and took nearly all the money back out, says the deputy attorney general lisa monaco. today we turned the tables on darkside. reporter: colonial paid 4.4 million to a bitcoin account in northern california, which a judge ordered seized according to the u.s. attorney in san francisco. the extortionists will never see this money. reporter: justice department officials say it s a potent way to take the profit out of ransomware. quite a story. to go with it, in new york city, the fbi and nypd are investigating a cyberattack that hit the city s law department. on sunday, officials disabled the computer network of the government s roughly 1,000 lawyers after discovering the attack. as of right now, mayor bill de blasio says there s no ransom demand and doesn t appear any information has been compromised but cautions the details are still emerging. the new york times the motive and identity of who is behind the attack sun clear. however, the type of ransomware used is commonly dep
didn t decided they didn t want to participate. nbc s leigh ann caldwell, thank you for being with us. we really appreciate it. let s go now to this pretty incredible story. the u.s. government flipped the script on some hackers. the department of justice has found and recaptured the majority of the ransom colonial paid to the darkside network in the wake of last month s ransomware attack. nbc s own pete williams reports on how the doj was able to pull this off. reporter: what thousands of americans didn t know as they waited in long lines for gasoline after colonial pipeline revealed that it was hit with a ransomware attack is that the fbi was also investigating darkside, the group in russia blamed for carrying it out. colonial, it turns out, quickly told the fbi about the attack and agents were able to find the bitcoin account where the ransom was sent. the fbi figured out the password
turned the tables on them pete williams explains how. reporter: what thousands of americans didn t know as they waited in long lines for gasoline after colonial pipeline revealed that it was hit with a ransomware attack is that the fbi was already investigating darkside, the group in russia blamed for carrying it out. colonial, it turns out, quickly told the fbi about the attack, and agents were able to find the bitcoin account where the ransom was sent. the fbi figured out the password and took nearly all the money back out, says the deputy attorney general lisa monaco. today we turned the tables on darkside reporter: colonial paid 4.4 million to a bitcoin account in northern california which a judge ordered seized just today according to the u.s. attorney in san francisco. the extortionists will never see this money. reporter: justice department officials say it s a potent way to take the profit out of ransomware. lester all right, pete williams tonight thank you. after
pipeline paid in last month s ransomware attack. first, here s nbc news pete williams on how the doj was able to pull this off. reporter: what thousands of americans didn t know as they waited in long lines for gasoline after colonial pipeline revealed that it was hit with a ransomware attack is that the fbi was already investigating darkside, the group in russia blamed for carrying it out. colonial, it turns out, quickly told the fbi about the attack, and agents were able to find the bitcoin account where the ransom was sent. the fbi figured out the password and took nearly all the money back out, says the deputy attorney general, lisa monaco. today, we turned the tables on darkside. reporter: colonial paid $4.4 million to a bitcoin account in northern california, which a judge ordered seized, according to the u.s. attorney in san francisco. the extortionists will never see this money. reporter: justice department officials say it s a potent way to take the profit out of
for their skill in coordinating the prosecutors in my office and with our colleagues in the criminal division components, to allow us to reach this result. i d like to turn the podium back over to deputy attorney general monaco. thanks. i think we re ready for a few questions. ms. monaco, how much of the money did you take out of this bitcoin account that you found? did you clean it out, basically? is it the first time the government has ever done this? so, it s not the first time that the government has ever seized cryptocurrency in connection with ransomware attacks. this is the first such seizure that the ransomware and digital extortion task force has undertaken. with regard to your first part of your question, pete, i ll let the court documents speak for themselves. they lay out the probable cause presented to the northern district, to the judge in the northern district of california,