The energy supplier Colonial Pipeline, extorted by hackers for a million euros, gets part of the Bitcoin ransom back. Now it is also clear: the Bitcoin blockchain is not compromised.
The US federal agency FBI has struck a blow against organized cybercrime. How CNN First reported, the FBI was able to secure a Bitcoin wallet with a total of 63.7 BTC, about $ 2 million. The BTC is extortion money that the US energy provider Colonial Pipeline paid to the hacker group DarkSide.
“Today the FBI successfully confiscated criminal proceeds from a Bitcoin wallet belonging to DarkSide,” said a statement from the US Department of Justice. The coup is due to a task force set up by the Department of Justice specifically for ransomware attacks, the DOJ Digital Extortion Taskforce, as the spokesman announced.
Investigators suspect that the masterminds behind the attack were in Russia. According to the task force, “the money trail” was followed. That should probably mean that the investigators searched the blockchain for forensic data.
And that’s exactly what happened: The blockchain tracker Ellpictic tracked the coins and was able to determine that the BTC landed on a so-called hosted service. At this point in time, the private keys were not in the possession of the hackers, but were managed by the host. And that was the hackers’ undoing. After all, the FBI could Court order which led to the confiscation of the coins.
Market switches to panic mode
Until the news about the exact procedure of the FBI had really leaked, rumors about the exact procedure of the confiscation made the rounds. At first it was wrongly said that the federal agency had hacked the blockchain – and the market went into panic mode. But that was not the case. Even the FBI is unable to attack and compromise Bitcoin’s base layer, the blockchain. Only a blockchain analysis tool and classic police work were able to arrest the BTC.
In May of this year, ransomware hackers succeeded in attacking Colonial, the largest pipeline operator in the USA – and encrypted their data. For fear of gasoline supply bottlenecks, the company paid a total of $ 4.4 million in ransom. More than half of this has now been recovered.
The story is likely to have an aftermath. Joseph Blount, CEO of Colonial Pipeline, has to explain the matter to the US Congress on Tuesday, June 8th.