On June 7, the US Department of Justice and the Federal Bureau of Investigation (FBI) announced the “recovery” of 63.70 Bitcoin from the funds that Colonial Pipeline had sent to the hackers. The official story reveals a number of inconsistencies and federal investigators did not reveal how the FBI was able to confiscate the Darkside gang’s private key.
Darkside ransomware gang story full of discrepancies and a vague Bitcoin key capture
The cryptocurrency space has been discussing the recent seizure of 63.7 BTC, or $ 2.3 million worth of Bitcoin, by law enforcement at the time of the seizure. There have been problems with the way the story unfolded and people are skeptical of the official story. Bitcoin.com News reported Monday how the Justice Department and Assistant Attorney General Lisa Monaco revealed the seizure story. Monaco said the federal authorities had “turned the tables”.
But from the moment this story became known through a number of mainstream media outlets, there was some inconsistency. The first was whether the U.S. government advised Colonial Pipeline to comply with the ransomware requirements or whether they specifically asked the company to pay. If the government were to ask the company to pay Darkside, it would contradict the government’s stance on not paying ransomware hackers.
The criminals used a “payment server” that was easily tracked by the FBI, and their physical cloud server was easily found and searched for a password.
It had nothing to do with it #Bitcoin self.https: //t.co/AmJsHXJRha
– Document Bitcoin 📄 (@DocumentingBTC) June 8, 2021
Another problem with the original story is when CNN originally covered the hack, the news agency claimed the oil company had no intention of paying the ransom. Shortly after, Colonial Pipeline paid nearly $ 5 million to ransomware gang Darkside, according to Bloomberg.
In addition to the two conflicting elements in the CNN and Bloomberg stories, differences in the digital currency used were also noted in the articles. CNN originally reported that payment was being requested in “bitcoin” while Bloomberg wrote that Darkside was asking for “hard-to-track” cryptocurrencies. CNN’s article was updated after Bloomberg’s article was published to reflect the same narrative.
Add to this the fact that it is impossible to crack a Bitcoin (BTC) key without forcing the owner to reveal the private key. This is a constant topic on Twitter as the crypto community discusses how the FBI agent obtained the private key. The story’s affidavit, filed on June 7, 2021, explains how law enforcement agencies used “blockchain explorers” to track down the coins. But otherwise the affidavit is very vague and contains many editorial offices.
The report, published yesterday on Bitcoin.com News, said executives at the Blockchain Intelligence Group (CSE: BIGG) emphasize that law enforcement depends on “training and analysis.” [that] requires advanced tools and learning. ”Other blockchain surveillance companies have also followed ransomware coins, as Elliptic recently wrote about tracking darkside funds.
So far, between all of the Monaco comments, the Justice Department, the FBI agent’s affidavit, and the comments made by some blockchain analysis teams, there are no points that are deeply related to how the FBI gains possession of the private key that is now in their possession Has.
Crypto-Sleuths discover data from hackers stored in the cloud, Feds receive cloud server passwords via warrants
A report published by NPR reveals three possible scenarios. One possibility, notes NPR’s Vanessa Romo, is that the federal agents may have been informed by an insider from the Darkside gang. The second theory is that Darkside was “careless” or a member of the gang slipped by releasing information tied to the key.
Another theory could be that the FBI was able to shake off a third party or possibly a cryptocurrency exchange. Some people even openly attacked Bitcoin’s “main selling point” that it should be “out of the reach of the government”.
There seems to be something strange about this whole case. Has the BTC been sent to an exchange?
– Rick McCracken DIGI (@RichardMcCrackn) June 8, 2021
Lawyer Jake Chervinsky, who regularly comments on the blockchain and crypto space said: “We do not know exactly how the FBI confiscated the ransom money from the Colonial Pipeline” [and] they don’t tell us. The warrant suggests that they received the private key. Maybe from the DarkSide server seizure? There is no evidence that an exchange or custodian was involved, but that is possible. “
The independent journalist Jordan Schachtel commented on the situation and on Twitter told its 123,000 followers that the “FBI” did not “hack back” a Bitcoin wallet, although this was claimed. It’s mathematically impossible to hack private keys. ”Box continuation:
[There is] no evidence of Russian involvement. All of this was completely avoidable if Colonial had taken basic security precautions. I think it’s fair to say that it’s currently impossible to hack private keys. Unlikely isn’t strong enough to show how unlikely it is to keep a private key through computing power. Quanta are still a very theoretical threat.
Box and many others too discovered the warrant indicating that the US government obtained the key using an arrest warrant. The journalist said it might be a San Francisco-based exchange or a database server based in the state of California.
uses a rented cloud server.
The FBI has received a subpoena to take control of the rented server
and recover half of the total of 75 #btc
The FBI did not “crack” Bitcoin.
You have received the wallet encryption key (password) from the server. pic.twitter.com/WwHTRjiHod
– Amy Snow (@helloamysnow) June 8, 2021
Coinbase CSO Philip Martin said he saw many allegations suggesting that Coinbase may be “involved” in the seizure. Martin and Coinbase insist that “Coinbase was not the target of the warrant and never received the ransom or any part of the ransom. We also have no evidence that the funds went through a Coinbase account / wallet. “
The election lawyer, litigator and head of the Bitcoin practice group, Bryan Jacoutot, repeated the fact that Bitcoin private keys cannot be “hacked”.
“For those of you who think the US government failed to crack SHA-256 and guessed the private key used by the Colonial Pipeline hackers,” said Jacoutot. “Here’s a fun fact: Bitcoin’s private key space size is 10 ^ 77. For comparison: The amount of * atoms * in the observable universe is 10 ^ 80. “
A Twitter account called “Cthulhu” mentioned it could be a false flag saying:
Either the FBI was hacking the Colonial Pipeline or they don’t need a key to get someone’s BTC. LOL. I don’t think too much thought has been given to making this fake flag.
“The FBI either got the private keys or they stole them,” another person named Kingt Crypto noticed On Monday. The fact is that the FBI has not cracked a Bitcoin wallet. Nobody can crack a secure Bitcoin wallet. The FBI obtained the private keys for the Darkside Fund by obtaining an encryption key for a cloud server by using a justify issued in San Francisco.
As the story is currently spreading across the internet, there are many skeptics who question the “official” story of the US government.
Do you believe the federal government’s official story about the Bitcoin ransomware Colonial Pipeline case? Let us know what you think on this matter in the comments below.
Photo credits: Shutterstock, Pixabay, Wiki Commons, Twitter,
Disclaimer of liability: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement for any product, service, or company. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author are directly or indirectly responsible for any damage or loss caused or allegedly caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.