News
USA | Jun 7, 2021

US seizes $2.3 million in bitcoin paid to Colonial Pipeline hackers

/ Our Today

administrator
Reading Time: 3 minutes
Deputy U.S. Attorney General Lisa Monaco is followed by FBI Deputy Director Paul Abbate as she arrives to speak about the Colonial Pipeline Co. ransomware attacks during a news conference at the Justice Department in Washington, U.S., June 7, 2021. (Photos: REUTERS/Jonathan Ernst/Pool)

WASHINGTON (Reuters)

The Justice Department today (June 7) recovered some US$2.3 million in cryptocurrency ransom paid by Colonial Pipeline Co, cracking down on hackers who launched the most disruptive US cyberattack on record.

Deputy Attorney General Lisa Monaco said investigators had seized 63.7 bitcoins, now valued about US$2.3 million, paid by Colonial after last month’s hack of its systems that led to massive shortages at US East Coast gas stations.

The Justice Department has “found and recaptured the majority” of the ransom paid by Colonial, Monaco said.

An affidavit filed on Monday said the FBI was in possession of a private key to unlock a bitcoin wallet that had received most of the funds. It was unclear how the FBI gained access to the key.

A judge in San Francisco approved the seizure of funds from this “cryptocurrency address,” which the filing said was located in the Northern District of California.

FBI Deputy Director Paul Abbate speaks about the May 2021 Darkside Ransomware attack on Colonial Pipeline as Acting Assistant Attorney General Nicholas L. McQuaid of the Criminal Division and Deputy U.S. Attorney General Lisa Monaco listen during a news conference at the Justice Department in Washington, U.S., June 7, 2021.

Colonial Pipeline had said it paid the hackers nearly US$5 million to regain access. Bitcoin was trading down nearly five per cent around 1800 ET (2200 GMT). The cryptocurrency’s value has dropped to around US$34,000 in recent weeks after hitting a high of US$63,000 in April.

Bitcoin seizures are rare, but authorities have stepped up their expertise in tracking the flow of digital money as ransomware has become a growing national security threat and put a further strain on relations between the United States and Russia, where many of the gangs are based.

“Right now, prosecution is a pipedream,” Vice President John Hultquist of the Mandiant cybersecurity firm said in praising the move. “Disrupt. Disrupt. Disrupt.”

The hack, attributed by the FBI to a gang called DarkSide, caused a days-long shutdown that led to a spike in gas prices, panic buying and localised fuel shortages. It posed a major political headache for President Joe Biden as the US economy was starting to emerge from the COVID-19 pandemic.

Deputy U.S. Attorney General Lisa Monaco announces the recovery of millions of dollars worth of cryptocurrency from the Colonial Pipeline Co. ransomware attacks as she speaks during a news conference with FBI Deputy Director Paul Abbate and Acting U.S. Attorney for the Northern District of California Stephanie Hinds at the Justice Department in Washington, U.S., June 7, 2021.

The White House urged corporate executives and business leaders last week to step up security measures to protect against ransomware attacks after the Colonial hack and later intrusions that disrupted operations at a major meatpacking company.

Deputy FBI Director Paul Abbate, who spoke at the same news conference as Monaco on Monday, described DarkSide as a Russia-based cybercrime group.

Abbate said the FBI was tracking more than 100 ransomware variants. DarkSide itself victimised at least 90 US companies, including manufacturers and healthcare providers, he said.

Tags
Bitcoin Colonial Pipeline DarkSide FBI gsas shortage hackers ransomware US Justice Department

Comments

What To Read Next

News JAM Jun 24, 2025

FCJ Chairman highlights Garmex Freezone redevelopment, promises continued expansion

Reading Time: 3 minutesLyttleton ‘Tanny’ Shirley, Chairman of the Factories Corporation of Jamaica (FCJ), says the agency has made significant strides in modernising its operations and facilities, with the Garmex Freezone redevelopment standing as a major milestone in its transformation.

Shirley said one of the first directives Prime Minister Andrew Holness gave to the newly appointed FCJ board in 2016 was to resuscitate and restructure the agency, transforming it into a modern institution offering cutting-edge facilities and optimising its assets to achieve financial sustainability.
News JAM Jun 24, 2025

Holness: Garmex Freezone redevelopment to add 3,000 jobs in five years

Reading Time: 3 minutesPrime Minister Andrew Holness said the Garmex Freezone Redevelopment and Expansion ceremony serves as a signal of the government and its partners’ collective ambition to position Jamaica as a global logistics, manufacturing and investment destination.

Holness said Garmex Freezone is a shining example of what can be achieved when public enterprise is powered by purpose and disciplined execution.
News JAM Jun 23, 2025

Holness: Third term not an entitlement, pledges to ‘put back care into healthcare’

Reading Time: 3 minutesPrime Minister Andrew Holness says his administration is committed to meeting the needs of Jamaicans while advancing the Jamaica Labour Party’s (JLP) vision to “put back care into healthcare.”

He acknowledged that securing a third term is never an easy task and underscored the commitment of both the government and Labour Party supporters to continue pushing for national development.