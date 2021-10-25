The hacker group DarkSide withdrew most of the bitcoins from their cryptocurrency wallets. Cybersecurity researcher Omri Segev Moyal drew attention to this.

The 107 * BTC from Colonial PipeLine ransomware has moved to a new wallet: “bc1q2sewgrnau4e4gvceh8ykzf8lqxawpluu0k0607″> “bc1qvya30xewdeatneqj90ypvzq4kjzgyz8cnvu7rm”

Transaction hash: “8fe2131dd4b4be77034c3af4928415c2daffed950572d270d5e9dd1aa6b71088”

Feds control wallet? – Omri Segev Moyal (@GelosSnake) October 22, 2021

According to him, about 107 BTC (about $ 6.8 million) were withdrawn from the wallets that received funds after the attack on the operator of the American pipeline Colonial Pipeline.

Seven addresses received transactions of 7-8 BTC. The rest of 38 BTC was transferred to a separate wallet. Now this amount is also broken down into smaller parts and transferred to other addresses.

The expert suggested that in this way the attackers are planning to launder the funds obtained by criminal means. He also did not rule out that law enforcement agencies could get access to DarkSide wallets.

Moyal turned to the administrations of cryptocurrency exchanges with a request to block wallets associated with DarkSide.

Recall that in early May, DarkSide hackers attacked the Colonial Pipeline, blocking its computer systems and stealing about 100 GB of data. Colonial Pipeline paid the cybercriminals 75 BTC to restore work and return data.

A week after the attack, as a result of the operation of the special services, the group lost its servers and part of the cryptocurrency and announced the cessation of activity.

In June, the FBI unidentified access to the ransomware bitcoin wallet and recovered 63.7 BTC from the ransom paid.

At the end of July, DarkSide hackers resumed their activity under the name BlackMatter.

