According to Elliptic, a London-based blockchain analysis firm, DarkSide, the hacker group behind the Colonial Pipeline attack, obtained $90 million in bitcoin in the last nine months.
Forcing the company to shut down nearly 5,500 miles of pipeline in the US, crippling gas distribution systems in the Southeast, The FBI blamed the attack on DarkSide, a cybercriminal gang based in Eastern Europe, for which Colonial is said to have paid a $5 million ransom.
Elliptic discovered that DarkSide obtained $90 million in bitcoin from 47 different wallets after finding and analyzing the hacker group’s wallet.
Several governors in the Southeast have declared emergencies due to long lines at gas stations and gas shortages.
The DarkSide’s wallet was cleared of $5.3 million in bitcoin on Thursday. The $5.3 million in bitcoin was rumored to have been confiscated by the US government.
Last Thursday, Joe Biden was questioned about the alleged ransom paid to the hackers.
This comes after the Biden Administration did nothing and claimed the cyberattack was a “private sector” problem, despite the fact that it impacted gas distribution in a third of the world.
“Were you briefed on the fact that the company did pay the ransom?” a reporter asked.
Biden’s brain took a few seconds to catch up, and he eventually replied, “I have no comment on that.”
DarkSide uses a business model known as “ransomware as a service,” in which the hackers create and market ransomware tools, which they then sell to other criminals who use them to carry out attacks. Ransomware is a form of malicious software that encrypts data and prevents users from accessing it. In exchange for restoring access, hackers demand a ransom payment — usually in cryptocurrency.
“To our knowledge, this analysis includes all payments made to DarkSide, however further transactions may yet be uncovered, and the figures here should be considered a lower bound,” said Tom Robinson Elliptic’s co-founder and chief scientist.
Since people who deal with Bitcoin do not have to disclose their identities, it has earned a reputation for being used in illegal activity. The digital ledger that underpins bitcoin, on the other hand, is open to the public, allowing researchers to track where funds are sent.
The ransomware assault on the Colonial Pipeline was one of a spate of ransomware attacks that made headlines last week. Toshiba’s European unit was hacked, with the attack blamed on DarkSide, while Ireland’s health service was also struck by ransomware. President Joe Biden signed an executive order on Wednesday aimed at bolstering the United States’ cybersecurity defenses.