Colonial Pipeline forgets to mention it already paid $5M Bitcoin to hackers

A padlock on some data to represent the files Colonial Pipeline just unlocked by paying a Bitcoin ransom.

Colonial Pipeline paid $5 million in Bitcoin to its extortionists hours after it halted operations last week, Bloomberg reports.

The news contradicts statements made Wednesday by the fuel company, saying they wouldn’t pay.

  • Hacker crew DarkSide launched a ransomware attack last week on Colonial Pipeline, which provides 45% of gas, diesel, and jet fuel on the East Coast.
  • The company halted operations last Friday to “contain the threat,” triggering a nationwide warning of oil shortages.
  • On Wednesday, media outlets reported the company had no intention of paying a ransom fee — it paid at 17:00 on May 7.

In response, DarkSide has reportedly provided a decryption tool to bring the disabled systems back up.

But while Colonial buried the lede, the national average gas price surged to $3.028 a gallon on Thursday, its highest point in six years.

Colonial paid 75 BTC to get rid of Darkside

Anne Neuberger, the White House’s top cybersecurity official, said in a briefing (via Quartz): “companies are often in a difficult position” when facing a ransomware attack without backed-up data.

Victims often end up paying at least part of the ransom in cases like these, Neuberger commented.

According to crypto researcher JP Koning, DarkSide accepts both Bitcoin and Monero, offering a 10% discount for the latter.

The exact crypto ransom was confirmed by the New York Times. The outlet reported Colonial Pipeline paid 75 BTC ($5 million), citing sources familiar with the transaction.

Prefer to listen to your news? The Protos Podcast delivers the week’s top stories every Friday.

Was this article interesting? Share it