The US has recovered most of the $4.4m (£3.1m) ransom paid to a cyber-criminal gang responsible for taking the Colonial Pipeline offline last month.
DarkSide – which US authorities said operates from eastern Europe and possibly Russia – infiltrated the pipeline last month. The attack disrupted supplies for several days causing fuel shortages. According to the firm, the pipeline carries 45% of the East Coast’s supply of diesel, petrol and jet fuel.
On Monday, Deputy Attorney-General Lisa Monaco said investigators had “found and recaptured” 63.7 Bitcoin worth $2.3m – “the majority” of the ransom paid. Since the ransom was paid the value of Bitcoin has fallen sharply. The US government has recommended in the past that companies do not pay criminals over ransomware attacks, in case they invite further hacks in the future.
It has since urged companies to increase security measures against ransomware attacks like this. Commerce secretary Gina Raimondo said on Sunday that President Biden would raise the issue of such attacks with Russian leader Vladimir Putin in a meeting planned this month.