Colonial Pipeline hackers reportedly bagged $90 MILLION in bitcoin before shutting down

The hacker group DarkSide, responsible for the US Colonial Pipeline cyberattack, received a total of $90 million in bitcoin ransom payments before shutting down last week, according to blockchain analytics firm Elliptic.

Colonial Pipeline, the biggest fuel-carrying infrastructure facility in the United States, which was hit with a devastating cyberattack earlier this month, was forced to shut down for almost a week. The FBI blamed the attack on DarkSide, a cybercriminal gang allegedly based in Eastern Europe.

It was reported earlier that the pipeline’s operator had paid a $5 million ransom to the group. According to Elliptic, DarkSide and its affiliates collected at least $90 million in bitcoin ransom payments, originating from 47 distinct cryptocurrency wallets. The average payment from organizations was likely $1.9 million each.  

Of the $90 million total, $15.5 million went to DarkSide’s developer, while $74.7 million was sent to its affiliates. Most of the funds have been sent to crypto exchanges, where they can be converted into fiat money, Elliptic said.

“To our knowledge, this analysis includes all payments made to DarkSide. However, further transactions may yet be uncovered, and the figures here should be considered a lower bound,” said Elliptic’s co-founder and chief scientist Tom Robinson. 

On Friday, Elliptic announced it had identified the bitcoin wallet used by DarkSide to collect ransom payments from its victims. Later that day, security researchers Intel 471 said that DarkSide had closed down after losing access to its servers and as its cryptocurrency wallets were emptied. According to Elliptic, DarkSide’s bitcoin wallet had $5.3 million worth of the cryptocurrency before its funds were drained. 

DarkSide blamed “pressure from the US,” Intel 471 said, quoting a note from the hacker group.

For more stories on economy & finance visit RT's business section