Almost $ 7 million in bitcoins received by the hacker group DarkSide after the attack on the Colonial Pipeline and subsequently stolen from them continue to move around the Bitcoin network.
The ransomware group DarkSide participated in the Colonial Pipeline attack in May. The attack threatened oil supplies in the five eastern states of the United States. The pipeline company paid the ransom, but the hackers hacked the hackers and the bitcoins were stolen.
information Elliptic, with the amount of BTC paid out by DarkSide as a ransom, did not complete any transactions until October 21st. Developer DarkSide had a wallet to hold its ransom share, including 11.3 BTC from the Colonial Pipeline. On May 13, DarkSide announced that its infrastructure had been taken over by an unknown third party. On the same day, the wallet was emptied and 107.8 BTC was sent to a new address.
This morning, $ 7 million worth of bitcoins at the current exchange rate were transferred through several wallets. Small amounts have been withdrawn at each stage. This is a common method of laundering money and is used to make it difficult to track assets and make it easier to convert them into fiat currency. The process continues, but small amounts have already been sent to well-known exchanges.
The DarkSide hack happened on the same day that the REvil ransomware group was
hacked and disabled during a government-led operation. DarkSide ransomware shares many similarities with REvil, including the structure of ransom requests and the use of PowerShell to remove shadow copies from the network.