According to cyber security investigators, the cyber cartel blamed for the U.S. pipeline rescue that caused fuel shortages for motorists this week is said to be coming to an end.
The case comes after the Colonial Pipeline company paid a ransom to those who stole about $ 5m because it was working to restart its 5,500 network, said people familiar with the matter.
DarkSide, a suspected Russian group that the FBI has blamed for the incident, has told its allies that it is closing its operations, said FireEye, a cyber security task force tasked with investigating the case.
To this day, DarkSide has retained the ransom program and lending to others through its affiliate program, cutting off any costs incurred by directing corporate supervision or software and locking down owners using secrecy until the funds are disbursed.
Writing on the black internet, accessed by Recorded Future researchers and viewed by the Financial Times, it also claimed to have lost control of all its government tools – including the black web site and the server it uses to receive payments – and that its cryptocurrencies were confiscated.
Kimberly Goody, senior manager in investigating financial matters at FireEye at the hands of Mandiant Threat Intelligence.
It is unknown at this time what he will do after leaving the post, and whether DarkSide will remove itself from the Internet with the intention of resuming its covert operation, known as “fraudulent activity”.
US President Joe Biden He said he has “strong reason” to believe that DarkSide’s hackers were in Russia, but he did not believe that Moscow was responsible.
“We have been in direct contact with Moscow on the need for responsible countries to take action against these networks,” he said on Thursday.
Colonists have paid ransom to hackers who use cryptocurrency funds, said two people who are familiar with the matter. “You had a certain number of bitcoin who extended their hair to less than $ 5m, ”said one resident.
Colonials began the work pipeline – a central oil pipeline in the eastern US – back online on Wednesday. On Thursday he said it restarted the entire system and began offering sales to all its markets. It did not respond to a request for comment.
The crisis also fueled controversy over whether there should be a warm ban on victims who pay ransom. White House press secretary Jen Psaki on Thursday said the government was continuing to say that paying the ransom only encouraged such efforts and encouraged companies to strengthen their security. The FBI advises against the charges.
The Eagle group earned at least $ 18bn in compensation by 2020, according to cyber protection group Emsisoft, while hackers take advantage of migrant workers and remote cyber bullies. The median fee is about $ 150,000, Emsisoft’s data show.
Officials are under intense pressure from the public to hunt down and prosecute their victims. Last Saturday a group of experts, as well as US agencies such as the FBI, disrupted DarkSide by shutting down US servers that use data storage before sending it to Russia, according to two people who are well aware of this. The abolition and payment of Colonial ransom was first announced by Bloomberg.
James Lewis, an expert on cyber security at the Center for Strategic and International Study, said there were discussions about whether there would be an attempt to continue cracking down on criminals known as “revenge”.
“People are talking about regression – it’s back on the radar and it’s probably because of what the Colonials did.”