Ransomware
May 25, 2021

Colonial Pipeline

The hacker group DarkSide, allegedly behind the May 7 cyberattack on the American oil pipeline operator Colonial Pipeline, received a total of $ 90 million in cryptocurrency from its victims.
Colonial Pipeline told the victims that a ransomware virus had been installed on their systems and encryption mechanisms had been activated. The hackers threatened to release and ransom users’ data to get the keys to the decryption.
The hack affected the majority of the pipeline system’s assets, but none of the underground petroleum storage tanks were affected.
The ransom could also have been paid in Bitcoin, which is used to the tune of $1,000 in one transaction, and three other altcoins. The attackers would have made $ 14 million for themselves with such a cryptocurrency deal.
The hackers demanded that the deadline to pay the ransom was set for the end of the week. However, the operation was brought to a halt by a team from the FBI. The hackers claimed they had received only 15 percent of the ransom money.
The hackers made an effort to keep their identities secret by changing the company’s name, uniting the malware program with a file recovery tool and demanding money through the dark web instead of legitimate channels.
Colonial Pipeline’s workers also tracked the movement of the hackers in order to catch them. It’s not yet known how long the hackers managed to remain hidden from the authorities.