See this coverage from the Washington Post:
“Federal authorities have recovered more than two million dollars in cryptocurrency paid in ransom to foreign hackers whose attack last month led to the shutdown of a major pipeline that provides nearly half the East Coast’s fuel, according to officials.
“The seizure of funds paid by Colonial Pipeline to a Russian hacker ring, DarkSide, marks the first recovery by a new ransomware Justice Department task force. It follows a string of cyber attacks that panicked consumers and led President Biden to warn Russia that it needed to take ‘decisive action’ against the criminal networks.
“How ransomware attacks are affecting consumers
“‘Today we turned the tables on DarkSide,’ Deputy Attorney General Lisa Monaco said, announcing the recovery on Monday afternoon. ‘The Department of Justice has found and recaptured the majority of the ransom’ in the wake of last month’s attack.”