The U.S. Department of Justice (DOJ) recently seized 63.7 bitcoins valued at approximately $2.3 million, alleging the funds represented proceeds paid after a ransomware attack.
The DOJ said a group known as DarkSide initiated a ransomware attack against Colonial Pipeline, resulting in critical infrastructure being taken out of operation.
Last month, Colonial Pipeline reported to the FBI its computer network was accessed by DarkSide and had received and paid a ransom demand for approximately 75 bitcoins.
Law enforcement authorities said they were able to track multiple transfers of bitcoin and identified approximately 63.7 bitcoins, representing the proceeds, had been transferred to a specific address.
“Following the money remains one of the most basic yet powerful tools we have,” Deputy Attorney General Lisa O. Monaco for the U.S. Department of Justice said. “Ransom payments are the fuel that propels the digital extortion engine. The United States will use all available tools to make these attacks more costly and less profitable for criminal enterprises. We will continue to target the entire ransomware ecosystem to disrupt and deter these attacks.”
Monaco said the effort demonstrates the value of early notification to law enforcement. She commended Colonial Pipeline for the quick notification when the company learned it was being targeted by DarkSide.
“There is no place beyond the reach of the FBI to conceal illicit funds that will prevent us from imposing risk and consequences upon malicious cyber actors,” FBI Deputy Director Paul Abbate said. “We will continue to use all of our available resources and leverage our domestic and international partnerships to disrupt ransomware attacks and protect our private sector partners and the American public.”