US authorities have successfully recovered the ransom paid Bitcoin According to a CNN report, by the company Colonial Pipeline. In May, a cyber attack allegedly carried out by a Russia-backed hacker group called Darkside brought the company’s operations to a halt.
According to the report, the Colonial Pipeline controls about 45% of the fuel for the US East Coast. Its CEO Joseph Blount was forced to pay a ransom applied to the main computer of the control room by the hacker. The payment is estimated to be around $4.4 million in 63.7 bitcoins.
The operation was carried out by a special ransomware task force created by the US federal government. This type of attack has become routine. There is growing concern among the public and the authorities.
Deputy Attorney General Lisa Monaco said the following on the operation during a press conference:
By following the entire ecosystem that promotes ransomware and digital currency, we will continue to use all of our tools and all of our resources to increase the costs and consequences of ransomware attacks and other cyber-enabled attacks.
Deputy National Security Adviser Anne Neuberger claimed that bitcoin and cryptocurrencies “enable” this type of crime. A similar position has been taken by other US high-ranking government officials, such as the Secretary of the Treasury, Janet Yellen.. According to CNN, Neuberger said:
This gives people money. On the rise of anonymity and cryptocurrencies, the rise of mixer services that essentially launder money.
Another representative of the Department of Justice (DOJ) claimed that funds from a bitcoin wallet were confiscated.
Not Your Key, Your Bitcoin Has Never Been More True
However, members of the crypto community and expert media seem unconvinced. Freelance journalist Jordan Schachtel questioned the entire operation. they claim that “Russian Hacking” “Illegally” has been used several times in the past. Therefore, he hints at the possibility of federal officials withholding vital information.
The independent journalist also pointed out some discrepancies in the investigation. For example, the authorities claimed to be the hacker’s bitcoin wallet password. He said:
Why do you need a court order if you have their wallet password? The reverse is also true. If bitcoins were transferred to a custodial wallet, you do not need a password (key).
Schachtel wonders how the authorities got the private key in the first place. The official report only stated that the ransom was “transferred to the specific address for which the FBI holds the private key”. The available information appears to rule out the possibility that the Fed may have obtained BTC wallet private keys, the hackers may have used a centralized exchange as the custodian of the ransom.
So it looks like I was right. The FBI did not find the private keys. Instead, they took legal action against an exchange or some sort of custodial wallet that has servers in N California (Coinbase, lol?) These “hackers” were grossly incompetent.
Anderson Kill Law partner Preston Byrne summarized the entire operation. The journalist and Byron both concluded that America hasn’t done anything new.
How did this happened:
1) Darkside Wallet was somewhere on the exchange or on a cloud server, the FBI hit the service. warrant and lien order
2) (Probably) There’s a guy inside the FBI who told them where to look
How it didn’t happen:
1) ECDSA is broken https://t.co/OZxwancGhV
— Preston Byrne (@prestonjbyrne) June 7, 2021
At the time of writing, BTC is trading at $34,127. On the daily chart, the first cryptocurrency by market cap is trending on a downtrend following sideways movement over the past weeks.