A Cybercriminal

Cybercrime: Hackers behind attack on Colonial Pipeline extract $90m from 47 victims

*DarkSide, the hacker group behind the recent shutdown of the Colonial Pipeline in the United States have reportedly extracted over $90million in Bitcoin ransom payments from 47 of the total 99 victims

Gbenga Kayode | ConsumerConnect

Using a Bitcoin wallet to collect ransom payments from their cyberattack victims,   DarkSide, the hacker group behind the temporary shutdown of the Colonial Pipeline in the United States (US) have received over $90 million in Bitcoin ransom payments.

ConsumerConnect had reported that earlier May 2021, the Colonial Pipeline, a 5,500-mile pipeline that supplies fuel to the East Coast of the US, was hit by a cyberattack, causing a system outage and fuel shortages and gasoline price increases for consumers in the country.

The malware attack has led to a shortage in fuel supplies, which in turn, led to crowds at gas stations and higher gas prices.

It was learnt the London-based blockchain analytics firm Elliptic, in a blog post, said it identified the Bitcoin wallet used by the cybercriminals to collect ransom payments from their victims.

Elliptic said: “In total, just over $90 million in Bitcoin ransom payments were made to DarkSide, originating from 47 distinct wallets.

“According to DarkTracer, 99 organisations have been infected with the DarkSide malware, suggesting that approximately 47 percent of victims paid a ransom, and that the average payment was $1.9 million.”

Colonial Pipeline also reportedly paid the Eastern European criminal gang $5 million as ransom over the recent devastating cyberattack on the iconic gasoline facility in the US.

In relation to ‘ransomware as a service’ business model, it was gathered DarkSide issued a statement Monday, May 10, saying it didn’t intend to cause a disruption in the movement of fuel supplies. It operates a “ransomware as a service” business, meaning it developed the software used by the criminals that carried out the attack.

“We are apolitical, we do not participate in geopolitics,” the group said in the statement.

However, in spite of their claim, security researchers said DarkSide and its affiliates netted at least $90 million in bitcoin ransom payments over the past nine months, and the ‘slush’ funds were extracted from 47 victims thus far, report stated.

According to Elliptic, the average payment from affected organisations was around $1.9 million.

Of the $90 million total figure, $15.5 million went to DarkSide’s developer and $74.7 million went to its affiliates.

It was also gathered that a majority of the funds are being sent to crypto exchanges where they can be swapped for other cryptocurrency assets or fiat money.

Tom Robinson Elliptic’s Co-Founder and Chief Scientist noted:  “To our knowledge, this analysis includes all payments made to DarkSide; however, further transactions may yet be uncovered, and the figures here should be considered a lower bound.”

Kindly Share This Story