SoylentNews is people
SoylentNews
Justice Dept. Claws Back $2.3M Paid by Colonial Pipeline to Ransomware Gang
Justice Dept. Claws Back $2.3M Paid by Colonial Pipeline to Ransomware Gang:
The U.S. Departmentof Justice said today it has recovered $2.3 million worth of Bitcoin that Colonial Pipeline paid to ransomware extortionists last month. The funds had been sent to DarkSide, a ransomware-as-a-service syndicate that disbanded after a May 14 farewell message to affiliates saying its Internet servers and cryptocurrency stash were seized by unknown law enforcement entities.
On May 7, the DarkSide ransomware gang sprang its attack against Colonial, which ultimately paid 75 Bitcoin (~$4.4 million) to its tormentors. The company said the attackers only hit its business IT networks — not its pipeline security and safety systems — but that it shut the pipeline down anyway as a precaution [several publications noted Colonial shut down its pipeline because its billing system was impacted, and it had no way to get paid].
On or around May 14, the DarkSide representative on several Russian-language cybercrime forums posted a message saying the group was calling it quits.
"Servers were seized, money of advertisers and founders was transferred to an unknown account," read the farewell message. "Hosting support, apart from information 'at the request of law enforcement agencies,' does not provide any other information."
US Has Recovered Ransom Payment Made After Pipeline Hack - Times of India
US has recovered ransom payment made after pipeline hack - Times of India:
WASHINGTON: The Justice Department has recovered the majority of a multimillion-dollar ransom payment to hackers after a cyberattack that caused the operator of the nation's largest fuel pipeline to halt its operations last month, officials said Monday. The operation to recover the cryptocurrency from the Russia-based hacker group is the first undertaken by a specialized ransomware task force created by the Justice Department, and reflects what US officials say is an increasingly aggressive approach to deal with a ransomware threat that in the last month has targeted critical industries around the world. "By going after an entire ecosystem that fuels ransomware and digital currency, we will continue to use all of our tools and all of our resources to increase the costs and the consequences of ransomware attacks and other cyber-enabled attacks," Deputy Attorney General Lisa Monaco said Monday at a news conference announcing the operation.
Also at Washington Post, Threatpost
(Score: 5, Interesting) by canopic jug on Tuesday June 08 2021, @05:57PM (6 children)
I hope that law enforcement throws the book at the executives who signed off on the ransom payment.
Every payment to the crackers helps them bankroll bigger and better skills and tools to be able to take on harder yet more valuable targets. Back before any of the companies had paid, it was barely even a cottage industry and just rolled the bums with unpatched stock M$ systems. Now it is really big business with subsidiaries and outsourcing and the lot. For the most part they've been going after the low-hanging fruit, that is to say the assholes running M$ products connected to the Internet, patched or not. However, now with the exxtra resources they have started to build one-off strategies and tactics custom designed for specific fairly hardened targets. Even if that is more labor intensive, the payoff can be that much higher and they now have the money to take a shot at it.
Money is not free speech. Elections should not be auctions.
(Score: 2, Interesting) by Catalyst on Tuesday June 08 2021, @06:00PM (2 children)
Except I bet the FBI told them to do the payment so it could be tracked...
(Score: 2, Interesting) by Anonymous Coward on Tuesday June 08 2021, @06:27PM (1 child)
Follow the money. It works with anything. And Bitcoin and others cryptostuff are PUBLIC LEDGER. A bank account is actually a private ledger so it has quite a bit more privacy to it. The public ledger is just obfuscation.
(Score: 0) by Anonymous Coward on Wednesday June 09 2021, @07:39PM
Oh yeah, the international Jew bankster cartel is so much more private than Monero. STFU, you dumb goy slave.
(Score: 2) by JoeMerchant on Tuesday June 08 2021, @06:57PM (2 children)
Not to mention: this is only a partial recovery, some million US$+ are still in the hackers' control.
It's a message: they will strike back, and I don't see what's stopping them from eventually taking more than they gave in the first place. Kind of a lame message, but better than just shrugging and paying and forgetting about it.
🌻🌻 [google.com]
(Score: 0) by Anonymous Coward on Tuesday June 08 2021, @10:40PM (1 child)
partial is 2.3 of 4.4, so that left 2.1m to Putin and Co, if the had anything to do with it the hackers got nothing.
(Score: 0) by Anonymous Coward on Wednesday June 09 2021, @02:02AM
Don't forget the 40% for the Big Guy.