DOJ recovers $2.3M in Bitcoin from Colonial Pipeline ransomware attack

• The U.S. Department of Justice revealed Monday that it has recovered a significant portion of the Bitcoins (BTC-USD) paid by Colonial Pipeline in a ransomware attack conducted in May by a criminal gang known as "Darkside."
• Deputy Attorney General Lisa Monaco announced that the DOJ had tracked down and recovered a majority of the Bitcoins the company had paid in ransom. The total amount of the ransom was valued at $4.4 million.
• According to the DOJ, the operation recovered 63.7 Bitcoins, valued at about $2.3 million.
• “Today we turned the tables on Darkside,” Monaco said in a press conference.
• U.S. law enforcement officials have been vocal lately about their efforts to combat ransomware.
• Last week, FBI Director Christopher Wray compared these attacks to 9/11 in terms of their challenge to national security. In response, the bureau has made ransomware a top priority.
• Meanwhile, Deputy AG Monaco has called for increased collaboration to battle ransomware attacks.
• Responding to the Colonial Pipeline attack and other high-profile incidents lately, Monaco asked for companies to provide more transparency and to cooperate with law enforcement officials. She also pushed for firms to create viable backups for their data and systems.

Comments

[Iron Eagle]

Every time one of these ransoms gets paid in Bitcoin, it increases the chances of the feds squashing the digital coin into oblivion.

[jack kreg]

What was the cost to the consumer of the pipeline shut down?
100's times the ransom? thanks for your estimate.

[Iron Eagle]

@jack kreg - didn’t affect me at all. I saw long lines of panic gas buying but I didn’t waste my time. Did it cost you as a consumer?

[BrownSwiss]

Private key not encrypted and sniffed and some point by NSA? Assistance from an exchange? Good old fashion paper trail?

Interning for sure. Doubt the paperwork tells the real story.

[toh192]

@BrownSwiss The BTC was mistakenly paid to the CIA seems a fat fingered security exploiter got one digit off. They generously returned it after taking a 50% fee.

[Up and Away]

The hackers were careless and the FBI got lucky. The FBI never manages to find files/documents on politicians, why not?

[rwg45]

@Up and Away They find them, then shred them and claim they found nothing.

[Up and Away]

@rwg45
Yes, swept under the carpet as has been done in the past.

[Iron Eagle]

@Up and Away - yeah and I love how they provided the details on HOW they did it. Now the next bunch of criminals will know better.

[Chance Handler]

These MOFOS set the whole market up to raise the price of fuel.. Don't buy into the desire to solve a crime.. SMDH!

[blububbleboy]

HERE S A LITTLE SECRET THAT IS NOT SO SECRET .....BITCOIN WAS CREATED BY THE NSA ...LOOK IT UP ....IT WAS CREATED SPECIFICALLY FOR THS TYPE OF SITUATION

TO MAKE IT EASIER TO TRACK

PEOPLE OF THE NEW AGE HERE IS SOME GOOD ADVICE ... IF YOU REALLY DO NOT WANT ANYONE TO KNOW WHAT YOU ARE DOING YES I KNOW I KNOW IT MAY SOUND OLD FASHIONED BUT IM 23 IM TELLING YOU .........JUST USE GREEN PAPER CASH !!!

IT S THE WORD CURRENCY ACCEPTED LITERALLY E V E R Y W H E R E !!!!!

BEST WSHES TO YOU ALL

[Mevo]

@blububbleboy And how do you transmit paper cash remotely, for example over the Internet?

[jbfriedm]

@Mevo my company is going to be acquired by a SPAC and we're going to figure out how to break the whole space-time continuum thing

[Mevo]

@jbfriedm Yeah, this seems to be a pretty reasonable comment compared to what I'm reading these days :)

[Finding Your Retirement]

you heard the FBI director, ransomware attacks are 9/11 attacks. proving biden has had 2 9/11 attacks within his first year in office. God protect us for these next 3

[Heavy Fuel]

@Finding Your Retirement .......I couldn't agree more....Dam!

[Chancer]

@Finding Your Retirement:

If a terrorist (s) smuggles a nuke across the open southern border and nukes a US city killing millions, Biden should get the credit. The US is widen open vulnerable for that. IMO, the greatest risk of the open border.

[Thomas Forss]

@Chancer can I ask why you think anyone would want to smuggle something like that? Does the US in your opinion have reason to fear that, and if so why?

[AlphaSierra]

But how did they "recover" the coins ? A Blockchain like the one of BTC is not (easy) hackable even if you are the FBI. Maybe they got the private keys or the amount got transferred to a company like Coinbase ...

[wazoomann]

@AlphaSierra Probably transferred via custodial / coinbase who has to report all info on every account to the Feds. I don't have any issues with this, but some people will, of course, freak and sell. Peak 2021.

[Up and Away]

@AlphaSierra
Coinbase has private keys also so I do not think that's it. Sounds to me
that there was more than one hacker involved with all the coins not found and possibly one of the hackers was careless and let himself be exposed?

[toh192]

@Up and Away even if you wash the coins 1000 times, the original coins can be tracked. The wash accounts must have clean Bitcoin, and even then being forever traceable

[60DegreesSouth]

Until we know the finer details, all we can do is speculate.

If the criminals actually had them put the ransom on a KYC exchange, then it barely required the feds to lift a finger to get it back. Why in the world would they leave it on a KYC exchange?!?

If we want to get a bit more cloak-and-dagger, this is my take. They somehow tracked down a 3rd party, non-exchange, wallet at an IP address used by one of the bad guys. They started poking, looking for holes into the machine, they were able to slip in and scan files on computer, they found his seed phrase (not the cryptic private key address) copy and pasted into a notepad text file, restored the wallet on an DOJ computer, and promptly sent it to the IRS for back taxes Colonial probably hasn't paid in years.

[Investing for Freedom]

@60DegreesSouth Haha! That's a very reasonable speculation!

[GregLRSN]

@60DegreesSouth Or, as you stated, they connected the dots to link a wallet with KYC data. Stormed the house of the individual connected to it. Threatened him with international terrorist charges and a stay at Guantanamo Bay. He handed over the bitcoin as soon as he finished pissing his pants.

[Popesays]

@GregLRSN Then they squeezed the dude some more.

[whitehead1]

One of the reason that I do not have my own wallet is specific for this reason.
I can wake up one day and find out all my bitcoin vanished and I wouldn't even know what happened and there is no recourse.
If US Govt. or hackers wants they can just come and empty your wallet.
Also the time has passed where you invest $100 and turn into million. People looking at past performance of the bitcoin and they expect history to repeat but those days are gone.

[Investing for Freedom]

@whitehead1 well, not so fast. FBI even could hack an iPhone without a password. Remember that? We don't know the details yet, but it is highly unlikely FBI actually hacked into Darkside's wallets and transferred the bitcoins to another wallet.

[60DegreesSouth]

@whitehead1 What??? Get yourself a Ledger hardware wallet, and all this
wringing of hands about having your own wallet goes away.

Yes, with crypto, you are the bank, you are responsible one, you have to own your mistakes

[whitehead1]

@60DegreesSouth
Sometimes I cant remember my kids name so I don't think I am capable to remembering my wallet address. I hope you guys Enjoy your hidden money.

[Kyle_G]

Isn't blockchain untraceable??

[yhoomajor]

@Kyle_G - untraceable by average Joe - Yes.

Untraceable by NSA/FBI? No

[60DegreesSouth]

@Kyle_G No, absolutely not, BTC is as clear as window glass

[Kyle_G]

@60DegreesSouth that's interesting. Is that true across the entire crypto universe? Sorry for my lack of knowledge if that's a really naive question

[SeriousUsername]

Its not even a useful currency for criminals.
Lmfao 0 use case.

[Aaron173]

@SeriousUsername unless your use case is making a 5,000% return over a few years.

[Antiquarian]

Excuse me. This is a terrible result for Colonial. They bought 64+ bitcoins for $4+ Million and the government has recovered those 64 bitcoins - as I read the government press release.

However, they are now worth on $2+ million.

Had the ransom been paid in dollars and had all been recovered, the recovery would have made Colonial whole (other substantial costs notwithstanding).

In short, for all concerned bitcoins have proven a financial disaster.

Surprise? But, then what's a few million dollars to those trading in bitcoins? A canary in the coal mine? That's my take.

[Aaron173]

@Antiquarian I thought the ransom at the time was closer to 75 BTC.

Regardless, if you look at the 12 year chart, BTC has been the opposite of disaster. Unless you missed out and are just looking for any excuse to be negative about it.

In that case, I totally understand. It would be disastrous to miss out on an easy 300,000% gain.

[Duncan20903]

@Antiquarian No, the Feds did not recover the entire ransom. It was just a little more than half so you've miscalculated.

[Antiquarian]

@Duncan20903 Thanks.

What I saw quoted was a dollar amount of the recovery.

I see other articles saying that "About 63.7 BTC was sent to an address controlled by the FBI." At the current bitcoin price that's about $2.4 million.

However, on the date the ransom was paid, May 8, bitcoin converted at approximately $54,000. That would be about $3.4 Million. Definitely, as you mention, it wasn't a full recovery.

So, what are the final numbers? I can't find them.

[Winnertakesall]

They need to ban crypto.

[60DegreesSouth]

@Winnertakesall Why?!? If anything, they just proved just how easy they can scan the blockchain and act. How much heavy lifting did they have to do to hunt down the DOLLARS that Madoff swindled? BTC is almost a digital wet dream for government tracing.

[Aaron173]

@Winnertakesall Russian hacker groups used to accept debit cards for ransom before Bitcoin became popular. If you ban BTC, you'll just be wiring them dollars instead. The US Dollar is still the currency of crime and terrorism.

The real issue here is that we've fallen decades behind the Chinese and Russians in cybersecurity. It's easier to blame money than admit that you were wrong.

[toh192]

@Winnertakesall it’s quite the opposite they will ban CASH just as soon as Bitcoin kinks are ironed out. #FEDCOIN

[yhoomajor]

AT least with printed currency you can hide it under the dirt in a spot where even FBI can't get to it.

BTC has been a big fraud from the get go. Probably a setup between CIA and Japanese secret services. Hello Satoshi!! It was all fine and dandy until China cornered the BTC mining. And now US state dept is gunning fpr BTC. You can't make this stuff up.

[GregLRSN]

@yhoomajor "You can't make this stuff up"

You just did.

[Djreef1966]

So much for being secure.

[BlueTower5000]

@Djreef1966 it was $5 million in Bitcoin but by the time Uncle Sam recovered it, it’s value was only $2.3 million. Stable store of value, amirite?

[User 44279746]

The O'Biden administration went out of their way to say the Russian government wasn't involved. Pandering to Putin?

[happyclown]

BTC is a bad medium for money laundering.

[deckofcards]

Of course btc sells off on the news because of its diminished utility to extortionists

[ndardick]

@deckofcards True dat!!

[wazoomann]

@deckofcards Yeah, that was/is interesting, the sell off started shortly after this hit the news. Or was there another reason?

[Robert S Dot]

Moaf = mother of all fud