Hackers behind Colonial Pipeline attack received $90 million in bitcoin before shutting down

On this photo illustration, a bitcoin trace is considered displayed on an Android smartphone with a hacker within the background.

Miguel Candela | SOPA Photos | LightRocket thru Getty Photos

LONDON — DarkSide, the hacker community on the assist of the latest Colonial Pipeline ransomware assault, bought a total of $90 million in bitcoin ransom funds forward of shutting down final week, in step with original learn.

Colonial Pipeline turned into hit with a devastating cyberattack earlier this month that compelled the firm to shut down roughly 5,500 miles of pipeline, crippling gasoline supply programs in southeastern states. The FBI blamed the assault on DarkSide, a cybercriminal gang believed to be based in Eastern Europe, and Colonial reportedly paid a $5 million ransom to the community

DarkSide operates what’s identified as a “ransomware as a service” business model, which skill that the hackers design and market ransomware instruments and sell them to other criminals who then kind attacks. Ransomware is a model of malicious system that’s designed to block salvage admission to to a laptop system. Hackers are looking ahead to a ransom payment — on the total cryptocurrency — in return for restoring salvage admission to.

On Friday, London-based blockchain analytics company Elliptic mentioned it had diagnosed the bitcoin pockets susceptible by DarkSide to raise ransom funds from its victims. That identical day, security researchers Intel 471 mentioned DarkSide had closed down after shedding salvage admission to to its servers and as its cryptocurrency wallets were emptied. DarkSide also blamed “strain from the U.S.,” in step with a expose got by Intel 471.

In a new blog publish Tuesday, Elliptic mentioned DarkSide and its affiliates bagged now not lower than $90 million in bitcoin ransom funds, originating from 47 fine cryptocurrency wallets. The moderate payment from organizations turned into most likely $1.9 million, Elliptic mentioned.

“To our data, this analysis entails all funds made to DarkSide, alternatively additional transactions could presumably additionally impartial but be uncovered, and the figures right here wants to be considered a lower mosey,” mentioned Tom Robinson Elliptic’s co-founder and chief scientist.

Elliptic mentioned that DarkSide’s bitcoin pockets contained $5.3 million worth of the digital currency forward of its funds were drained final week. There turned into some speculation that this bitcoin had been seized by the U.S. authorities. There turned into some speculation that this bitcoin had been seized by the U.S. authorities.

Of the $90 million total haul, $15.5 million went to DarkSide’s developer while $74.7 million went to its affiliates, in step with Elliptic. The bulk of the funds are being despatched to crypto exchanges, where they’ll be transformed into fiat money, Elliptic mentioned.

Bitcoin has won a popularity for its grunt in criminal grunt, as other folks transacting with the cryptocurrency kind now not expose their identification. However, the digital ledger that underpins bitcoin is public, which skill that researchers can mark where funds are being despatched.

The Colonial Pipeline hack turned into one in all a spate of ransomware attacks to generate headlines final week. A division of Jap conglomerate Toshiba mentioned its European unit had been hacked, blaming the assault on DarkSide, while Eire’s health service turned into also hit by a ransomware assault. On Wednesday, President Joe Biden signed an govt articulate geared toward strengthening U.S. cybersecurity defenses.

0 0 vote
Article Rating
Notify of
Inline Feedbacks
View all comments
Would love your thoughts, please comment.x