4 comments

[ 2.8 ms ] story [ 15.9 ms ] thread
> A May 27 transfer of nearly 64 bitcoins landed at a virtual address to which the FBI gained access, providing an opportunity to get a warrant and pounce.

What does that mean?

Yeah this was confusing to me as well. I assumed that it was related to the devices that were seized[0] from the darkside group. Maybe this means the keys/wallet was is what the FBI gained access to.

[0] From the article: > On May 13, DarkSide told affiliates that its servers and other infrastructure had been seized, but didn’t specify where or how.

64/75 = ~85% so the non-darkside individual(s) transferred their bitcoins to an address FBI of North District of CA has (Page 7, #34) [1].

How they got it I've yet to see an article on.

[1]: https://www.justice.gov/opa/press-release/file/1402056/downl...

Edit: My assumption is that the blacked out portion names an informant who made the transfer.

Lots of folks in infosec (no idea of the overall prevalence) are advocating for making ransom payments illegal.

One thing i don’t see discussed in that conversation is that the payment itself becomes a liability to the criminals.

That said, there’s no guarantee that the ransomware is no longer in a position to retaliate.