FBI Bitcoin Hack: Find out how the FBI recovered Bitcoin from the hacker group 'Darkside'

Over the past couple of days, the price of Bitcoin reduced significantly after former US President Donald Trump called Bitcoin a 'scam' in an interview and the Federal Bureau of Investigation revealed that they had successfully recovered $2.3 million worth of Bitcoin out of the $4.4 million that Colonial had paid to the hacker group Darkside as ransom. However, many people mistook the news as the FBI hacking Bitcoin to recover the funds, casting doubt on Bitcoin's safety. But, Bitcoin was not 'hacked' per se and was recovered through a password, so Bitcoin's integrity remains unaffected. So, what is the FBI Bitcoin hack and how did the FBI recover Bitcoin? 

What is the FBI Bitcoin hack?

In order to understand the FBI Bitcoin hack, readers need to understand what went down on May 7 with Colonial Pipeline. As per Business Insider, on May 7, Colonial Pipeline suffered a major ransomware attack, which was traced back to an Eastern European hacking group known as 'Darkside'. Colonial Pipeline consulted with the FBI and decided to pay the ransom, which was 75 Bitcoins (around $4.4 million dollars at the time), to gain back control of their systems and resume operations. 

As per the report, the Department of Justice announced on Monday that it had recovered $2.3 million worth of Bitcoin that Colonial had paid as ransom to the hacker group Darkside. Major news outlets reported the news in a way that said the FBI had hacked the Bitcoins from Darkside. However, the FBI recovered the Bitcoins from the Bitcoin wallet by deducing the password, not hacking Bitcoin. Read on to know how the FBI seized Bitcoin from Darkside. 

How did the FBI recover Bitcoin?

As per the publication, one of the FBI agents involved in the case used software called 'blockchain explorer', which enables the users to search a Bitcoin blockchain to determine the amount and destination of transactions, which the FBI used to figure out which Bitcoin addresses Darkside used to launder their ransom Bitcoin. The FBI agent was able to track 63.7 Bitcoins that were received as payments on May 27 by Darkside to a Bitcoin address. 

As it happened, the FBI had the password or the private keys to that very Bitcoin wallet, which could be used to access the wallet and the funds as well. So, after securing a warrant from a federal court, the FBI managed to get access to the wallet through the passcode and recover the funds from that specific wallet. This was only made possible because the FBI had access to the private key/password to the wallet, without which the funds would have been lost forever. However, the FBI did not reveal how they got access to the password/private key to that specific wallet. 

IMAGE: UNSPLASH