NewsBite

Bitcoin ransom paid to Darkside by Colonial Pipeline now worth less

After a cyber attack shut the systems down and forced them to pay up in crypto, the money has been recovered – but it’s not all good news.

Samual Chamberlain and New York Post
less than 2 min read
June 9, 2021 - 10:02AM
A US company who’s systems were hit by a cyber attack and were forced to pay a ransom in bitcoin have had the money recovered but its worth way less. Picture: Karen Bleier/AFP
A US company who’s systems were hit by a cyber attack and were forced to pay a ransom in bitcoin have had the money recovered but its worth way less. Picture: Karen Bleier/AFP

Most of the bitcoin ransom paid last month to the Russian hacking group DarkSide by Colonial Pipeline has been recovered by US officials, the Justice Department announced.

But because of bitcoin’s rollercoaster value, the firm will still take a big loss.

Investigators had retrieved 85 per cent of the 75-bitcoin ransom the energy firm handed over to the cyber criminals, the DOJ said in a statement.

Due to a drop in the price of bitcoin since the money was sent, however, the 63.7 coins recovered are only worth about $US2.3 million ($A2.9 million) today, which is just a little more than half of the value of the $US4.3 million ($A5.5 million) original payment.

“Today, we turned the tables on DarkSide,” Deputy Attorney-General Lisa Monaco said before calling on US companies and government organisations to treat the threat of cyber fattacks as a “clear and present danger”.

RELATED: Why Colonial Pipeline CEO paid DarkSide hackers

Deputy US Attorney-General Lisa Monaco announces\d the recovery of millions of dollars worth of cryptocurrency from the Colonial Pipeline ransomware attacks. Picture: Jonathan Ernst/AFP
Deputy US Attorney-General Lisa Monaco announces\d the recovery of millions of dollars worth of cryptocurrency from the Colonial Pipeline ransomware attacks. Picture: Jonathan Ernst/AFP

The ransomware attack on Colonial’s computer systems that began on May 7 shut down the largest fuel pipeline in the US for five days, leading to gas shortages and panic buying across the southeast of the country.

Colonial officials previously said they took their pipeline system offline before the attack could spread to its operating system and paid the ransom to get back online as soon as possible.

The company had no immediate response to the news of the seizure on Monday.

Monaco accused Russia-based DarkSide and its affiliates of “digitally stalking US companies for the better part of last year and indiscriminately attacking victims that include key players in our nation’s infrastructure.”

“Pay attention now. Invest resources now,” she said in a warning to companies. “Failure to do so could be the difference between being secure now or a victim later.”

RELATED: Crypto bloodbath as bitcoin hammered

Russia-based ransomware extortionists Darkside had forced the shutdown of a major US fuel network. Picture: Drew Angerer / Getty Images North America / AFP
Russia-based ransomware extortionists Darkside had forced the shutdown of a major US fuel network. Picture: Drew Angerer / Getty Images North America / AFP

The operation to recover the cryptocurrency is the first undertaken by a specialised ransomware task force created by US President Joe Biden’s administration.

The FBI generally discourages the payment of ransom, fearing it could encourage additional hacks.

Ms Monaco said that if companies are quick to alert law enforcement about such payments, officials may be able to conduct similar seizures in the future.

This story originally appeared on the New York Post and is reproduced here with permission

Read related topics:Cryptocurrency
More related stories

Original URL: https://www.news.com.au/finance/business/other-industries/bitcoin-ransom-paid-to-darkside-by-colonial-pipeline-now-worth-less/news-story/786cc6f2246fce06bf1b9eb9a872c9bd