They handle the ransomware that shut down one of America’s largest oil pipelines.
Cybercriminals DarkSide, responsible for shutting down one of America’s largest pipelines, has announced its dissolution according to the Wall Street Journal, which cites cybersecurity firms FireEye and Intel 471.
The DarkSide site is no longer available since Thursday, May 13. The group from Eastern Europe has thus affirmed to its associates having lost access to its infrastructures by pointing out, in particular, an agency linked to the government of the United States, but also the pressure exerted by the country.. However, it is difficult to know what is really behind these statements. Indeed, it is common for ransomware groups to announce a disbandment to calm things down and eventually come back later under a unique name.
A few days ago, DarkSide caused the shutdown of an 8,900 kilometer oil pipeline owned by Colonial Pipeline. The latter transports 45% of the oil used on the American east coast; as a result, an emergency plan had to be put in place by the authorities to avoid a shortage for residents of certain areas, while it charged the Department of Justice and the FBI with the investigation. The group then published a statement on its website in which it claimed to be “apolitical” and not to want to be linked to a government.
Joe Biden himself took the floor to discuss this cyberattack. Although he confirmed that the Russian government was not involved, he recalled the hackers were operating from his territory, and announced that he would meet with Vladimir Putin shortly. He further stated that his administration was “in direct communication with Moscow regarding the imperative for the countries responsible to take decisive action against these ransomware networks, “ and that it “would take action to disrupt their ability to operate ” .
According to the Wall Street Journal, Colonial Pipeline paid DarkSide $5 million to get its data to decrypt. The group began operating around a year ago and quickly gained fame in the ransomware arena and now has many victims. Cybercriminals have garnered more than $60 million over their first 7 months of activity … With such sums, it is therefore difficult to know if it will really disappear from the radar.
