Deputy Attorney General Lisa Monaco discusses colonial pipeline bitcoin


Feds seize most of Bitcoin paid out over Colonial Pipeline hack

The funds had been paid out by Colonial Pipeline after the company was targeted last month.


Mikael Thalen


Posted on Jun 7, 2021   Updated on Jun 8, 2021, 10:24 am CDT

The U.S. Justice Department (DOJ) announced on Monday the seizure of millions of dollars in Bitcoin paid out by Colonial Pipeline to the DarkSide ransomware group.

Deputy Attorney General Lisa Monaco stated during a press conference that investigators were able to recapture a majority of the funds paid out by the company after it temporarily suspended its operations last month in response to the attack.

“Earlier today, the Department of Justice has found and recaptured the majority of the ransom Colonial paid to the DarkSide network in the wake of last month’s ransomware attack,” Monaco said. “Ransomware attacks are always unacceptable—but when they target critical infrastructure, we will spare no effort in our response.”

Court documents related to the matter indicate that federal investigators secured 63.7 Bitcoin, valued at around $2.3 million, of the 75 Bitcoin paid by Colonial Pipeline after locating DarkSide’s cryptocurrency wallet.

The wallet was reportedly hosted on infrastructure based in California, which allowed investigators to obtain a warrant to seize the server. The FBI was able to access the actual funds after securing DarkSide’s private key.

“Today, we turned the tables on DarkSide,” Monaco added. “By going after the entire ecosystem that fuels ransomware and digital extortion attacks, including criminal proceeds in the form of digital currency, we will continue to use all of our tools, and all of our resources to increase the cost and the consequences of ransomware attacks and other cyber-enabled attacks.”

Investigators say they have identified 90 separate victims as part of an ongoing investigation into the Russia-based cybercriminal group

The seizure comes just weeks after the DOJ launched a new ransomware task force aimed at cracking down on the cybersecurity threat.

Read more of the Daily Dot’s tech and politics coverage

Nevada’s GOP secretary of state candidate follows QAnon, neo-Nazi accounts on Gab, Telegram
Court filing in Bored Apes lawsuit revives claims founders built NFT empire on Nazi ideology
EXCLUSIVE: ‘Say hi to the Donald for us’: Florida police briefed armed right-wing group before they went to Jan. 6 protest
Inside the Proud Boys’ ties to ghost gun sales
‘Judas’: Gab users are furious its founder handed over data to the FBI without a subpoena
EXCLUSIVE: Anti-vax dating site that let people advertise ‘mRNA FREE’ semen left all its user data exposed
Sign up to receive the Daily Dot’s Internet Insider newsletter for urgent news from the frontline of online.
Share this article
*First Published: Jun 7, 2021, 4:10 pm CDT