The Los Angeles Post

Cryptocurrency recovered from Colonial deal

by ·

U.S. investigators have recovered millions of dollars in cryptocurrency that Colonial Pipeline paid hackers last month to end a ransomware attack on its systems.

Deputy Attorney General Lisa Monaco announced Monday afternoon that the Department of Justice “found and recaptured the majority of the ransom” paid to the DarkSide network, the group responsible for the attack.

Paul Abbate, the deputy director of the FBI, said the bureau successfully seized the ransom funds from a bitcoin wallet that DarkSide used to collect Colonial Pipeline’s payment.

Monaco, however, would not reveal how much money was taken from the account.

Colonial Pipeline, a network that provides around 45 percent of the East Coast’s fuel, was the target of a crippling cyberattack last month that forced it to shut down operations for several days.

Joseph Blount, the company’s CEO, later revealed in an interview with The Wall Street Journal that he authorized the company to pay the cyber criminals behind the attack the equivalent of $4.4 million in bitcoin on the day of the breach in exchange for the keys to decrypt the network.

The FBI recommends against paying the ransom, as it may encourage the hackers to go after another group, and the payment may be used for criminal operations. The Biden administration has reiterated this stance in recent weeks.