1. Skip to content
  2. Skip to main menu
  3. Skip to more DW sites

US investigators recover crypto from fuel pipeline ransom

June 7, 2021

The Justice Department said that it has managed to recover most of a Bitcoin ransom paid to hackers who shut down a key pipeline in the United States last month.

https://p.dw.com/p/3uYek
An image of a laptop computer screen with code on it
The attack, alleged to be done by Russian hackers, has further raised tensions between the US and RussiaImage: picture alliance / Alexey Malgavko/Sputnik/dpa

United States investigators said on Monday that they have clawed back millions in cryptocurrency paid as a ransom to hackers who shut down a key pipeline last month.

Deputy Attorney General Lisa Monaco said the US Justice Department had seized 63.7 Bitcoins, currently worth $2.3 million (€1.8 million), paid by the Colonial Pipeline company after a cyberattack last month led to massive shortagesat gas stations on the East Coast.

Fuel tanks are seen at Colonial Pipeline Baltimore Delivery in Baltimore, Maryland on May 10, 2021
The Colonial Pipeline Company ships gasoline and jet fuel from the Gulf Coast of Texas to the populous East Coast through 5,500 miles (8,850 kilometers) of pipeline, serving 50 million consumersImage: Jim Watson/AFP/Getty Images

"The extortionists will never see this money," said Stephanie Hinds, the acting US attorney for the Northern District of California, where the seizure warrant was filed.

Investigators tracked the payment to a cryptocurrency wallet used by the hackers, believed to be based in Russia.

Officials working on the case have "found and recaptured the majority" of the ransom paid by Colonial, Monaco said.

"Today, we've turned the tables on DarkSide," she said, referring to a ransomware group widely believed to have been behind the crippling fuel pipeline attack.

What happened after the attack?

The hack caused a shutdown lasting several days, leading to a spike in gas prices, panic buying and localized fuel shortages. 

It posed a major political headache for President Joe Biden as the US economy was starting to emerge from the COVID-19 pandemic. 

Drivers fill their tanks at a gas station in East Ridge, Tennessee
Drivers on the East Coast lined up to fill their cars amid shortages and panic buyingImage: Matt Hamilton/Chattanooga Times Free Press/AP/picture alliance

Colonial Pipeline had said it paid the hackers nearly $5 million to regain access. But Bitcoin's value has dropped in recent weeks, trading at around $36,000 on Monday after hitting $63,000 in April.

The FBI generally discourages payment of ransom, fearing it could encourage additional hacks. 

The White House called on senior executives and business leaders last week to step up security measures to protect against ransomware attacks.

The topic is expected to be on the agenda when President Joe Biden meets with Russian President Vladimir Putin in Geneva later this month. 

How did hackers compromise US government agencies?

jf/msh (AP, Reuters)