U.S. officials say they have reinstated $ 2.3 million in ransom payments made to hackers who shut down the colonial pipeline last month, disrupting the country’s fuel supply for several days.
Justice Department officials said Monday they have discovered a virtual wallet used by suspects Russia-based ransomware group DarkSide from which they took the funds in the rare case of redemption.
The pipeline, which supplies nearly half of the motor fuel consumed off the east coast of the United States, was It was closed for five days after being hacked by DarkSide last month, which supplied gasoline supplies as drivers rushed to fill their tanks.
“Ransomware attacks are always unacceptable, but when they target potential infrastructure, we will spare no effort to respond,” said Deputy Attorney General Lisa Monaco.
Colonial CEO Joseph Oze Blunt told The Wall Street Journal that the company had paid a $ 4.4 million bitcoin ransom at the time because it was “the right thing for the country”, a blanket ban on hackers making payments amid growing controversy. :
Both the FBI and the White House do not recommend doing so, arguing that it only encourages further blackmail.
Anonymous cryptocurrencies are a payment method for cyber criminals. However, each transaction is recorded on an unchanged blockchain, enabling private և public sector investigators to track them down.
Redemption is rare. As soon as hackers receive cryptocurrencies, they typically use high-tech tools և methods to try to distract investigators before cashing in through a cryptocurrency exchange, over-the-counter brokers, or illegal markets.
The colony did not immediately respond to a request for comment.