U.S. law enforcement confirmed that they were able to recover $2.3 million paid in Bitcoin to the hacker group behind the Colonial Pipeline attack, according to a June 7 report by CNBC.
In a June 7 press briefing, Deputy Attorney General Lisa Monaco said the money was seized through a court order. The FBI said that foreign-based cybergangs usually use American infrastructure while committing crimes, which gives the FBI a legal opening to retrieve the funds.
The FBI was able to identify the virtual currency wallet DarkSide used to retrieve some of the $4.4 million ransom payment made on May 7.
"Using law enforcement authority, victim funds were seized from that wallet, preventing DarkSide actors from using them," FBI Deputy Director Paul Abbate said.
This is the latest act the Biden administration has taken to discourage ransomware attacks. In an open letter to business leaders on June 2, White House officials said it's developing policies toward ransom payments and tracing and blocking virtual currency proceeds.