This would leave the possibility that FBI was able to somehow hack the hackers, but IMO this would not make sense, because why would they be creating private keys on a new server?
Sorry I didn't get it - What did you mean by creating private keys on a new server (who?) & how is it related to the possibility that FBI might have hacked the hackers? Thanks
Well coin was sent to bc1qq2euq8pw950klpjcawuy4uj39ym43hs6cfsegq on May 27. Why was the coin sent to this address that day? Under what circumstances?
If the above address was created by the hacking group, it would have been done so on a server the FBI was able to compromise and access the private key. When coin was
sent to the above address, every address spend-linked to the address was zero'ed out, so it is theoretically possible the FBI was able to compromise the server the private keys were being stored in when the hacking group was receiving ransom payments. Being that the group had previously announced they are shutting down, it is not unreasonable to believe they were in the process of cashing out all of the payments they had received in their various hacking endeavors.
If bc1qq2euq8pw950klpjcawuy4uj39ym43hs6cfsegq was created on a new server the FBI compromised, the hacking group would have created a new private key on a new server. There would be no reason for the hacking group to do this, and as such, I believe discredits the theory the FBI was able to hack the hacking group.