US recovers millions in cryptocurrency paid to Colonial Pipeline ransomware hackers
Source: CNN
Washington (CNN)US investigators have recovered millions of dollars in cryptocurrency paid in ransom to hackers whose attack prompted the shutdown of the key East Coast pipeline last month, according to people briefed on the matter.
The Justice Department on Monday is expected to announce details of the operation led by the FBI with the cooperation of the Colonial Pipeline operator, the people briefed on the matter said.
The ransom recovery is a rare outcome for a company that has fallen victim to a debilitating cyberattack in the booming criminal business of ransomware.
Colonial Pipeline Co. CEO Joseph Blount told The Wall Street Journal In an interview published last month that the company complied with the $4.4 million ransom demand because officials didn't know the extent of the intrusion by hackers and how long it would take to restore operations.
But behind the scenes, the company had taken early steps to notify the FBI and followed instructions that helped investigators track the payment to a cryptocurrency wallet used by the hackers, believed to be based in Russia. US officials have linked the Colonial attack to a criminal hacking group known as Darkside that is said to share its malware tools with other criminal hackers.
A spokesman for the Justice Department declined to comment.
Read more: https://www.cnn.com/2021/06/07/politics/colonial-pipeline-ransomware-recovered/index.html
LOL The Russian hackers must be so pissed off. Short article .... may have more added at a later time
catrose
(5,074 posts)if you paid it to a country who haven't agreed to cooperate with the US in financial matters, like Nigeria or Ghana. I somehow imagine that we don't have such agreements with Russia. Either way, bravo, FBI!
marble falls
(57,333 posts)lagomorph777
(30,613 posts)Wouldn't that be delicious?
I hope they reveal which brand of filthy digital lucre fucked them over.
marble falls
(57,333 posts)mitch96
(13,926 posts)removed from the cryptocurrency bitcoin security... Either way this is great... The ransom plan only works if the money goes into a blind no traceable hole...
m
PSPS
(13,620 posts)COL Mustard
(5,933 posts)Had this happened a few short months ago, TFG would have demanded a cut in his own account!
Sanity Claws
(21,857 posts)Putin and the rest of the Russian mob were probably counting on their share of that money. That is now gone and future thefts are at risk.
How is Putin to pay for his dachas and private security?
samnsara
(17,650 posts)..guess it can!
Yavin4
(35,446 posts)ProfessorGAC
(65,227 posts)...if it can be traced this accurately
marble falls
(57,333 posts)awesomerwb1
(4,268 posts)"Marked and traced"
I'll just stop there but thanks for the laugh.
reACTIONary
(5,788 posts)... publicly accessible write-only ledger of transactions. All transactions between accounts are fully documented and completely transparent for everyone, anywhere, to scrutinize. The only anonymity provided is that the account numbers don't have to be registered to a specific name. But if you want to use the bit coins for anything substantial, you have to tell someone who you are so they can deliver the goods.
And, if the government knows more than we do about the cryptography involved, they may know how to fake an account, and then make the transfer disappear after the payoff. Who knows?
mathematic
(1,440 posts)They had the data and said "we're going to release this unless you pay us". Surely they still have the data? Why wouldn't they just ask for the ransom again?
marble falls
(57,333 posts)The hackers weren't returning anything but access to the computers.
AllaN01Bear
(18,498 posts)PoliticAverse
(26,366 posts)lagomorph777
(30,613 posts)Bristlecone
(10,135 posts)oldsoftie
(12,622 posts)Just that it was accomplished is fine
NCjack
(10,279 posts)DippyDem
(659 posts)He would not allow the FBI to interfere! So typical of Trump. I heard a blurb on Bloomberg just a hour ago after the press briefing today by the Justice dept or was it the FBI??? Anyways it was about the fact that 90 companies were victimized by the same Russian hackers from Darkside. I wonder if some of those were from the Trump years??
George II
(67,782 posts)George II
(67,782 posts)Beacool
(30,253 posts)FelineOverlord
(3,600 posts)bronxiteforever
(9,287 posts)Rocknation
(44,580 posts)Last edited Tue Jun 22, 2021, 02:54 PM - Edit history (1)
that they would be getting it right back.
Ransomware is less of a threat these days if you've taken the precaution of being able to re-encrypt your databases and files and upload them to another sever. I've have do that myself when my seven-year-old daily health news blog got too big for my Web hosts to handle!
Rocknation
roamer65
(36,747 posts)NSA.
They have back doors into just about everything.
Sapient Donkey
(1,568 posts)Isn't that the whole NSA thing? They prefer to sit back and collect information rather than take actions that would expose their positions and likely end with them losing access once the systems are fixed/patched. At least that is what I gathered from reading books and listening to various people directly involved in that. Apparently this brings about conflict with the more aggressive offensive cyber teams from the military. Although, I suppose there is nothing preventing them from sharing their less secretive and high value access/methods/tools, aye?
roamer65
(36,747 posts)marble falls
(57,333 posts)... like Russia did it.
JustABozoOnThisBus
(23,371 posts)We need this extra money to study whether we should improve security.
Or, we need this extra money for the chairman's yacht.
Sapient Donkey
(1,568 posts)Make it even more risky to attempt such schemes.
"Do we really want to go after a US company? That might get their cyber people after all of our money"
Yo_Mama_Been_Loggin
(108,274 posts)Lonestarblue
(10,095 posts)Either that or he would have refused the attempt to protect his buddy Putin.
keithbvadu2
(36,949 posts)Donald would have gotten his cut during his job performance review from Putin.
mahatmakanejeeves
(57,647 posts)Let the hackers figure it out.
Historic NY
(37,453 posts)CCExile
(473 posts)Or at least keep a 20% finder's fee?