Feds Seize Payment Made to Pipeline Hackers

The hackers who targeted the operator of a vital US pipeline system in a ransomware attack have lost most of their ill-gotten gains, the Justice Department says. Officials said Monday that a new FBI ransomware taskforce led an operation to recover ransom paid in cryptocurrency by Colonial Pipeline, the AP reports. The company, which operates the system that provides around half the East Coast's fuel, paid the equivalent of $4.4 million in ransom to bring their systems back online after the May 7 attack. The Bitcoin payment is now valued at around $2.3 million, and authorities say most of it has been recovered.

"The old adage 'follow the money' still applies," Deputy Attorney General Lisa Monaco told reporters. The cyberattack was linked to an Eastern Europe-based criminal organization known as DarkSide. Officials say they obtained a warrant Monday enabling them to capture the Bitcoin from a virtual wallet connected to the group, the Wall Street Journal reports. "The misuse of cryptocurrency is a massive enabler here," Deputy National Security Advisor Anne Neuberger tells CNN. "That's the way folks get the money out of it." (Cybersecurity experts say the hackers only needed one compromised password.)