The hackers behind last week's cyberattack on Colonial Pipeline extorted nearly $5mln from the company, which the petroleum supplier was forced to transfer in untraceable cryptocurrency within hours of the incident, Bloomberg reported on Thursday, citing two people familiar with the transaction.
The hackers sent the Georgia-based operator a decryption tool to restore the operation of the paralysed computer network after they received the ransom. One of the people familiar with the matter said that the tool was too slow, which forced the company to continue using its own backups to restore the system.
The fresh details contradict earlier reports that the company refused to pay the ransom to resume the pipeline’s operation.
US President Joe Biden said on Thursday that the pipeline has restored most of its service, hours after the operator announced that it is expected to resume pumping gasoline again later in the day.
US’ Largest Pipeline Suffers Cyberattack
Its shutdown, caused by Friday's ransomware attack, has triggered fuel shortages in the US, prompting people to stockpile gas out of fear of future disruptions in supply.
The FBI established that the pipeline was targeted with ransomware developed by the hacker group DarkSide, which US media has claimed is a group of Russian cybercriminals.
On Monday, US President Joe Biden gave a press conference where he cited intelligence data as saying that there was no evidence Russia was behind the attack.