I have some questions, and I’m sure you do too.
The cyber criminal group known as “Darkside” has suddenly disbanded after they received payment from Colonial pipeline sources say.
Now, I understand the reasoning behind disbanding. The longer they stay together or keep this up the higher the chances are of them being caught.
Still though…..something just doesn’t seem right.
We recently reported on how a certain inspector thought the Colonial Pipeline crisis was 100% manufactured, and this group suddenly disbanding like this may lend credence to this idea.
Keep a close eye on this event; we may begin to see a lot more just like it…..
Here is more on the story:
The Epoch Times reported:
Robert Lee, co-founder and CEO of Dragos, said on Twitter that the move “is almost certainly a rebranding attempt to avoid the heat.”
DarkSide and another ransomware group, Babuk, which said it was shifting operations on Thursday after taking credit for obtaining and leaking information from Washington’s police department, took the actions in reaction to “the high-profile ransomware attacks covered by the media this week,” Intel 471 said.
“However, a strong caveat should be applied to these developments: it’s likely that these ransomware operators are trying to retreat from the spotlight more than suddenly discovering the error of their ways. A number of the operators will most likely operate in their own closed-knit groups, resurfacing under new names and updated ransomware variants,” it added.
President Joe Biden told reporters earlier Thursday that the U.S. government has “strong reason” to believe the Colonial hackers were based in Russia but were not backed by the Russian government.
The New York Post brought us more details:
Cybercrime group DarkSide said it has lost control of its web servers and some of the money it’s made off ransom payments after the FBI confirmed that the gang was behind the $5 million ransomware attack on Colonial Pipeline last week that spurred gas shortages and panic buying across the Southeast.
Analysts at security research firm FireEye said that messages are circulating in multiple cybercriminal forums that say DarkSide has shut down amid pressure from the US and law enforcement.
The announcement was posted Thursday evening on cybercrime underground community Exploit Forum, according to Recorded Future threat intelligence analyst Dmitry Smilyanets.