Cryptocurrency markets are in retreat after the Department of Justice announced that a recently formed task force had seized the Bitcoin paid in response to the Colonial Pipeline hacking.
On Monday, the DOJ released a press statement announcing that the bitcoin sent to the Darkside hacking group for ransom payment had been recovered by a nascent task force that was deployed shortly after the attack. According to affidavits released alongside the statement, the operation was conducted by, or at least with the assistance of, the FBI Cyber Crimes division.
"There is no place beyond the reach of the FBI to conceal illicit funds that will prevent us from imposing risk and consequences upon malicious cyber actors," said FBI Deputy Director Paul Abbate in the DOJ's release. "We will continue to use all of our available resources and leverage our domestic and international partnerships to disrupt ransomware attacks and protect our private sector partners and the American public."
In all, $2.3 million worth of bitcoin has been recovered by the FBI. While the assets paid as ransom were initially valued at $4.4 million when Colonial Pipeline issued its payment, transaction fees, and a volatile crypto market almost halved the value of the ransom.
The news delivered a considerable blow to crypto markets, with Bitcoin itself taking the brunt of the impact. The selloff that caused the bear market is likely due to fear, due to initial rumors that the crypto wallet used by Darkside had been breached by the FBI, likely causing a panic over the security of cryptocurrencies. The FBI, however, had been able to retrieve the ransom by recovering the password for the wallet rather than somehow breaching its security. How the FBI obtained the password, however, isn't currently known.
Regardless of how much value it had lost, the recovery of the ransom is good news for law enforcement and cybersecurity experts abroad. The tactics used by the FBI will likely find their way to other agencies in time, potentially allowing law enforcement to track cyber criminals more effectively.