US recovers much of $4m ransom paid to pipeline hackers | #cybersecurity | #cyberattack

WASHINGTON: The US justice department said on Monday that it had seized much of the ransom that a major US pipeline operator had paid last month to a Russian hacking collective, turning the tables on the hackers by reaching into a digital wallet to snatch back millions of dollars in cryptocurrency. Investigators in recent weeks traced 75 bitcoins worth more than $4 million that Colonial Pipeline had paid to the hackers as the attack shut down its computer systems, prompting fuel shortages, a spike in gasoline prices and chaos at airlines.
Federal investigators tracked the ransom as it moved through a maze of at least 23 different electronic accounts belonging to DarkSide, the hacking group, before landing in one that a federal judge allowed them to break into, according to officials. The justice department said it seized 63.7 bitcoins, valued at about $2.3 million. “The sophisticated use of technology to hold businesses and even whole cities hostage for profit is decidedly a 21st-century challenge, but the old adage ‘follow the money’ still applies,” Lisa Monaco, deputy attorney general, said.
Law enforcement officials highlighted the seizure in an effort to warn cybercriminals that the US planned to take aim at their profits, which are often gained through cryptocurrencies like Bitcoin. It was also intended to encourage victims of ransomware attacks — which occur every eight minutes, on average — to notify authorities to help recover ransoms. Officials said that Colonial’s willingness to quickly loop in the FBI helped recoup the ransom portion, and they credited the company for its role in a first-of-itskind effort by a new ransomware task force in the department to hijack a cybercrime group’s profits. NYT

Original Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

twenty seven − twenty five =