US Recovers Millions in Cryptocurrency Paid To Colonial Pipeline Ransomware Hackers

US investigators have recovered millions of dollars in cryptocurrency paid in ransom to hackers whose attack prompted the shutdown of the key East Coast pipeline last month, CNN reported Monday, citing people briefed on the matter. From the report: The Justice Department on Monday is expected to announce details of the operation led by the FBI with the cooperation of the Colonial Pipeline operator, the people briefed on the matter said. The ransom recovery is a rare outcome for a company that has fallen victim to a debilitating cyberattack in the booming criminal business of ransomware. Colonial Pipeline Co. CEO Joseph Blount told The Wall Street Journal In an interview published last month that the company complied with the $4.4 million ransom demand because officials didn't know the extent of the intrusion by hackers and how long it would take to restore operations. But behind the scenes, the company had taken early steps to notify the FBI and followed instructions that helped investigators track the payment to a cryptocurrency wallet used by the hackers, believed to be based in Russia. US officials have linked the Colonial attack to a criminal hacking group known as Darkside that is said to share its malware tools with other criminal hackers. Update: Law-enforcement officials said they have seized nearly 64 bitcoin of 75 bitcoin in ransom paid.

Makes no sense.

[NFN_NLN]

"the FBI and followed instructions that helped investigators track the payment to a cryptocurrency wallet used by the hackers, believed to be based in Russia."

Explain why the 'hackers' wouldn't be using a cold wallet. They sound like fall guys.

Re:

[NFN_NLN]

You could generate a public/private key pair for a wallet offline. Tell the victim to deposit money to that public address -- literally untraceable. There is NO connection to account owner.

Sit on the money for a year or two until the heat cools off, then launder the digital money through other accounts, automatic exchanges, splitting it up into smaller and smaller pieces each time. At some point it wouldn't even be worth tracking.

Re:Makes no sense.

[stabiesoft]

Two problems, Most would not want to sit on multiple millions for years. Second, the feds have a great deal of patience. Think about how long the average trial takes to happen as just one example.

Re:Makes no sense.

[luvirini]

Indeed.

Basically if you try to use bitcoins that are high enough profile to be worthwhile for someone to monitor, every transaction out from the receiving wallet will cause a tracking of "what was it used for?" and "Can this be used to trace them to a person", thus making them very hard to use.

Re:

[WankerWeasel]

You don't think the FBI has the ability to track that kinda thing? Seems pretty trivial to track really. Monitor a wallet and then monitor any and all transactions to or from it to subsequent places. No different than how we track transactions now through banks.

Re:

[ghoul]

The whole point of moving away from dollars to bitcoin is that only the US govt has subpoena power on USD transactions whereas BTC is a more level playing field for all govts.

Re:

[WankerWeasel]

But the value of bitcoin is 100% tied to the value of the dollar. Therefore it's not a currency. It's a sudo-asset at very best.

Re:

[Hylandr]

It's tied to whatever currency you desire to sell it for. the USD can fade into obscurity, crypto will hold value for whatever it's going to be traded for. Be that Dollars, Rubles, Dinar, Sex, Food, or other goods.

Re:

[ShanghaiBill]

There are tumbler/mixing services that can easily scramble a few dozen bitcoins.

Some tumblers refuse to accept "hot" coins, but others will mix them for an extra fee.

Re:Makes no sense.

[dasunt]

Some tumblers refuse to accept "hot" coins, but others will mix them for an extra fee.

So what percentage of those tumblers are run by various law enforcement agencies?

Re:

[DrXym]

It's an interesting point. And the law enforcement agencies would even turn a small profit from operating it.

Re:Makes no sense.

[bsane]

Of the ones that aren't:

- US based, or have a US operator would comply with a NSL or go to prison
- Almost any western country gets the same result, but with extra steps
- Russia or China- depends on whether they were state sanctioned, and whether or not they want to give them up
- Anywhere else wouldn't offer enough protection of the US gov wanted to fuck you bad enough

Even the swiss banking system eventually caved to the US, although we've probably lost enough control that wouldn't happen again.

Re:

[LostMyAccount]

The leverage that gets at banking like Switzerland is that they have large institutions like Credit Suisse and others that would like to have useful access to US financial markets. There's probably a fair number of boutique Swiss banks that would be find just holding overseas money for privacy/tax evasion purposes, but their larger brethren have more sway over the local government which values large-scale international banking over small banks hiding money for rich people, so they're willing to change the

Re:

[gweihir]

It is pretty reasonable to expect that mixing services do not have much of a future. The way to do this is not to close them down, but to require them to keep full records, this making them worthless. There are enough laws to make that happen already, and the feds begin to apply them. The driver will mostly be tax evasion, I expect.

Re:

[ShanghaiBill]

require them to keep full records, this making them worthless.

Good luck enforcing your requirements in Ouagadougou or Minsk.

Re:

[gweihir]

require them to keep full records, this making them worthless.

Good luck enforcing your requirements in Ouagadougou or Minsk.

Actually very easy to do. The trick is to require anybody using such a service to provide full documentation unless the exchange does it. Otherwise you could just do money-laundering via a regular bank in Ouagadougou or Minsk. Well, you probably can as long as the amount is small...

Re:

[ShanghaiBill]

The trick is to require ...

Who is doing this "requiring"?

How will they enforce the "requirement" on a tumbler located at an anonymous TOR address?

Re:

[DrXym]

Why would anyone want to use a tumbler unless their coins were "hot"? How does the tumbler even know for a fact they are? And if a tumbler has the reserves to launder millions of dollars then I'm quite certain the feds would be super interested in their operations too.

Re: Makes no sense.

[reanjr]

Privacy would be the obvious reason. From your spouse. From your business partners or co-workers. From the IRS.

Re: Makes no sense.

[Moryath]

From your spouse.

If you're in a marital-property state, likely illegal. Especially if you wind up in a divorce with asset records subpoenaed.

From your business partners or co-workers.

In the real world this is a crime called "Embezzlement."

From the IRS.

In the real world this is a crime called "Tax Evasion."

Re: Makes no sense.

[ShanghaiBill]

Illegal is not the same as "hot".

"Hot" means that law enforcement is actively looking for it.

The Colonial Pipeline bitcoins are hot. The bitcoins I traded my wife's engagement ring for are not.

Re:

[bsane]

Since every bitcoin transaction is public there are legit reasons to tumble that aren't illegal. Hiding my purchases from coworkers or acquaintances is legal- as long as theres not intent to defraud. If I'm a business and accepting bitcoin for payment, its 100% legit to tumble before spending, in fact not doing so would give my competitors insight into my operations.

I could see a requirement to report tumbling to the IRS, but it absolutely is a legit privacy issue.

Re: Makes no sense.

[e3m4n]

Im just waiting for the headline of someone known programmers to be found dead from some random accident. Something more subtle than polonium poisoning. Im certain there are a few kill orders out for them now that they went high profile targets.

Re: Makes no sense.

[Serzen]

Falling from windows was a bit of an epidemic in Russia recently.

Re:

[rtb61]

Here let me fix this for you "if you try to use bitcoins that are high enough profile to be worthwhile for someone to monitor" to "if you try to use bitcoins that are high enough profile to be worthwhile for AI to monitor an AI capable of monitoring billions of transactions". Relational consolidation of all bitcoin transactions, servers used, IP addresses, routers and associated network traffic from those end clients, network connections links to data accessible servers matching people to IP (any logins, no

Re:

[WankerWeasel]

And with BitCoin, laundering it is going to take time and cost you money. You may be able to automate some of the work but you can bet the FBI can also automatically track it too.

Re:

[Ostracus]

That...that...sounds too much like work. People who get into white collar crime mostly do it because they don't want to get into honest HARD work.

Re:

[sinij]

I don't know about these criminals, but I am willing to put couple hours of work into generating a new wallet if the payoff is in millions.

Re:

[rudy_wayne]

You could generate a public/private key pair for a wallet offline. Tell the victim to deposit money to that public address -- literally untraceable. There is NO connection to account owner.

Sit on the money for a year or two until the heat cools off, then launder the digital money through other accounts, automatic exchanges, splitting it up into smaller and smaller pieces each time. At some point it wouldn't even be worth tracking.

You are mistakenly assuming that all hackers are smart. They are not.

Re:

[gweihir]

You are mistakenly assuming that all hackers are smart. They are not.

The other thing is that many hackers do not have a clue how things outside of their area of expertise work. Hiding and using ill-gotten money is _hard_.

Re:

[DrXym]

I'm sure the Feds have tools to monitor bitcoin transactions and alert them to activity even if the coins sit in a wallet doing nothing for a few years. And if you launder your ill-gotten games e.g. via a tumbler, that you're just exchanging your dirty money for someone else's. And probably Feds also have heuristic tools to see what's going into the tumbler and where it's coming out and inferring what is going on. So after you wash your money you're probably no closer to being safe than before, probably les

Re:

[clambake]

Eh, except in the real world you can never wait long enough for the heat to cool off. EVERYTHING in the blockchain is visible to EVERYONE, including FBI computers who's only reason to exist is to watch for those specific bitcoins to move and track everyone who touches them. That computer will never get tired and will never miss a transaction. Bitcoin is the best thing that ever happened to law enforcement, just nobody understands it yet.

Re:

[arbiter1]

Or it was made using stolen ID so persons name that is on it has no idea.

Re:

[nomadic]

If the FBI somehow got their private key the cold storage wouldn't do much.

Re:

[NFN_NLN]

1. ???
2. ???
3. ??? (original)
4. The FBI gets their hands on the private key of your cold wallet.

You're doing it wrong. Normally you only have an unreasonable or impossible step for #3.

Re:

[DamnOregonian]

Doing it wrong as he may be, he's right.

They got the private key. They don't say how ($5 wrench?) but they have it, and used it to seize its contents.
It's in the warrant.

Re:

[gweihir]

If the FBI somehow got their private key the cold storage wouldn't do much.

That will only realistically happen after they have gotten their hands on whoever has the keys to the cold wallet and they managed to get cooperation out of that person.

Re:

[Kaenneth]

Torture is generally unreliable because the people would say anything, even lies to make you stop.

But if there is an instantly verifiable password you want...

Re:

[thegarbz]

Explain why the 'hackers' wouldn't be using a cold wallet. They sound like fall guys.

You seem to think that these "hackers" are like Dade and Kate hacking the gibson, full of brains and skill (but likely without the dose of bad 90s acting).
More likely they are just a bunch of criminal morons. Ransomware generators are bought easily all over the internet. You get a nice customisable piece of malware with idiot proof checkboxes to determine functionality, and you just find some way to get it in the system which is also easily done by paying someone for a user and password database and seeing

Higher corporate taxes

[ghoul]

The whole story sounds fishy to me. If the hackers are based in Russia why is the wallet in California. Sounds much more plausible this is US govt run ransomware. No need to raise corporate taxes via Congress. Just do ransomware attack, have the company pay ransom, then magically capture the Bitcoin and add it to the Federal budget as proceeds of crime. Higher corporate taxes achieved with no messy Congress budget needed.

Re: Higher corporate taxes

[sglewis100]

Youâ(TM)re suggesting a budget measured in trillions is having a massive spending increase covered by a secretive ransomware campaign worth mere millions? Oh boy.

Re:

[ghoul]

Millions per company. There are millions of companies.

Re:

[skids]

This was ransomware-as-a-service. The sellers of the ransomware were the ones in Russia. Who knows who was buying. You think if you go to someone selling ransomware services and do foolish things with your wallet that the ransomware vendor is going to hold your hand and teach you to do it right? No, they'll just give you your cut and let you get busted, as long as they are confident that they have covered their tracks... or in this case, don't need to.

Re:

[Jeremi]

Explain why the 'hackers' wouldn't be using a cold wallet. They sound like fall guys.

One possible explanation: the "hackers" aren't as smart as they might think they are. Not every criminal is a criminal mastermind.

Re:

[bhcompy]

"We have decided that a cyber attack can trigger Article 5...It doesn't matter if an attack is kinetic or cyber, we will assess as allies when it meets the threshold...and it sends a message that we are cyber allies." [twitter.com]

Re:

[Stoutlimb]

Cyber allies... sounds like a bad 90's cyberpunk film, or gay p0rn.

Re:

[g01d4]

treat ransomware attacks similarly to terrorism

Your link was only a few days old and this should have been done long ago. If the official definition of "terrorism" needs to be tweaked then so be it. I don't agree with the corporations are 'people' argument but the courts seem to and, as we've seen, corporations can be held hostage.

This is not how it works...

[sinij]

"Victim funds were seized from that wallet, preventing Darkside actors from using them," he said.

What does "seized" even means in this context? Is that the same "seized" as in "I know your public key" or is this something more impressive as identifying wallet's owners?

Re:

[MachineShedFred]

Or waterboarding the wallet's owners until they give up the credentials?

Re:

[gweihir]

If they have the owners. Does not sound like they do.

Re:

[Actually, I do RTFA]

As I understand it, this, along with the criminal group's public dissolution, is part of their "good lord, we went too far and don't want a CIA wet team to visit us" contingency plan.

Re:

[shipofgold]

If I had to guess, I would say that the money was seized at the point where they tried to convert it to fiat currency and introduce it into the traditional banking network. Many more possibilities exist for the governments to seize a wire transfer depending on the institution that it transits.

Re:

[gweihir]

"Victim funds were seized from that wallet, preventing Darkside actors from using them," he said.

What does "seized" even means in this context? Is that the same "seized" as in "I know your public key" or is this something more impressive as identifying wallet's owners?

It pretty much means "hacked the wallet", likely due to some abysmal OpSec fail on the attacker side (the irony!), but not identified anybody connected. Likely not done by the FBI at all, but by the NSA TAO and the FBI just takes credit. The most plausible way this goes is that they hacked the machine the wallet was on and then waited for somebody to access it and recorded the passphrase. After that the wallet is theirs, but identifying people can still be somewhere from exceptionally hard to impossible.

Re: This is not how it works...

[crobarcro]

It probably means they asked coinbase, where the bitcoins ended up to hand over the assets

Re:

[thegarbz]

Is that the same "seized" as in "I know your public key" or is this something more impressive as identifying wallet's owners?

Nope. They know their *private key* and used it to transfer money away from the wallet's owners. How they obtained the private key is an interesting question.

Re:

[shipofgold]

Scenario I am thinking is:

1) badguy wants to convert to $$ and transfers coins to a conversion site account. Private key required.
2) on conversion site badguy sells bitcoins to someone else by tranferring to their wallet.
3) Third party then transfers $$ via traditional banking system back to badguy.

If the Third party cooperates with government, then the money can be recovered in step 3. As far as I can tell it says the 'ransom' was recovered...doesn't say it was in bitcoin form when it was recovered.

Not a good idea

[lsllll]

Piss off the hackers and they'll break back in and this time ask you for 440 million. Just get on with it and tighten you shit up!

Re:Not a good idea

[timeOday]

I think the opposite - this is a huge blow to ransomware because if they can size the payments, the motive disappears.

As for "just have perfect cybersecurity and nothing bad can happen to you," it's not realistic.

Re:

[lsllll]

I doubt it. Hackers will find ways to get paid.

As for these hackers, they may be pissed off enough that they'd just hack back in and do a whole bunch of shit the company wouldn't be able to recover from.

Re:

[gweihir]

Hacking a target with reasonable security is actually pretty hard and expensive.

The Hacers should be paid double

[aberglas]

And the hacking should be legalized.

That will make targets treat their security seriously.

Imagine if there is ever serious trouble with China. They will do a much better job at hacking that some random crooks. And with the current state of security they could shut the country down. Or worse.

We need more hackers, more ransoms paid. Until it becomes technically virtually impossible.

Re:

[geekmux]

And the hacking should be legalized.

That will make targets treat their security seriously.

Imagine if there is ever serious trouble with China. They will do a much better job at hacking that some random crooks. And with the current state of security they could shut the country down. Or worse.

We need more hackers, more ransoms paid. Until it becomes technically virtually impossible.

Since the concept of Penetration Testing is easily made legal with those things called contracts, where we enlist trustworthy people to test your security, be careful with your wording here.

The way you put it, doctors should hire convicted murderers in order to teach them how to be better doctors by having them kill people. The only thing that's "technically virtually impossible" here is trusting a criminal.

"OK, OK, you proved your point by hacking in and draining our bank accounts...can we have our mone

Re:

[gweihir]

Wrong. This is exactly what should happen. Next steps are to identify the attackers, but that may be hard or impossible.

But you do something in addition: You make it very clear to the ones attacked due to their abysmally bad IT security that if this happens again, a nice wall will be found to line them against and dispose of them (figuratively, but a threat of a long prison sentence and seizure of personal assets should do the trick). Then the attackers will a) not get in again and b) if they do a nice reco

Re:

[Canberra1]

The Russian Mafia, or fellowship of thieves will do what they did when Cyprus froze their bank accounts. Send over a well motivated collector to personally explain it to the bank manager, to pay or die. A simple binary proposition. And they have very long memories. If one were a life insurance company, they should have the sense to cancel exec life policies, before the carnage begins - or they just send the confiscated money - silently. The good news is Russian bagmen, may in future, decide that line of oc

Re:

[NFN_NLN]

You're mixing bitcoin and it's ledger with the outside world.

You can transfer money to any RANDOM bitcoin account today. Who exactly would the account belong to? In fact it could belong to nobody. The key pair is generated offline. There is zero chance of tracking it to a person at this point.

To continue further, you could then transfer these bitcoin to any other bitcoin account. The bitcoin interaction has no link to the real world unless you make one.

Re: Not a good idea

[crobarcro]

But what is the point of owning the bitcoin? As soon as you exchange them for something in the real world the anonymity disappears.

Re:

[DamnOregonian]

I mean, you're technically right, but the FBI has been tracking shit like that forever.
They walk into any situation assuming they're going to have to follow anonymous transactions to a pair of hands. It may even take them years. But they'll do it.
Follow the money.

Re:

[MachineShedFred]

Just like they used to with bearer bonds - anonymous instruments of wealth transfer in paper form.

Put It In Our Piggy Bank

[organgtool]

I don't know what the usual protocol for this is, but this is one case where I hope the Feds keep the money instead of giving it back to Colonial.

The FBI has the private key

[Tokolosh]

https://www.scribd.com/documen... [scribd.com]

The money shot is in paragraph 34 at the end. The question becomes: How did the FBI obtain the private key?

Re:

[algaeman]

drugs and a $5 wrench?

Re:

[kyoko21]

Sounds like FBI had the key to began with and whoever was mixing the funds around sent it to an address that had been previously utilized/compromised. This is why if you are to receive something, you never reuse an address. One and done.

Re:

[gweihir]

This is pretty easy if you have the "five eyes" support you:
1. Find the computer the wallet is on by large-scale network traffic analysis. Sounds impressive, but it is not. I have done this (in a research context) in the past.
2. Hack that computer. The NSA TAO may have risked a zero-day for that. More likely the computer had just shoddy security.
3. Change the wallet code to send you the key when opened.
4. Wait for anybody to log in and access the wallet.
And then you have the key.

Re:The FBI has the private key

[mbkennel]

I saw the Scribd document. There was a gap in time between May 9 (end of probable hacker's movement) and then a burst of transactions on May27 when BTC from multiple wallets were all were transferred to the wallet with the private key known to the FBI.

Hypothesis: between May 9 and May 27, the NSA was able to enter the computers of the ransomware, and install compromised wallet interface software which was bugged. The malefactors entered their authorization credentials. The NSA used those to send to a new wallet created to receive the funds.

Re:

[skids]

Yeah it's unclear (as in probably intentionally not stated) from the warrant who caused the last transaction putting the coin in the wallet the FBI had the key to... If that wallet was under full FBI ownership that transfer would effectively be a seizure prior to getting the warrant. If it was a wallet owned by someone else but which the FBI knew the key to through other means, that would make more sense in the context of a warrant. IANAL tho.

Re:

[Jeremi]

1. Find the computer the wallet is on by large-scale network traffic analysis. Sounds impressive, but it is not. I have done this (in a research context) in the past.

Can you provide some details on how that process works? I'm curious.

Re:

[ayesnymous]

Israel is one of the "Six Eyes", as revealed by the Snowden documents.

the FBI can tell say chase bank you will reserve c

[Joe_Dragon]

the FBI can tell say chase bank you will reserve charge on the cash paid to the exchange

and will the bitcoin exchange let them cash out?

[Joe_Dragon]

and will the bitcoin exchange let them cash out?

Too bad...

[kyoko21]

Too bad if they actually covert the coin back to fiat now, they would still lose money because they probably got the coin at a high and now with the drop in price, even if they got all the coins back, they would still lose money.

They don't call it volatile for nothing.

A hollow victory...

[Darkling-MHCN]

Seems like only $2.3 has been recovered a relatively small amount when you consider the wallet was used to collect funds from many companies, one of which was Colonial Pipeline who paid nearly double this amount.

Wonder what made the dweebs @

[oldgraybeard]

the NSA decide to give some of the bitcoin back. Maybe the FBI is trying to look relevant again by doing something other than trying and jail their political opponents.

Re:The takeaway here is...

[E-Rock]

Tracing BTC transaction is trivial. It's in the ledger, it's how it works. What I want to know is where did they get the money back? Did the hackers foolishly move it to an exchange the US can pressure, did they hack the hackers and get access to the wallet? There's almost no detail.

Re:

[RoccamOccam]

Are there cryptocurrencies that are generally acknowledged to be untraceable? If so, why would you not demand one of them?

Re:

[Voyager529]

Are there cryptocurrencies that are generally acknowledged to be untraceable? If so, why would you not demand one of them?

Because of the infrastructure around Bitcoin. Companies that specialize in ransomware remediation have Bitcoin on hand to pay readily. There's a sketchy deli two miles away from me with a Bitcoin ATM that I could use to pay some of the smaller ransom payments. Paypal allows Bitcoin transactions now. Getting Bitcoin isn't quite as easy as getting regular cash, but it's as close as you're going to get with a cryptocurrency. Part of what makes ransomware work is ensuring that the ransom can actually get paid.

E

Re:

[E-Rock]

I don't think so. The distributed shared ledger requires participants to validate the transactions.

There are mixers/tumblers that take in crypto and then send it out to new wallet IDs. So no 'direct' link, but the mixer needs to know (at least for a little while) what wallets are connected. Plus you can still track the mixer, so you may not know who it is anymore, but they know you're using a service that has few, if any, legitimate purposes.

As always, who are you hiding from? A mixer is probably effective

Re:

[FeelGood314]

Monero is untraceable. You can look at the monero leger and validate that the transactions are valid and that no one has double spent but you can't see where the money came from or how much. The math is really cool - https://web.getmonero.org/libr... [getmonero.org] There is also a way to make bitcoin transactions private by using zero coins which are tracked on the bitcoin ledger but most people will use monero.

Cann't the bitcoins just be declared illegal?

[aberglas]

The FBI signs a transaction that says the coins are illegal, using the FBI's pubic key. Anyone possessing or transacting in those bit coins is handling stolen property. That would greatly devalue the specific bit coins.

Re:

[PPH]

What I want to know is where did they get the money back?

If paragraph 34 of the warrant [scribd.com] is correct, it might be trivial for the FBI to watch the deposit go into the wallet and then immediately generate their own transfer transaction to a government owned wallet.

Re:

[E-Rock]

Thanks for the link. The 69 BTC they recovered was transferred out of the hackers wallet on 5/27. They went after the target wallet.

Re:

[DamnOregonian]

Did the hackers foolishly move it to an exchange the US can pressure, did they hack the hackers and get access to the wallet? There's almost no detail.

They've successfully hacked "people" to get wallet keys in the past.
Doesn't mean that's how they did it this time, but you never know. Every additional person in a group is an extra point of failure when it comes to pressure points being pressed on by 3 letter agencies.

Re:

[wiggles]

Someone please correct me if I'm wrong, but wasn't the point of the blockchain that every coin transaction is monitored by every holder of the blockchain? So if you use coin 12345 in a transaction, every copy of the blockchain is updated that coin 12345 was used somewhere. Hence, if coin 12345 is used in a ransom payment, anybody with a copy of the blockchain, including the FBI and US treasury, knows that coin was used and where.

Is this correct?

Re:

[mamba-mamba]

It is sort of correct. But bitcoins do not have properties (no serial number). What is in the ledger is a list of transactions. Each transaction has a source address and a destination address and a quantity of bitcoin transferred. The quantity doesn't have to be an integer. You can move 0.1 bitcoin or 2.3 or whatever. However, the ledger does not have additional information that links addresses to people. Presumably the blackmailers would obfuscate the ultimate destination by splitting up the ransom and pas

Re:

[NFN_NLN]

> So if you use coin 12345 in a transaction, every copy of the blockchain is updated that coin 12345 was used somewhere. Hence, if coin 12345 is used in a ransom payment, anybody with a copy of the blockchain, including the FBI and US treasury, knows that coin was used and where.

> Is this correct?

Yes, every transaction is replicated to every blockchain so that information is known.

No, there is no coin 12345, there are no coins. Everything is fungible. All it is, is a ledger with values. So you can'

Re:

[WankerWeasel]

Anyone can trace blockchain transactions. Look at Blockchain Exploreer for instance. You can look them up by bitcoin address, transaction hash, or block number. Means if you or the FBI had the address of the wallet the hackers used to receive payment, they can simply monitor that to see any future transactions to/from it.

Re:

[edi_guy]

I'd say a bit of both. First, I think the FBI is being 'given' credit even though different three letter agency did the work. Plus the whole not-understanding how block chain works part, so article is factually erroneous. And while not omniscient, I think the NSA does have significant capabilities that they aren't willing to reveal for mere ransomware. Maybe they had to give a bit on this one given that the ransomware attacks are hitting hard infrastructure now.

Re:

[gweihir]

Indeed. It is completely clear this was work by the NSA or somebody equally competent. The FBI just lends its public face for that. Completely fine IMO, because this was on the level of a terrorist attack, not some small-time crime.

Re:

[gweihir]

_Everybody_ can trace bitcoin transactions. It is all there publicly in the blockchain. It is not hard to do. The hard part is associating people with bitcoin wallets.

The only way to break the trace is by using a mixing service. But no mixing service will be touching these coins with a 10 foot pole, because the mixing services cannot really hide.

Re:

[ghoul]

And it will fall further as now its proven the FBI can intercept BTC.

Re:

[geekmux]

And it will fall further as now its proven the FBI can intercept BTC.

I don't know about anyone else, but this entire hack smells almost too good. (gave gas prices a nice kick-start, now didn't it? Whats 5 million this month when you can bring in 100 more million next quarter.)

If the next few major ransomware attacks are successful with no ransoms prevented or recovered, then we will likely know the extent of FBI powers.