FBI takes back stolen bitcoin (BTC) from Colonial Pipeline hackers, but how?

Ransomware & ransom
Last month, the so-called Colonial Pipeline, the largest oil pipeline in the United States, was shut down. Hackers had locked data on the company’s computers using ransomware, or ransomware, and demanded a ransom.

That caused a lot of panic. The gas transport came to a standstill and for fear of shortages Americans started stocking up en masse. In the end, the company paid 75 Bitcoin (BTC), then worth $4.4 million or €3.6 million, to the hackers, who have since been identified as the Russian hacker group Darkside.

Now it turns out that the Federal Bureau of Investigation (FBI) has again taken the ransom from the hackers. The FBI has seized 63.7 BTC, about 85% of the total amount. CNN first reported this on June 7:

Implication FBI Confiscation
The fact that the FBI has been able to do this may have major implications for cryptocurrencies and privacy. It shows that bitcoin may not be as suitable for this kind of criminal purpose as some claim. An FBI agent reportedly found the stolen bitcoin simply by following the trail of transactions through a so-called block explorer.

“The sophisticated use of technology to hold businesses and even entire cities hostage for profit is definitely a 21st century challenge. But the old adage ‘follow the money’ still applies. And that is exactly what we do.”

According to Deputy Minister of Justice Lisa Monaco. The FBI has not released any further details, but it appears that the hackers may not have been too careful with the ransom. Initially, it was rumored that the amount was parked at Coinbase. By now, a more obvious explanation seems to be that the private keys were on a server in California, within reach of the FBI.

Meanwhile, there are rumors that the whole thing was staged by the FBI to show that they can easily get to your crypto. Some people even claim that Bitcoin was hacked by the FBI. However, that sounds very unlikely and the FBI itself says that crypto is not the problem here:

Colonial Pipeline CEO Joseph Blount will soon answer to Congress. He has to explain why he paid almost $5 million in ransom. A month ago, he stated that the company had no idea how much the attack had affected their systems or how long the recovery could take.

Lost Password