FBI seizes part of paid ransom from Colonial Pipeline


The FBI has seized part of the ransom that the Colonial Pipeline Company paid to a ransomware group under a court order, the Justice Department said at a news conference last night . It is unknown how the money could have been seized.


Colonial Pipeline paid $4.4 million in bitcoin last month to regain access to encrypted files. Attackers had access to the systems via a leaked VPN password and were then able to encrypt them. Hundreds of gigabytes of data were also stolen.


The American investigative service saw that the criminals transferred part of the ransom, 63.7 bitcoins, to a specific bitcoin address. The FBI had the private key to this address and was able to confiscate the money, the ministry said. The ministry did not say how the private key came into the hands of the FBI.


The move to seize the money was carried out by the recently launched US government's Ransomware and Digital Extortion Task Force. It was the first operation of the tax force to investigate, disrupt and prosecute ransomware attacks. Last week, the FBI said it has made investigating ransomware attacks a top priority .

Previous Post Next Post