Business

Colonial Pipeline hackers DarkSide have lost control of servers: report

Colonial Pipeline hackers DarkSide have lost control of servers: report

Cybercrime group DarkSide said it has lost control of its web servers and some of the money it’s made off of ransom payments after the FBI confirmed that the gang was behind the $5 million ransomware attack on Colonial Pipeline last week that spurred gas shortages and panic buying across the Southeast.

“A few hours ago, we lost access to the public part of our infrastructure, namely: Blog. Payment server. DOS servers,” read a post online by user Darksupp, the operator of DarkSide, according to The Record.

The announcement was posted Thursday evening on cybercrime underground community Exploit Forum, according to Recorded Future threat intelligence analyst Dmitry Smilyanets.

It remains unclear if the announcement is a ruse for the group to escape attention or avoid paying out its partners. Cybersecurity analysts warned that anything posted by DarkSide operators should be taken with a grain of salt.

Darksupp also claimed that cryptocurrency funds were withdrawn from the hacker group’s payment server, which hosted ransom payments made by victims such as Colonial Pipeline, the report said. The funds, which the group is typically supposed to split between itself and its partners, were transferred to an unknown wallet, Darksupp said, according to The Record.

The FBI confirmed that Darkside was behind the $5 million ransomware attack on Colonial Pipeline.
The FBI confirmed that Darkside was behind the $5 million ransomware attack on Colonial Pipeline.
EPA/JUSTIN LANE

The cybergang’s claims come after President Biden said the US would go after the group.

“We have been in direct communication with Moscow about the imperative for responsible countries to take decisive action against these ransomware networks,” President Biden said Thursday at a press conference.

President Joe Biden said that "we pursue a measure to disrupt" Darkside's ability to operate.
President Joe Biden said that “we pursue a measure to disrupt” Darkside’s ability to operate.
NICHOLAS KAMM/AFP via Getty Images

“We are also going to pursue a measure to disrupt their ability to operate,” he added.

The White House did not immediately return the Post’s request for comment.

Motorists wait in line to fill their cars with at a gas station in Alexandria, Virginia following Colonial Pipeline's shutdown.
Motorists wait in line to fill their cars with at a gas station in Alexandria, Virginia following Colonial Pipeline’s shutdown.
EPA/SHAWN THEW

About the author

Erin Fox

From television to the internet platform, Erin switched her journey in digital media with News Brig. She served as a journalist for popular news channels and currently contributes his experience for News Brig by writing about the tech domain.

Add Comment

Click here to post a comment

Your email address will not be published. Required fields are marked *