A group of cybercriminals known as DarkSide hacked into the computer systems of Colonial Pipeline, Georgia, in early May, which supplies about half of all gasoline to the East Coast of the United States.
Then the company’s management announced, for precautionary reasons, that it had completely disconnected the computer system and stopped operating the oil pipelines to prevent the spread of the virus. The company later announced that it had paid hackers $4.4 million (91.7 million kroner) in bitcoins, which at that time amounted to 75 units of this digital currency.
On Monday, the Department of Justice announced that it had tracked down a digital wallet belonging to a hacker group and recovered 63.7 bitcoins from it. According to the current exchange rate, this is more than 44 million kroner. [celá zpráva]
Deputy Justice Minister Lisa Monaco said the successful operation announced by the US authorities shows that if companies report the attack to the authorities in time, they will have a chance to get their money back.
How do viruses attack extortion
In the case of Colonial Pipeline, hackers used an extortion virus from the ransomware family. These uninvited visitors can make a nice mess on the infected device. First, they encrypt all data stored on the hard drive. For their access, the attackers demand a ransom, up to several thousand crowns.
They usually want to pay with bitcoin, because the movements of this virtual currency are difficult to trace, and logically not even the illegal activity of hackers. However, in some cases, bitcoins cannot be traced from the ransom at all.