Did the FBI get full access to DarkSide hackers’ BTC wallets? Analysts Shed Light on Colonial Pipeline 63.7 BTC Buyback Return
The FBI may have access to much more BTC in hacker group addresses.
Not so long ago, hackers staged an attack on JBS USA Holdings Inc. Cybercriminals demanded a ransom for restoring systems to JBS factories.
JBS USA Holdings Inc is the largest beef, poultry, pork processing and meat distribution company worldwide from Australia to South America and Europe.
The company was forced to pay a ransom to hackers in the amount of $ 11 million in Bitcoin in order to restore systems and protect itself from new attacks.
André Nogueira, chief executive of the Brazilian meat company’s US division, said the pay was painful for the company.
According to the Wall Street Journal, the US Federal Bureau of Investigation said the attack on JBS REvil was carried out by a criminal hacker group with ties to Russia.
Earlier, the FBI has already managed to recover 63.7 BTC from the ransom in the amount of 75 BTC, which was paid by Colonial Pipeline to the hacker group DarkSide, also associated with Russia. Then the DarkSide attack on the country’s main pipeline caused fuel shortages for many people in the United States. And the company was forced to pay the ransom to the criminals. But the timely intervention of the FBI facilitated a quick return of the money.
After such a quick operation by the secret services, the crypto community questioned the methods they used to gain access to the private keys for the target address.
But the crypto-asset insurance company Evertas explained that the DarkSide group was already on law enforcement’s radar. They have long since lost control of their infrastructure, including the ability to extract crypto funds.
According to the affidavit, the private key for the specified address was in the possession of the FBI in the Northern District of California and not in real money.
Evertas analysed the translations using a combination of open source tools and subscription-based blockchain analytics. The company revealed that in early May, a hacker group split the ransom into three locations.
Analysis shows that DarkSide hackers controlled several addresses until mid-May. A total of 114 BTC was stored at these addresses. On June 7, the same 63.7 BTC were seized from one of the addresses. Evertas believes that the FBI also controls the rest of the addresses:
“Evertas suspects that the FBI is likely now in control of the remaining nearly 114 BTC and may be working to tie up other payments made by DarkSide by other victims of the hacker RaaS [Ransomware as a Service], before proceeding with an official confiscation of the remaining funds.”
Analysts at GlobalData believe that such a special operation only means that cryptocurrencies have become much less secure. In their opinion, this “takeover” sets the path to control the fiat currency.
GlobalData Topic Analyst Danjal Rashid said:
“Bitcoin was supposed to free us from government control: decentralized and not subjected to the government. The fact that the US government was able to get most of this ransom back despite being paid in Bitcoins directly contradicts this.”