Almost $7M in Bitcoin Held by Colonial Pipeline Attacker Is on the Move
Bitcoin now worth nearly $7 million held by the DarkSide ransomware group involved in the Colonial Pipeline attack in May is on the move, according to blockchain analytics firm Elliptic.
-
Following the attack, which threatened the petroleum supplies of five eastern states in the U.S., DarkSide’s share of the amount paid in ransom remained dormant until Oct. 21, Elliptic said Friday in a blog.
-
The developer of “ransomware as a service,” DarkSide, maintained a wallet to hold its share of the funds, which included 11.3 BTC. That was identified by Elliptic using its intelligence collection and analysis of blockchain transactions.
-
DarkSide subsequently said the wallet had been claimed by an unknown third party, sending 107.8 BTC ($6.8 million) to a new address.
-
These bitcoin have now been sent through a series of new wallets over a period of several hours, with small amounts being ejected at each step – a common money laundering technique to make funds harder to track.
-
Elliptic has linked this activity to ransomware group REvil, with which DarkSide has close ties, being hacked and forced online by a U.S. government-led operation.
Jamie Crawley is a CoinDesk news reporter based in London.
Subscribe to The Node, our daily report on top news and ideas in crypto.
By signing up, you will receive emails about CoinDesk product updates, events and marketing and you agree to our terms of services and privacy policy.
