The US Federal Bureau of Investigation (FBI) yesterday seized 63.7 bitcoins currently valued at approximately $2.3 million. "The funds allegedly represent the proceeds of a May 8 ransom payment," as the Justice Department primly puts it, to the DarkSide gang in the course of their extortion of Colonial Pipeline. The recovered money amounts to a significant fraction of the 75 bitcoins, or $4.4 million, Colonial paid. The seizure warrant gives, in suitably redacted form, the FBI's tracking of the wallets through which the funds passed. The money was seized when it reached a wallet for which the Bureau held the key, which suggests that the Feds were leaning forward in the foxhole on this one. There's also some credible speculation, reported in Ars Technica, that Colonial paid not to gain access to the flawed and essentially worthless decryptor the gang offered, but rather to aid the FBI in its work against DarkSide.
Another law enforcement action, this one international and collaborative, has resulted in the arrest of some eight-hundred suspects and the seizure of drugs, cash, firearms, and other goods, Europol says. The operation, variously called "Trojan Shield," and "Ironside," used an encrypted platform developed by the Australian Federal Police (AFP) to run on top of Anøm (also "AN0M") which the US FBI began running after it took down Phantom Secure in 2018. The BBC says criminals were gulled into using the app by one Hakan Ayik, a fugitive and alleged drug "kingpin" who served as an unwitting Judas goat.