US official says 'majority' of bitcoin paid by Colonial Pipeline after ransomware attack has been recovered


The U.S. Department of Justice said Monday that they have recovered "a majority" of the bitcoin funds paid after a ransomware attack against an American pipeline operator.

Colonial Pipeline was hit by the ransomware attack in early May, triggering a temporary shutdown and an East Coast gas shortage across U.S. states in that region. It was later confirmed that Colonial paid 75 BTC, or about $5 million at then-current prices. Some of those funds were later sent to crypto exchanges as well as the dark web market Hydra for cash-outs.

On Monday, deputy U.S. attorney general Lisa Monaco said that an operation was conducted Monday to recover some of the funds, amounting to 63.7 BTC, an amount worth approximately $2.26 million. Monaco characterized the amount as "a majority." The operation was conducted by a task force dedicated to digital extortion and ransomware established in April. 

"After Colonial Pipeline’s quick notification to law enforcement, and pursuant to a seizure warrant issued by the United States District Court for the Northern District of California earlier today, the Department of Justice has found and recaptured the majority of the ransom Colonial paid to the Dark Side Network in the wake of last month’s ransomware attack," Monaco said during a press conference.

According to a partially redacted court affidavit, the FBI traced transactions on the bitcoin blockchain following the payment by Colonial Pipeline through May 27, when some 63.7 BTC sent to one particular address, called the Subject Address in the document. The FBI has taken possession of the private key for this address, but the process by which it did so is unclear.

U.S. officials, including those in the Biden White House, have become increasingly vocal about ransomware — and cryptocurrency — in recent days. Earlier this month, a White House press official identified "expanding cryptocurrency analysis" as part of a broader focus on ransomware.

On Monday, National Security Advisor Jake Sullivan said the topic would be up for discussion during an upcoming G7 meeting.

In her remarks, Monaco issued a warning to U.S. companies about the threat to their operations.

"Pay attention now. Invest the resources now. Failure to do so could be the difference between being secure now or a victim later," Monaco said.

This is a developing story and more details will be added as information is obtained.

Gov.uscourts.cand.379840.1.0 by MichaelPatrickMcSweeney on Scribd

For more breaking stories like this, make sure to subscribe to The Block on Telegram.

Trending Stories

Get Your Crypto
Daily Brief

Delivered daily, straight to your inbox.

Will Sanctions Drive Russia into the Arms of Cryptocurrencies?

From the removal of many Russian banks from SWIFT to a seemingly constant flow of new sanctions, Russia’s invasion of Ukraine has left many to wonder: Is the country likely to lurch towards cryptocurrencies? And if so, what does this mean for businesses that are holding and/or using crypto? Crypto and sanctions evasion Although crypto […]
Read Full Story
Sponsored Post

Layer-2 Scaling Solutions: A Framework for Comparison - Commissioned by Polygon

Ethereum had a breakout year in 2021. It’s native asset, ETH’s, market capitalization surpassed $500 billion for the first time. Its network facilitated upwards of $7 trillion value transfer. Non-fungible tokens (NFTs) emerged as another “killer application” that have put its technology on the global stage and caught the attention of the masses.
Read Full Story
May 5, 2022, 3:17PM UTC