Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Economics
Merits 2 from 1 user
Re: Official says US seized cryptocurrency ransom paid to Colonial Pipeline hackers
by
kryme
on 08/06/2021, 16:42:02 UTC
⭐ Merited by Hydrogen (2)
A lot of replies here. Here are my thoughts based on what I've read from multiple sources.

The DarkSide hacking group ran a RaaS (Ransomware as a Service) and the wallet used to payout affiliates was stored on a US based cloud server. The FBI physically seized this. The server then contained the wallet / private key. We all know it's possible to track a wallet to an IP address. Colonial Pipeline worked with the FBI from the start. The FBI is obviously running their own nodes to be able to track transactions to IP addresses and this is how it was tracked down to the US based cloud server. I'm guessing these hackers use a US based cloud server to avoid firewall/geo-filter rules from many firewalls. (I know we block all non-US IPs on our network).

Someone else here mentioned the FBI hacking the hackers. Yes, this is something the US government has started doing in recent years. Instead of being reactive, they've started to be proactive and going after these hacking groups before they strike in the first place.