Deputy Attorney General Lisa Monaco discusses colonial pipeline bitcoin


Feds seize most of Bitcoin paid out over Colonial Pipeline hack

The funds had been paid out by Colonial Pipeline after the company was targeted last month.


Mikael Thalen


Published Jun 7, 2021   Updated Jun 8, 2021, 10:24 am CDT

The U.S. Justice Department (DOJ) announced on Monday the seizure of millions of dollars in Bitcoin paid out by Colonial Pipeline to the DarkSide ransomware group.

Featured Video Hide

Deputy Attorney General Lisa Monaco stated during a press conference that investigators were able to recapture a majority of the funds paid out by the company after it temporarily suspended its operations last month in response to the attack.

Advertisement Hide

“Earlier today, the Department of Justice has found and recaptured the majority of the ransom Colonial paid to the DarkSide network in the wake of last month’s ransomware attack,” Monaco said. “Ransomware attacks are always unacceptable—but when they target critical infrastructure, we will spare no effort in our response.”

Court documents related to the matter indicate that federal investigators secured 63.7 Bitcoin, valued at around $2.3 million, of the 75 Bitcoin paid by Colonial Pipeline after locating DarkSide’s cryptocurrency wallet.

The wallet was reportedly hosted on infrastructure based in California, which allowed investigators to obtain a warrant to seize the server. The FBI was able to access the actual funds after securing DarkSide’s private key.

“Today, we turned the tables on DarkSide,” Monaco added. “By going after the entire ecosystem that fuels ransomware and digital extortion attacks, including criminal proceeds in the form of digital currency, we will continue to use all of our tools, and all of our resources to increase the cost and the consequences of ransomware attacks and other cyber-enabled attacks.”

Investigators say they have identified 90 separate victims as part of an ongoing investigation into the Russia-based cybercriminal group

Advertisement Hide

The seizure comes just weeks after the DOJ launched a new ransomware task force aimed at cracking down on the cybersecurity threat.

Share this article
*First Published: Jun 7, 2021, 4:10 pm CDT