Coinbase Denies Involvement in the DOJ’s Bitcoin Ransom Seizure

The US Department of Justice recently seized $2.3 million worth of Bitcoin from DarkSide cybercriminals, where the target was Colonial Pipeline.
The FBI mysteriously obtained the private key to the specific wallet which was traced for the ransom payment.
Everyone was suspicious of how the Feds received this information, given that the official statement by the FBI had several irregularities.

The American crypto exchange was being suspected of being involved in the recent seizure of crypto assets related to the recent Colonial Pipeline ransomware attack. Chief Security Officer Martin has refuted all these speculations with an official statement on Twitter last Tuesday.

“Coinbase was not the target of the warrant and did not receive the ransom or any part of the ransom at any point. We also have no evidence that the funds went through a Coinbase account/ wallet,” the tweet by Philip Martin reads.

Department of Justice Seizure – What Unfolded

The US Department of Justice recently seized $2.3 million worth of Bitcoin from DarkSide cybercriminals, the target of which was Colonial Pipeline. The FBI mysteriously obtained the private key to the specific wallet which was traced for the ransom payment, and the amount was immediately grasped.

It was this private key obtainment that grabbed eyes worldwide, leading many to speculate wildly on how the ‘Feds’ received the secret information. The official statement by the FBI had several irregularities. The private key for the Subject Address is in the possession of the FBI in the Northern District of California.

This was another reason for people to doubt that the property had to be targeted at Coinbase. CSO Martin, however, put forth that there is “no evidence that the funds went through a Coinbase account wallet.” He also said that these were nothing but “incorrect claims”.

Martin added on Twitter, “Coinbase used a pooled hot wallet, so handing over a specific private key wouldn’t make a ton of sense, and we’ve (for obvious security reasons) not built a private key export API endpoint into our signing systems.”

Elvis Chan, an FBI agent at the FBI’s San Francisco office stated, “I don’t want to give up our tradecraft in case we want to use this again for future endeavors,” when asked about how the FBI got the private key in the first place.

Just the First in Line

A batch of multiple DOJ documents shared along with the DarkSide Bitcoin seizure official statement suggests that the action may just be its first crack of the whip. The US authorities seem to be targeting a more concerted and aggressive play against ransomware operators shortly.

The DOJ has prepared its Criminal Division’s Computer Crime and Intellectual Property Section (CCIPS), especially for this segment. The step is welcomed by many, including business leaders worldwide, who feel that cybersecurity promotion by the government among businesses can help establish process-driven, risk-based information security channels that will not just spread awareness but also help prepare businesses against unscrupulous cybercriminals.