Top Department of Justice officials claimed to strike a major blow against the culprits of the Colonial Pipeline cyber attack Monday, announcing that they had seized almost all of the funds paid to the affiliate group responsible for contracting the DarkSide ransomware attack.
Article by Jordan Schachtel from The Dossier.
BREAKING: A law enforcement official says U.S. officials have seized millions of dollars in cryptocurrency paid as ransom after the Colonial Pipeline hack. The cyberattack had caused the nation’s largest fuel pipeline to halt its operations last month. https://t.co/9NTtIr41Q2
— The Associated Press (@AP) June 7, 2021
Colonial Pipeline suffered a ransomware attack in early May and responded by preemptively shutting down the pipeline’s entire operations for some time, forcing a temporary but major energy crisis throughout the Southeastern United States. In order for the computers that maintained the pipeline to get back to full operation, Colonial agreed to pay a ransom in the form of 75 bitcoin, which was worth about $5 million at the time.
Now, here’s where things get weird:
In their triumphant statements this morning, the DOJ claimed to have seized the funds from the group that reportedly paid DarkSide for their Ransomware as a Service (RaaS) attack on Colonial. Notably, they did not secure the funds from DarkSide, which took a fee from the ransom in bitcoin that remains in the possession of the shadowy operation.
“The FBI successfully seized criminal proceeds from a Bitcoin wallet..” pic.twitter.com/F9RCKqSiBD
— Acyn (@Acyn) June 7, 2021
“There is no place beyond the reach of the FBI to conceal illicit funds that will prevent us from imposing risk and consequences upon malicious cyber actors,” FBI Deputy Director Paul Abbate said in a statement. “We will continue to use all of our available resources and leverage our domestic and international partnerships to disrupt ransomware attacks and protect our private sector partners and the American public.”
Now, the DOJ does appear to have secured the affiliate funds, but not in the fashion that it is being advertised by federal officials and widely reported in the corporate press.
This description by The New York Times cyber beat reporters is NOT what happened. To be clear, there was no hack. Feds did not do something innovative here. They used legal mechanisms and tracked a publicly available ledger to secure the bitcoin from this alleged hacking group. pic.twitter.com/exc6VqYZaS
— Jordan Schachtel (@JordanSchachtel) June 7, 2021
Bitcoin is secured through a currently unbreakable cryptographic formula known as a Elliptic Curve Digital Signature Algorithm. You can safely rule out the possibility that the feds broke this form of encryption and were able to pull off this computing power miracle, which is only theoretically possible through the use of quantum computing, a technology that is still very much a work in progress. The feds did not “hack” a bitcoin wallet in this manner, though they certainly seemed happy to give off that impression, as it sows doubt about the security of the bitcoin network.
The DOJ has historically been extremely hostile to bitcoin, labeling it as a preferred monetary system for cyber criminals, despite bitcoin transactions being publicly available to anyone with access to the internet.
A DOJ warrant from Monday morning gives us much more detail about how the government actually secured the bitcoin funds. They did so by obtaining a warrant on a bitcoin wallet or exchange that had servers in Northern California. Yes, you read that correctly. The entity responsible for the ransomware attack did not in fact have custody over their bitcoin. Instead, they were using a custodian for their funds. It is unclear whether this account with servers in the United States is an FBI wallet or the affiliate’s wallet, but the major error in bitcoin 101 custody remains the surprising issue. Using a custodian for your funds instead of maintaining possession of them is a very basic error, especially for an allegedly sophisticated hacking gang. Given that bitcoin transactions are publicly available, it was easy for the feds to track the funds transferred from Colonial to this outfit, as Colonial’s initial transfer to the bitcoin wallet is public information. All they had to do was “follow the money,” which strangely made its way into a U.S. based custodial address.
The latest events surrounding the Colonial Pipeline drama simply do not square with the narratives coming out of the Biden Administration and its stenographers in the corporate press. We were told this much-hyped hacking group of alleged Russians posed a serious threat to our entire critical infrastructure, yet in the same breath happened to have committed a laughably amateurish bitcoin custody faux pas that allowed for the feds to easily take back possession of the affiliate funds.
I will refrain from getting conspiratorial about possible government involvement and leave that to the readers in the comments section. In my opinion, this ransomware attack was successful largely due to Colonial’s lack of basic security measures in place. Similar to the notorious DNC emails hack (with the same claimed Russian government culprits), where John Podesta’s password was literally the word password, the hackers succeeded because Colonial had no measures in place to protect themselves. Everything else in the timeline going back to early May seems blown way out of proportion. Despite the claims made by some powerful people in D.C., there is no compelling evidence that this incident was some kind of Kremlin-directed operation to decimate America’s critical infrastructure.
Gas price begins to soar as 'Kremlin-backed cyber gangsters DarkSide' keep America's biggest fuel pipe offline for FOURTH day https://t.co/9B0hr0oOvn
— Daily Mail US (@DailyMail) May 11, 2021
House Intelligence Cmte Chair @RepAdamSchiff says Russia bears “some responsibility” in the Colonial Pipeline cyberattack “even if they’re not engaged in the conduct themselves,” adding that his committee is “scouring” intel to determine the Kremlin’s “degree of culpability.” pic.twitter.com/cWDRLGIef2
— Hallie Jackson Reports (@HallieOnMSNBC) May 11, 2021
In the end, the Russians and Bitcoin are not the antagonist actors in this story, though the DOJ seems more than happy to promulgate both of these narratives. Once the feds were able to identify a bitcoin “hot wallet” (as opposed to an offline bitcoin wallet that is controlled by the hackers themselves) was connected to online servers, it became a routine process to seize the funds through legal channels.
There’s also the possibility that the feds identified an individual or group in the affiliate organization responsible for contracting the ransomware attack due to some kind of sting operation. Once identified, the FBI may have proceeded to require these entities to send their funds into a bitcoin wallet in Northern California that is controlled by the FBI.
Anyway, the real issue here is how easily this could have all been avoided. It shows how horrifically poor our infrastructure is protected in this nation, to the point where a cheap ransomware attack by unnamed actors can result in a nationwide energy crisis. The story has nothing to do with U.S. adversaries and digital currencies, but of unbelievable incompetence and neglect on the part of Colonial and our overall security apparatus. It’s called *critical* infrastructure for a reason.
‘The Purge’ by Big Tech targets conservatives, including us
Just when we thought the Covid-19 lockdowns were ending and our ability to stay afloat was improving, censorship reared its ugly head.
For the last few months, NOQ Report, Conservative Playbook, and the American Conservative Movement have appealed to our readers for assistance in staying afloat through Covid-19 lockdowns. The downturn in the economy has limited our ability to generate proper ad revenue just as our traffic was skyrocketing. We had our first sustained stretch of three months with over a million visitors in November, December, and January, but February saw a dip.
It wasn’t just the shortened month. We expected that. We also expected the continuation of dropping traffic from “woke” Big Tech companies like Google, Facebook, and Twitter, but it has actually been much worse than anticipated. Our Twitter account was banned. Both of our YouTube accounts were banned. Facebook “fact-checks” everything we post. Spotify canceled us. Medium canceled us. Apple canceled us. Why? Because we believe in the truth prevailing, and that means we will continue to discuss “taboo” topics.
The 2020 presidential election was stolen. You can’t say that on Big Tech platforms without risking cancellation, but we’d rather get cancelled for telling the truth rather than staying around to repeat mainstream media’s lies. They have been covering it up since before the election and they’ve convinced the vast majority of conservative news outlets that they will be harmed if they continue to discuss voter fraud. We refuse to back down. The truth is the truth.
The lies associated with Covid-19 are only slightly more prevalent than the suppression of valid scientific information that runs counter to the prescribed narrative. We should be allowed to ask questions about the vaccines, for example, as there is ample evidence for concern. One does not have to be an “anti-vaxxer” in order to want answers about vaccines that are still considered experimental and that have a track record in a short period of time of having side-effects, including death. One of our stories about the Johnson & Johnson “vaccine” causing blood clots was “fact-checked” and removed one day before the government hit the brakes on it. These questions and news items are not allowed on Big Tech which is just another reason we are getting canceled.
There are more topics that they refuse to allow. In turn, we refuse to stop discussing them. This is why we desperately need your help. The best way NOQ, CP, and ACM readers can help is to donate. Our Giving Fuel page makes it easy to donate one-time or monthly. Alternatively, you can donate through PayPal as well. We are pacing to be short by about $3700 per month in order to maintain operations.
The second way to help is to become a partner. We’ve strongly considered seeking angel investors in the past but because we were paying the bills, it didn’t seem necessary. Now, we’re struggling to pay the bills. We had 5,657,724 sessions on our website from November, 2020, through February, 2021. Our intention is to elevate that to higher levels this year by focusing on a strategy that relies on free speech rather than being beholden to progressive Big Tech companies.
During that four-month stretch, Twitter and Facebook accounted for about 20% of our traffic. We are actively working on operating as if that traffic is zero, replacing it with platforms that operate more freely such as Gab, Parler, and others. While we were never as dependent on Big Tech as most conservative sites, we’d like to be completely free from them. That doesn’t mean we will block them, but we refuse to be beholden to companies that absolutely despise us simply because of our political ideology.
We’re heading in the right direction and we believe we’re ready talk to patriotic investors who want to not only “get in on the action” but more importantly who want to help America hear the truth. Interested investors should contact me directly with the contact button above.
As the world spirals towards radical progressivism, the need for truthful journalism has never been greater. But in these times, we need as many conservative media voices as possible. Please help keep NOQ Report going.