payment, DarkSide provided Colonial Pipeline with a decryption tool designed to give the company access back to its own files. Yet the tool reportedly worked so slowly that the company ultimately ended up relying more on its own server backups.

Colonial Pipeline, which intentionally halted its services in an effort to contain the ransomware’s spread, has since stated that it believes it will return to full operating capacity by the end of Thursday.

The incident is largely unsurprising to some, including the author of a 2018 audit of Colonial Pipeline’s network who argued that “an eighth-grader could have hacked into that system.”

Concerns over the ransomware incident led to panic buying at gas stations across the East Coast, leading to fuel shortages as a result.

DarkSide, a suspected Eastern European group which has only been active for around six months, is believed to have generated more than $30 million so far through its extortion efforts.

Although the FBI currently recommends that targets of such hacks not pay, reports suggest that funds received by ransomware groups continue to increase. In 2020 alone, victims are believed to have paid over $350 million in cryptocurrency in total after being targeted by ransomware.

In the wake of the pipeline incident, President Joe Biden on Wednesday announced a new executive order aimed at strengthening the country’s digital defenses.

Read more of the Daily Dot’s tech and politics coverage

Nevada’s GOP secretary of state candidate follows QAnon, neo-Nazi accounts on Gab, Telegram
Court filing in Bored Apes lawsuit revives claims founders built NFT empire on Nazi ideology
EXCLUSIVE: ‘Say hi to the Donald for us’: Florida police briefed armed right-wing group before they went to Jan. 6 protest
Inside the Proud Boys’ ties to ghost gun sales
‘Judas’: Gab users are furious its founder handed over data to the FBI without a subpoena
EXCLUSIVE: Anti-vax dating site that let people advertise ‘mRNA FREE’ semen left all its user data exposed
Sign up to receive the Daily Dot’s Internet Insider newsletter for urgent news from the frontline of online.
Share this article
*First Published: May 13, 2021, 12:13 pm CDT