The hacker group suspected of the cyber attack on Colonial Pipeline has ceased its activities. The DarkSide group reported on the so-called dark web that access to certain servers has been lost, cybersecurity officers FireEye and Recorded Future say. As a result, the hacker group could no longer access the looted ransom and its blog.
–
DarkSide stated on the dark web that cryptocurrency received as a ransom had also disappeared from its servers. The group did not report who disabled the hackers’ servers. Experts also note that DarkSide is disbanding of its own accord to return under a different name soon.
Authorities in the United States suspect DarkSide has attacked Colonial Pipeline with ransomware. In addition, company documents are encrypted and only released after payment of a ransom. The attack had major consequences, as one of the largest fuel pipelines in the US came to a standstill. Although the pipeline is back in operation, many gas stations are still short of gasoline.
Like other hacker groups, DarkSide regularly publishes stolen documents on the dark web, a hard-to-access part of the internet where users operate anonymously. This is to put the affected companies under pressure to come up with money. But the DarkSide site has stopped working now.
According to US President Joe Biden, Russia is partly responsible for the attack on Colonial Pipeline. According to him, there is evidence that the hackers or their software come from Russia. According to security experts, the group also communicated in Russian.
DarkSide recently repented, hinting that the attack on the US pipeline was not carried out by the group itself, but by “partners” who use the ransomware for a fee. “We are apolitical and do not engage in geopolitics,” said a report. “Our goal is to make money, not to create problems for society. From now on we check every company that our partners want to encrypt to avoid social consequences. ”
– .
