Get the scoop on finance - sign up for mobile alerts
Categories: Bitcoin
| On
May 17, 2021

Blockchain Analytics Firm Tracks Down BTC Wallet of Hackers Who Caused US Gas Shortages

By Daily Hodl Staff

Blockchain analytics firm Elliptic says it has identified the Bitcoin wallet that hackers used to receive ransom payment from Colonial Pipeline, one of the largest fuel pipeline operators in the US. 

The Eastern European criminal group DarkSide is linked to the ransomware attack that compromised the computer system of Colonial Pipeline, causing several days of outage, fuel shortage, and gas price increase. 

ADVERTISEMENT

The Georgia-based pipeline operator, which provides about 45% of the east coast’s fuel, reportedly paid nearly $5 million in cryptocurrency to restore its disabled computer network.

Elliptic says that DarkSide’s Bitcoin wallet received 75 BTC from Colonial Pipeline on May 8th. An analysis of blockchain transactions also reveals that the wallet received 57 payments from 21 different wallets, which include the 78.29 BTC from Brenntag, indicating that the chemical distribution company was also a victim of DarkSide.

“The affiliate’s share (the part of the ransom that goes to the deployer of the malware) of both the Colonial Pipeline and Brenntag ransom payments were sent to the same Bitcoin address, suggesting that the same party was responsible for infecting both of these businesses.”

The firm says it also discovered a previously unreported ransom payment of around $320,000 in BTC sent on May 10th from the same exchange used by Colonial Pipeline. 

ADVERTISEMENT

The criminal group’s wallet has been active since March 4th, and Elliptic says it has so far received a total of $17.5 million in crypto payments. 

The US government is speculated to have seized $5 million worth of BTC from the wallet, but Elliptic says that even if this is the case, DarkSide still managed to move the majority of the ransom payment out of the compromised wallet on May 9th. 

The analytics firm says that 18% of the coins were sent to a small group of exchanges and 4% went to Hydra, the largest darknet marketplace that offers cash-out services.

Don't Miss a Beat – Subscribe to get email alerts delivered directly to your inbox
Check Price Action
Follow us on X, Facebook and Telegram
Surf The Daily Hodl Mix
&nbsp
Disclaimer: Opinions expressed at The Daily Hodl are not investment advice. Investors should do their due diligence before making any high-risk investments in Bitcoin, cryptocurrency or digital assets. Please be advised that your transfers and trades are at your own risk, and any losses you may incur are your responsibility. The Daily Hodl does not recommend the buying or selling of any cryptocurrencies or digital assets, nor is The Daily Hodl an investment advisor. Please note that The Daily Hodl participates in affiliate marketing.

Featured Image: Shutterstock/Anastassiya Bezhekeneva