The Justice Department announced on Monday that it has recovered most of the ransom it paid last month to hackers who shut down computer systems at Colonial Pipeline, an important oil pipeline operator.
Colonial paid a ransom of $4.4 million in bitcoin to Russian hacker group DarkSide after it used ransomware to shut down the company’s operating networks in May.
This push prompted Colonial to resume supply through its pipeline, which runs from Texas to New Jersey and accounts for nearly half of the fuel transportation that flows to the East Coast.
Monday’s seizure was an attempt, a first of its kind, by a new team from the Department of Justice to seize the profits of a cybercriminal group by hacking into a Bitcoins wallet.
The Department of Justice said it seized 63.7 bitcoins, which are currently worth $2.3 million. The value of Bitcoin plummeted last month.
Officers said they identified a virtual currency account, commonly called a “wallet,” that DarkSide used to collect payments from a ransomware victim, and that an investigative judge in the Northern District of California had issued an asset forfeiture order. Wallet money this morning.