Hacking group tied to cyber attack on US pipeline said to have shut down

[ad_1]

The criminal cyber cartel blamed for the ransomware attack on a US pipeline that caused petrol shortages for motorists this week has said it is ceasing operations, according to cyber security researchers.

The news comes after the Colonial Pipeline Company made a ransom payment to the hackers worth almost $5m as it worked to restart its 5,500-mile network, said people familiar with the matter.

DarkSide, the suspected Russian-based group that the FBI has said was responsible for the attack, has told its affiliates it is shuttering its services, said FireEye, a cyber security group appointed to investigate the incident.

Until now, DarkSide has maintained the ransomware but also rented it out to others via an affiliate programme, taking a cut of any proceeds from attacks that seize control of an organisation’s data or software systems and lock out the owners using encryption until payments are made. 

See also  TikTok: Bill to ban TikTok on US government devices passes committee

In a post on the dark web, found by researchers at Recorded Future and seen by the Financial Times, it also said it had lost control of much of its public infrastructure — including its dark web blog and the server it uses to accept ransom payments — and that its crypto funds had been seized.

“The post cited law enforcement pressure and pressure from the United States for this decision,” said Kimberly Goody, senior manager for financial crime analysis at FireEye’s Mandiant Threat Intelligence arm.

It is unclear whether the disruption to the group’s infrastructure was directed by authorities, and also whether DarkSide was taking itself offline with a view to later taking up operations again under a different guise, known as an “exit scam”.

See also  When It Comes to Purchasing a Car, Take a Look at How Easily You Can Get a Car Loan:

US President Joe Biden said he has “strong reason” to believe the DarkSide hackers were based in Russia, but that he did not believe Moscow was directly responsible.

“We have been in direct communication with Moscow about the imperative for responsible countries to take decisive action against these ransomware networks,” he said on Thursday.

In a blog post on Friday, blockchain analytics group Elliptic found that Colonial had paid 75 bitcoin — or close to $5m — to a crypto wallet used by DarkSide on May 8.

The wallet had received $17.5m total in bitcoin since becoming active in early March, with much of this laundered via small cryptocurrency exchanges or sent to Hydra, an illegal marketplace on the dark web that typically serves Russia and neighbouring countries.

Elliptic also confirmed that the $5m ransom payment had been emptied from DarkSide’s crypto wallet on Friday, though it did not indicate where this had moved to.

See also  When It Comes to Purchasing a Car, Take a Look at How Easily You Can Get a Car Loan:

Colonial began the process of bringing the pipeline — a central artery for delivering motor fuel to the eastern US — back online on Wednesday. On Thursday it said it had restarted the entire system and started to deliver products to all of its markets. It did not respond to a request for comment on the ransom payment.

Twice weekly newsletter

Energy is the world’s indispensable business and Energy Source is its newsletter. Every Tuesday and Thursday, direct to your inbox, Energy Source brings you essential news, forward-thinking analysis and insider intelligence. Sign up here.

The crisis has reinvigorated the debate over whether there should be a blanket ban on victims paying ransoms. White House press secretary Jen Psaki on Thursday said the federal government continued to argue that paying ransoms only incentivised such blackmail activities and urged companies to harden their defences. The FBI advises against payments.

See also  How Candle Rigid Boxes Are Best for Building Brand Recognition

Ransomware gangs earned at least $18bn in ransoms in 2020, according to the cyber security group Emsisoft, as hackers took advantage of employees shifting to remote working and the resulting cyber vulnerabilities. The average payment is about $150,000, Emsisoft data show.

Authorities face increasing public pressure to hunt and prosecute attackers. Last Saturday a group of tech companies, as well as US agencies such as the FBI, disrupted DarkSide by shutting down the US-based servers that they were using to store data before then sending it to Russia, according to two people familiar with the situation. The takedown and Colonial’s ransom payment were first reported by Bloomberg.

James Lewis, a cyber security expert at the Center for Strategic and International Studies, said there was discussion as to whether there should be efforts to go further and hack criminal ransomware gangs, known as “hacking back”.

See also  The Moon, Mars and beyond: China’s ambitious plans in Space

“People are talking about hackback — it’s back on the radar and that’s probably driven by the Colonial incident.”

[ad_2]

Source link

Latest

Tips To Delivering The Best Customer Service

Any company would want its representative to be enthusiastic about providing outstanding service to its clients. However, most businesses' challenge is encouraging staff to...

5 Tips to Buy Pure Pine Tar Strain Online in Canada

As the Canadian Cannabis industry grows, online cannabis sales are also becoming popular. Currently, most if not all manufacturers of cannabis strains are selling their products online to ensure users all over the country can order various products.

6 Things to Look Out for When You Use Follower Gallery

Social media is a huge part of everyone's life. Instagram, Facebook, Twitter, and other social media platforms are where people go to share what they have to say with the world. 

Importance of Having Dogs at Home Such as The Australian Terrier Dog Breed 

Are you still curious why there are homeowners who prefer having pets in their household even if there is a tendency that it might...

NetbaseQuid Your Social Listening Partner

The use of artificial intelligence has risen steadily through the years. This technology can be applied to gather consumer intelligence and data in business....