According to a CNN report, the US authorities successfully collected a ransom that was paid in Bitcoin by the Colonial Pipeline company. In May, a cyber attack allegedly carried out by a Russian-backed hacking group called DarkSide halted the company’s operations.
According to the report, the Colonial Pipeline controls approximately 45% of the fuel for the US east coast. Its CEO, Joseph Blount, was forced to pay the ransom that the hacker had forced on a control room’s main computer. Estimated around $ 4.4 million paid in 63.7 bitcoin.
The operation was carried out by a special ransomware task force set up by the US federal government. This type of attack has become regular. There is growing concern among the general public and the authorities.
Deputy Attorney General Lisa Monaco said the following about the operation during a press conference:
By pursuing an entire ecosystem that powers ransomware and digital currencies, we will continue to use all of our tools and resources to increase the costs and consequences of ransomware attacks and other cyber-based attacks.
Deputy National Security Advisor Anne Neuberger claimed that Bitcoin and cryptocurrencies “enable” this type of crime. A similar position has been taken by other senior US government officials such as Treasury Secretary Janet Yellen. Neuberger added, according to CNN:
This is how people get the money out. On the rise of anonymity and the improvement of cryptocurrencies, the advent of blending services that are essentially laundering funds.
Another Justice Department (DOJ) representative claimed the funds from a Bitcoin wallet had been confiscated.
Not your keys, not your Bitcoin, has never been truer
However, members of the crypto community and specialized media do not seem convinced. Independent journalist Jordan Schachtel questioned the entire operation. He claims that “Russian hacking” has often been used “illegitimately” in the past. He therefore points out the possibility that federal authorities withhold important information.
The independent journalist also pointed out some inconsistencies in the investigation. For example, the authorities claimed to have the hacker’s Bitcoin wallet password. He said:
Why do you need a court order when you have the password on your wallet? The reverse is also true. If the Bitcoin has been transferred to a custodian, you do not need the password (key).
Schachtel wonders how the authorities got the private key in the first place. The official report simply states that the ransom was sent to a “specific address for which the FBI has the private key.” The information available seems to rule out the possibility that the Feds obtained private keys of the BTC wallet, the hackers could have used a central exchange as a custodian of the ransom.
So it looks like I was right. The FBI did not receive the private keys. Instead, they took legal action against an exchange or some kind of wallet with servers in Northern California (Coinbase, lol?). These “hackers” were grossly incompetent.
Preston Byrne, partner at Anderson Kill Law, summed up the entire operation. Both the journalist and Byrne concluded that the US had done nothing innovative.
How that happened:
1) DarkSide Wallet was somewhere on an exchange or on a cloud server, the FBI has the service for arrest warrant & gag warrant
2) (possibly) the FBI has a guy inside telling them where to look
How it didn’t happen:
1) ECDSA is defective https://t.co/OZxwancGhV
– Preston Byrne (@prestonjbyrne) June 7, 2021
At the time of writing, BTC is trading at $ 34,127. In the daily chart, the first cryptocurrency by market capitalization is trending down after moving sideways in the past few weeks.
BTC is trending down on the daily chart. Source: BTCUSD Tradingview