U.S. officials said they have recovered a ransom worth $2.3 million paid to hackers who closed the colony’s pipeline last month, causing the country’s fuel supply to be interrupted for several days.
Justice Department officials said on Monday that they have identified the virtual wallet used by the suspect. DarkSide, a Russian ransomware organization They confiscated funds from it, in rare ransom recovery situations.
This pipeline supplies almost half of the automobile fuel consumed on the East Coast of the United States. Closed for five days Last month, after the DarkSide hack, motorists rushed to fill up their fuel tanks, which caused a shortage of gasoline.
“Ransomware attacks are always unacceptable, but when they target critical infrastructure, we will spare no effort to respond,” said US Deputy Attorney General Lisa Monaco (Lisa Monaco).
Colonial CEO Joseph Blount told The Wall Street Journal that the company had already paid a ransom of $4.4 million in Bitcoin because it was “the right thing to do for the country” and whether The argument that this should be done is getting fiercer. Payments to hackers are completely prohibited.
Both the FBI and the White House advise against this, believing that it will only encourage further extortion activities.
Anonymous cryptocurrency is the preferred payment method for cybercriminals. However, every transaction is recorded on an immutable blockchain, giving investigators in the private and public sectors the opportunity to monitor and track them.
Ransom recovery is rare. Once hackers receive cryptocurrency payments, they usually use high-tech tools and techniques to try to get investigators off track, and then cash their funds into legal tender through cryptocurrency exchanges, over-the-counter brokers, or illegal markets on the dark web .
Colonial did not immediately respond to a request for comment.