Group behind Colonial Pipeline hack to shut down operations: report

Source: The Hill | May 15, 2021 | Jordan Williams

The group behind the ransomware attack on Colonial Pipeline is reportedly shutting down its operations.

The Wall Street Journal reported that a website run by the group DarkSide had been down since Thursday.

Security firms FireEye and Intel 471 told the newspaper that Darkside lost access to the infrastructure it uses to run its operations due to disruption from law-enforcement.

Intel 471 posted a statement from DarkSide, which was originally written in Russian, in a blog post on Friday.

The statement, first released on Thursday, said that the group lost access to a public part of its infrastructure due to law enforcement, though no specific agent was named. The group also blamed “pressure from the U.S.” without elaboration.

“In view of the above, and due to pressure from the US, the affiliate program is closed,” the group reportedly wrote. “Stay safe and good luck.”

The group said it would give its affiliates decryption tools for the companies that haven’t paid it yet, and would compensate all outstanding financial obligations by May 23.

The Hill has reached out to the FBI, Department of Justice and federal Cybersecurity and Infrastructure Security Agency for comment.

The FBI confirmed on Monday that DarkSide was responsible for the cyber attack that forced 5,500 miles of pipeline to temporarily shut down.

……..

Viewing 1 post (of 1 total)
Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.