May 14, 2021

The DarkSide ransomware affiliate program responsible for the six-day outage at Colonial Pipeline this week that led to fuel shortages and price spikes across the country is running for the hills. The crime gang announced it was closing up shop after its servers were seized and someone drained the cryptocurrency from an account the group uses to pay affiliates.

“Servers were seized (country not named), money of advertisers and founders was transferred to an unknown account,” reads a message from a cybercrime forum reposted to the Russian OSINT Telegram channel.

“A few hours ago, we lost access to the public part of our infrastructure,” the message continues, explaining the outage affected its victim shaming blog where stolen data is published from victims who refuse to pay a ransom.

“Hosting support, apart from information ‘at the request of law enforcement agencies,’ does not provide any other information,” the DarkSide admin says. “Also, a few hours after the withdrawal, funds from the payment server (ours and clients’) were withdrawn to an unknown address.”

DarkSide organizers also said they were releasing decryption tools for all of the companies that have been ransomed but which haven’t yet paid.

“After that, you will be free to communicate with them wherever you want in any way you want,” the instructions read.

The DarkSide message includes passages apparently penned by a leader of the REvil ransomware-as-a-service platform. This is interesting because security experts have posited that many of DarkSide’s core members are closely tied to the REvil gang.

The REvil representative said its program was introducing new restrictions on the kinds of organizations that affiliates could hold for ransom, and that henceforth it would be forbidden to attack those in the “social sector” (defined as healthcare and educational institutions) and organizations in the “gov-sector” (state) of any country. Affiliates also will be required to get approval before infecting victims.

The new restrictions came as some Russian cybercrime forums began distancing themselves from ransomware operations altogether. On Thursday, the administrator of the popular Russian forum XSS announced the community would no longer allow discussion threads about ransomware moneymaking programs.

“There’s too much publicity,” the XSS administrator explained. “Ransomware has gathered a critical mass of nonsense, bullshit, hype, and fuss around it. The word ‘ransomware’ has been put on a par with a number of unpleasant phenomena, such as geopolitical tensions, extortion, and government-backed hacks. This word has become dangerous and toxic.”

In a blog post on the DarkSide closure, cyber intelligence firm Intel 471 said it believes all of these actions can be tied directly to the reaction related to the high-profile ransomware attacks covered by the media this week.

“However, a strong caveat should be applied to these developments: it’s likely that these ransomware operators are trying to retreat from the spotlight more than suddenly discovering the error of their ways,” Intel 471 wrote. “A number of the operators will most likely operate in their own closed-knit groups, resurfacing under new names and updated ransomware variants. Additionally, the operators will have to find a new way to ‘wash’ the cryptocurrency they earn from ransoms. Intel 471 has observed that BitMix, a popular cryptocurrency mixing service used by Avaddon, DarkSide and REvil has allegedly ceased operations. Several apparent customers of the service reported they were unable to access BitMix in the last week.”


210 thoughts on “DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized

  1. Play stupid games...

    Sounds like DarkSide learned what dictators and cybercriminals alike have known for decades:

    Want to shut down international logistics and shipping? Ok. Kill people by shutting down hospitals? The FBI will get around to investigating it. Commit some war crimes here and there? Maybe a condemnation and some sanctions.

    Fuck with America’s oil? Get ready to learn about American liberty. And by liberty, I mean you’re going to liberated from everything you hold dear.

    1. Charlesofaberdeen

      You hit the nail right on the head with that comment

    2. Texas Steve

      This comment made me laugh because it’s so true. Cybercriminals: “hey, we can practically do anything we want and get away with it”. Russian cybercriminals: “hold my beer”.

      1. J.D.

        They are a European group from many countries from what I read.

        1. Dolores

          Did everyone know who these terrorists were, their reaction was so, , for the good of all we are shutting down.. So what country took their servers,cash, and everything else. It was almost apologetic releasing all they held because they couldn’t or wouldn’t pay the blackmail,extortion of random. Like 9/11,. Democrats/republicans knew who financed and planned it. But zero was done about it.

    3. Jim Getten

      Palantir. That who got them. Probably one of the best data mining stocks you could buy today.

    4. Dave

      That’s assuming you believe the servers were seized etc. This is a standard exit strategy for Russian cybercriminals when things get too hot for them, declare defeat, move on, and come back under another identity. Until US law enforcement confirms they seized the assets and shows them in a photo op, consider it a convenient exit strategy. They’ll be back later on when things have quietened down.

  2. Curtis Garcia

    Should be automatic mandatory death penalty for this sort of piracy.

    1. LinuxLove

      Yet the NSA didn’t get in any trouble when they caused 6+ deaths and billions of dollars in damages when they refused to notify microsoft about EternalBlue, then got hacked and their exploit leaked, and caused untold amounts of damage across the world. Or when the CIA was busted hacking into Senate computers to delete evidence about the CIA’s enhanced interrogation program, nobody got in trouble there.

      An automatic death sentence? are we North Korea?

      1. Timodeous

        Soon it’ll feel like it if Biden just keeps up making Exec Orders instead of constitutional laws

        1. Bitters

          Kinda exactly like the previous asshole

          1. BaliRob

            The US will, eventually, realise the stupidity of electing a no-brainer for President. Never has the US needed a stronger leader than now.

            Much of the World respects and admires the US and its way of life and is very sad at current developments.

            Whatever your opinion – @Bitters – nothing gives you the right to call a President who was elected with an enormous majority an “asshole”. It also lowers the tone of this Forum.

            1. Helmut

              Ummmm…actually doesn’t the constitution actually give him that exact right? You may not like the tone of the message but that is a person problem. The content of his message is his alone and his viewpoint and 100 percent supported by our founding fathers. Or am I missing the basics here?

              1. Ethan

                Yep, you’re missing the basics. There’s no such thing as an executive order in the constitution. Congress passes the laws, President signs them. That’s as basic as it comes.

            2. Randy

              Uhmm, President Trump lost the popular vote by 3 million!

              1. Walt Lindgren

                BidenVotes TrumpVotes OtherVotes Biden Share
                U.S. Total 81,282,916 74,223,369 2,891,441 51.3%

              2. Walt Lindgren

                BidenVotes TrumpVotes OtherVotes Biden Share
                U.S. Total 81,282,916 74,223,369 2,891,441 51.3%

            3. Kevin D

              But he literally is an asshole. He’s rude and condescending. Everything I have seen over the decades that he’s plastered himself in the public eye gives the impression that unless you want something from him (fame, money, association, political influence) he’d be a hard person to be friends with. He’s repeatedly and publicly consistently shown he treats women like trash. He’s consistently shown he’s not averse to badly lying.

              He may be everything he’s hyped up to be as a businessman and a president (he’s not), but he’s still an asshole.

            4. David H.K. Huff

              Trumpy Dumpy lost in a “landslide of 305 Electoral College” votes, words he himself used in 2016 but not so convenient I guess in 2020. In both elections he failed to capture the popular majority vote, losing by over 3 million in 2016 and by a crushing 6 million in 2020 to cement his legacy title as “America’s Worst Loser Ever” when it comes to presidential elections.

            5. Tom

              We had a choice between the town bully and the village idiot last November. Sadly, we chose the village idiot.

              1. thegreyfoxx

                absolutely correct. and is a terrible event for our future prosperity. America might recover if our voters ever recover their sanity. otherwise, you watch; more crime, more destruction, more lawlessness, more terrible news.

                1. JamminJ

                  Adolf Hitler also led on a platform of fear of the communist take over. That only he could bring prosperity and jobs.

                  It’s funny how the ignorant masses are so easily controlled by fear. Fear of immigrants taking jobs and causing crime.
                  They listen to non stop propaganda that does nothing but reinforce their fears.

                  1. ClifraJones

                    “Adolf Hitler also led on a platform of fear of the communist take over. That only he could bring prosperity and jobs.”

                    And he did just that! The problem was he was also a Psychopath who surrounded himself with other like minded Psychopaths.

                    Yes, it is funny how the ignorant masses are controlled by fear. Fear of the “non-existent” White Supremacist Terrorists, fear of racists on the right when the true racists are the ones on the Left calling everyone else racists.

              2. Tjs

                Both the bully and the idiot lost. So idiotic he can’t even admit that he lost. Such a bully, he incites other idiots to say (see above) and do (Jan 6) stupid things.

            6. John M Kramer

              Well said. People need to get cured of their Trump derangement.

            7. John

              yeah he was elected…with Russian help and plenty of GOP voter suppression tactics. Call that elected and I call you a knuckledragger. Rump always was and still is a mobster. He may go the way of many monsters too if we’re lucky.

              1. ClifraJones

                Voter suppression, when only those legally allowed to vote, are allowed to vote!

        2. TheDuck

          What has Biden got to do with this? What a garbage comment.

          1. Lindy

            Agreed… you could write how you love roses or long walks on the beach…. someone will turn it into a political battle.

            1. Robert Hume

              Some motherfuckers are always trying to ice skate uphill

          2. Jim Stinson

            I believe he was just referring to the direction Commie Joe is trying to take the country. Kinda a mix between Cuba/ Venezuela/Sweden.
            But due to the feeling I get from your comment, I think maybe you’re leaning that way yourself.
            Do the American people a favor and move out of the country and take all those liberal A-holes with you.

            1. Free Mpg

              It’s something to behold the length to which leftists will go to defend a communist-compromised demented pedophile, aka, Joe Biden, in an effort to sustain the Big Lie that Trump had dictatorial aspirations because he represented the vast majority of the American people against Washington DC elitists who themselves seek to exert Hunter Games-level dictatorial control.

              1. Andrew

                Looks like YOU bought into the Big Lies…

                Whoever “Q” is… He, she, or THEY (can’t rule out a state Intel agency) are… He/she/they are LYING his/her/their asses off!!!

                Donald Trump betrayed his oath and the nation!!!

                1. thegreyfoxx

                  NOT TRUE. you are trusting believing the liars out personal bias.

                  1. DS

                    It is unfortunate that you have bought into the big lie…unfortunate for a number of reasons…1. You’ve chosen to believe it. 2. Because you chose to believe it you now won’t be able to see the truth even if it’s right in front of your nose. 3. You need to stop watching Fox and Newsmax and the like if you want the truth. They are so far from truth and so angry that most of them just make up stuff for the heck of it. Sad. 4. You need to learn how to do an investigation…research and be able to differentiate the truth from fiction. People who believe Trump lies aren’t very good at this. If you want to really help the country…stop trashing good people who are trying to help and do your research much better.

            2. Paul Dodd

              Sweden is a great country to live in, regularly comes in before the U.S. on most polls.

            3. xanna

              Spoken like someone who has never left their own state.

            4. Tim

              Define communist. What has he done so far that you can legitimately label him communist? Moreover, the last president we had acted the way he did because of the orangutan gene. He is literally responsible for the deaths of over 500k Americans, the economy tanking, consistent lies about practically everything. In 2016 I planned to vote for him, however after listening to him speak of women the way he did, I had to think about touching my daughter in the way he spoke of and I couldn’t validate that behavior. He has been caught on tape attempting to influence state election officials for which he may wind up in prison and I could go on with a myriad of other things but anyone that still sides with wannabe dictator who has failed at his coup of our country, they are the ones who should leave this country and before you leave, look up the definition of communist. Oh and leave the American flag behind that I fought for because you don’t deserve to carry my boots let alone the flag that so many have fought and died for.
              Rant done, out here.

              1. Ethan

                Wow, you’re… Misinformed, to put it kindly.

        3. Joe Schmoe

          And queue the ignorant redhat comment. Trump still holds and will continue to hold the record for most EO’s in a 4-year term.

          1. MSB

            Not for long. Biden is easily set to surpass him both in EOs and in spending in half the time. And the numbers aren’t even close. People need to take the rose tinted goggles off, Biden is just as bad as Trump and has screwed us royally in so many areas. We’re also doomed another four years of someone on the far right side in 2024. So nothing is going to get better.

            Because Biden who claimed ‘healing’ has done anything but, in fact he’s made the division unhealable and there’s no overwhelmingly polarizing figure like Trump to make the Democrats go out and vote like they did this year, while Republicans and Moderates have all the reason in the world to go out and vote in the same 75million+ numbers they did before. Frankly, this country is better off just splitting between the two parties at this rate. The USA had a good run, but it’s over now. There’s no going back after Obama, Trump, and Biden divided this country irreversibly. Three of the worst presidents to ever exist.

            1. Michael B

              Those people who voted for Trump in 2016 , 75+ mil, were not all Trumpers. They were people like myself who were duped by Trump the con man. Trump rode the tides of 2016 perfectly and came away the President, but like the old Who song, “We won’t be fooled again”, as shown in Biden’s numbers in 2020. Trump will do NOTHING in 2024, we hope he dies b4 the embarrassment of that election. The man sent people to attack his own VP. Trump is no better than a mafia thug.

            2. Mike H

              Maybe (just maybe) the views and values of the American people are too broad and diverse to be properly represented by just two political parties. I also don’t understand why conservatives are so us vs them while we as a nation are going through a severe crisis. If anything, this nation NEEDS sane and rational leadership from local all the way up to federal if we have any hopes of beating this pandemic and getting the economy rolling again.

              Just the $0.02 of an Independent getting fed up with this partisan clownshow we call a “government”.

              1. ContraversyMan

                We don’t need more parties and more division, we need to hold both parties responsible as a whole! The US government has failed us in the following forms: education, Homeland Security, development, technology, sustainability and pretty much everything else, they claim they own everything, but they maintain it like dirty slumlords while charging us top dollar! They need to be retired altogether!

                1. Tatiana

                  So agree..I never voted for Trump for so many obvious reasons that I find it extremely difficult to understand how he’s leading a cult. I voted against him, not because I ADORED the opposition. Our government, as a whole, sells our votes to the highest bidder and that is not the people who elected them. Both sides LOVE the division.. it’s distraction and misdirection so we’re not focused on them.

          2. Ethan

            That’s just patently false – many presidents had more executive orders in a 4-year period than Trump. It’s public record. Wilson had over 1800. FDR had over 3700! And there are about a dozen more who had more…

            1. JamminJ

              We got Carter because of the corruption caused by Nixon. It makes sense that a lot of executive orders and legislation would be needed to wash away such a swamp.

              History is repeating. Nixon will forever be known for his treacherous behavior. And so will Trump.

        4. Marston

          More than 50% of the orders that Biden has made revoke orders made by Trump.
          If Biden’s aren’t Constitutional, then neither were Trumps. ego…

        5. Faux News

          The only president we’ve had in the last century that could be described as an “aspirational dictator” was Trump.

        6. Paliku

          Oh yeah, now it is a bad thing… I guess coping GOP strategy is a bad thing.

        7. NotPetya

          Avail yourself of Google and educate yourself. Obama did 35 executive orders during his 8 years. Trump did 55 executive orders during his 4 years. So far Biden has done 40 and majority of those were to correct all of Trump’s bs. It’s amazing the amount of ignorance when there is so much information available for free.

          1. T

            You are correct. With the invention of Facebook, anyone who believes in anything that our orangutan last president was good, received their information from Fakebook. The sad part is that so many people continue to follow that ape off the cliff. I just wonder if they plan to put money in his canteen at prison.

        8. J.D.

          So true! The concerns me that some people are so naive that they don’t understand that what you’re saying is exactly what can happen.

      2. ReadandShare

        Nobody said the world is fair. Mess with the world’s sole superpower at your own risk. Of course, other times, the superpower also acted as a force for good.

        1. Paul Dodd

          Or bad. Nobody wants to really mess with China or Russia either. Power corrupts.

      3. twib

        That’s how you stop the cybercriminals. Kill one or two in public and send out a message. This is what will happen to you if you commit this type of crime. Put today’s politicians don’t have balls to do it. Everyone that’s in power are looking for their own profits.

      4. Thomas Muller

        The biggest lawbreakers of all!we as civilians have to abide by the laws of the land but yet those who are supposed to uphold the law break it on a daily?
        Now you be good little boys and girls and we’ll do the law breaking to get what we want by any means necessary!when they get caught or confronted with criminal allegations!let the cover up begin!They will do this by any means that deem necessary to proof their Innocents or proof your guilt and i mean anyway necessary! we’ve seen it and it’s been proven within the court of law!they want to divide and conquer the masses!So we as the general population must stick together and not let them succeed!They try to separate the masses by using religion against us and so-called racial issues and the so-called tier system of upper class,middle class and lower class!we are just people trying to get along and survive in society that’s it! divide and conquer the law abiding citizen.Create scenarios so the masse fight amongst themselves.Drive us apart and they will succeed!they want to control us like lost milling around sheep!we as law abiding citizens must maintain self control or what they want to do will be successful! don’t let history repeat it’s self like it has in alot of foreign lands!family, unity and forgiveness to our fellow brothers and sisters for we must come together and stay together to overcome these criminal activities by our so called political higher archy!

        1. Tracy

          EXACTLY! The media and bs politicians try to keep us quarreling amongst ourselves to DISTRACT us from what really is going down…even worse WE taxpayers foot the bill for all these damn “investigations” I’m tired of this looking more like a third world country all the time.
          If we the people indeed have the right to alter or abolish the govt to set up a new (less corrupt) system, perhaps it would be about time to extend those rights. No violence (certainly not storming the capitol with torches and pitchforks), but peacefully handing out pink slips. “I’m sorry it didn’t work out, but we no longer require your services, so if you would be so kind as to clean out your desk and go home” Lose the authority abusive bureaucrites, lobbysitters, republicrats and democrans, hire some team players, with common sense for common ground and real work ethic.

      5. ContraversyMan

        Might as well be North Korea, clearly we are living in an unsafe, uncontrollable third world country where our most sacred infrastructure is put online instead of being protected by a closed loop system in order to give free access to any terrorists willing to exploit it and then passing the cost on to consumers for thier own short-sightedness.

    2. Greg

      If there ever was a need to protect the civilized world, these ransomware incidents need special attention. Delta Force or Seal Team 6 needs to look after them.

    3. Paul Dodd

      How is it going to be automatic? Your device battery explodes – too late to say sorry, it was typo… Boom!

    1. Susan

      I hear you Blake they sure gave! Not this Carrington but the other Carrington.

  3. Dennis Baatlett

    These guys are modern day pirates. The solution is the same as that applied to the pirates of his day by Julius Caesar. Crucifixion. Guaranteed 100% effective against recidivism.

    1. DelilahTheSober

      I agree completely. Sometimes traditional frontier justice is exactly what is needed.

  4. W4phle_Stomp

    It’s less important to me whether they were infiltrated by another or simply pretended to be infiltrated and absconded with the treasure. What’s more important is the incessant parade of users, healthcare, industry, corporate, Gov’t, SMEs, home users, who insist on using a deeply flawed proprietary OS which has about 35 years of history to prove it is deeply insecure and has always been so. It boggles first why infrastructure and utilities feel the need to have their critical systems online and not insular, protected from the internet. Second, I’m baffled why healthcare and Gov’t agencies use Windows with it’s historically-proven lack of security and exploitability. Though I use Linux and BSD, I’m not specifically advocating for any flavour of those above, but I am advocating for using OSes which are provably more secure – yet, they always aim for convenience over security, and if they aren’t ransomed for their system’s functionality, they’re breached with the customers’ or clients’ data stolen.

    1. ausoleil

      It’s not just Microsoft products — home routers are notoriously insecure, and some vendors (looking at you, ASUS) initially tried to claim that their insecurity was actually a feature. Commercial routers for the SMB market aren’t much better, for example Sonicwall just released patches for three zero-day vulnerabilities to its hosted and on-premises email security products. Apple has its share of flaws, as does Linux and others. IOT security is an oxymoron, as is printer security — remember how someone found 800,000+ printers with ports 9100, 515, and 631 open to the public Internet on Shodan?

      And that’s before admin configuration mistakes and users bypassing or ignoring security practices come into play.

      Yeah, Microsoft is definitely a poorly secured OS by default and often by design — but they are by no means alone.

    2. Willllll

      convenience vs security, pick one. Have you ever tried to teach a random adult how to do something even halfway complicated with a computer? They often can’t or won’t learn. Windows is familiar and has been made easy to use for a long time. And are the other OS really truly more secure? or less attacked?….

      1. Paul Dodd

        Security and convenience don’t have much to do with each other in an OS. OK, MFA is less convenient than a passwordless access. Man hacks come from unpatched sw bugs.

      2. Mike H

        YubiCo did a great job of achieving that. I can’t say enough good things about the YubiKey 5 series.

    3. Sean Flanagan

      These attacks routinely require a user to click on a link within an email in order to infest the system. The OS has nothing to do with this problem.

      1. Robert Partridge

        Exactly! Social Engineering exploits the weakest link in the system, the human element. And malicious actors will continue to be successful at.

      2. Not all fails are equal

        That’s not the bottom line only way and yeah the OS and everything around it does matter, sorry, wrong.

        1. Tracy

          Building constant “upgrades” (?) on top of one another (stacked programming) with increasing complexity makes any OS or software unstable… then more patches…circular cycle. Not to mention the gaping security holes a 4th grader could hack thru, left intentionally so a govt entity running some antiquated Unix system from 2003 can spy and see if anyone’s talking about weed in their emails… If one of the points of cryptocurrency is (although anonymous) that there is a transparent traceable ledger of every transaction, should be easier to track than if run thru some crooked laundry bank. “OK we quit” yeah right. there’s a lot of questions about this whole (or half) story. oh and btw filter, firewall and just DON’T click on the email!

      3. Howard L.

        I can agree with this 100%. I had to stop someone applying for a disaster loan from using his SSN as a password. A system is only as secure as its most careless or least informed user.

    4. IndustryInsider

      Why? Because Windows has proven support systems and armies of employees just waiting for you to call and tell them something is wrong. MS has SLA’s that it lives up to or it pays guarantees. When you are big business or big government, and something goes wrong, you can be on the phone talking to Satya in 5 minutes. When your Linux distro goes tits up, who are you gonna call? Linus? Think he’ll give one whit about your problem, or just scream at you that you’re a moron and not doing it right? It’s not about “convenience” – it’s about knowing there’s someone’s butt on the line that you can call when the real crap hits the fan. Microsoft will bust their butt to fix your problem *right this minute*, if it’s a big enough problem (and they have a huge army with which to do so, on demand). They spend millions every year on security training for employees, and deal with actual global threats (like foreign enemies) that sound like plots out of James Bond novels (and that you never hear about). They have an outstanding track record of finding and fixing security issues, on the order of thousands a year, most of which aren’t even in MS products. But ultimately, that’s why the OS continues to exist. Even one security hole (from the last 35 years as you say) left unplugged would render the OS unusable; but it’s not. It keeps on trucking. Risk management isn’t just picking the “most secure platform”. That said, I do agree that a hardened Linux box is the best choice *for certain applications* – like infrastructure – if you have the knowledgeable staff to secure and support it.

      1. tfourier

        @IndustryInsider

        Well I’ve been in the business a lot longer than you, and I’ve read the Win 32 source code and have the technical background to understand it all the way down to the bare iron, worked on commercial security product etc etc, and your comment is about MS “security” is one of the funniest (and most ill informed) comment on the subject I’ve read in quite a while. There is no such thing as secure MS software, never was, never will be. Because that is how MS has always worked. Ever since the Albuquerque days. Any old crap will do. A random dive anywhere in the OS source code will quickly support that opinion. Very basic bugs survive decades in the codebase.

        People who run secure locked down environments work on the assumption that anything from MS (and vendors just like them) is not secure. You firewall it. You post sentries everywhere. DMZ the hell out of it to the lowest practical level of network granularity. You assume nothing. And work on the assumption that it will fail and plan accordingly. You follow the three laws of computer security: paranoia, paranoia, paranoia. You deploy Win machines to end users but you control everything about the machines and wipe and reinstall on a regular basis to enforce policies. No exceptions. No matter how senior the idiot VP is.

        Linux has its issues ( I was never impressed technically) but there is a very large (multi billion $ p.a) support ecosystem and can be secured to the level required. Windows boxes can be given to end users to run the software they are familiar with but unless those workgroups are embedded in a integrated / interlocking Linux / Unix secure infrastructure your organization is going to be taken to the cleaners sooner or later. Absolutely guaranteed.

        Think of it as a technical intelligence test. An all MS house – not a clue what they are doing technically. Mixed MS end user, Linux infrastructure set up. People who actually know what they are doing technically and have made the perfectly reasonable pragmatic trade-offs to get the job done.

        1. mapwench

          Intelligence test yep, a wake up, hopefully… but am I just old and dumb or did anyone question why Colonial did not have a “plan b” ? No one at the company remembers running logistically before computer systems? Don’t they still deliver gas in trucks? Like probably the same drivers going on the same set routes to stations or transfer facilities the same as every certain day of every week? Clipboard and pen instead of digital tablet until IT can clean house and load back up. .. bit slow or inconvenient for a while, but geez NEVER pay those shady cyber criminals that are too stupid to have a real job! Now they think we’re easy targets, and that we’re the morons. Wait, we are supposed to believe their story? Its concerning they mention healthcare facilities and schools… CIA, NSA, FBI get to work dammit, track some IPs or something.

    5. Paul Dodd

      1. Successful ransomware attack: Fire the CEO & CTO.
      2. No insurance cover if lack of staff security training, MFA, crucial system controllable from the internet, patches older than 30 days not applied.
      3. SW manufacturers have liability for zero-day exploits.
      4. Ransom payments ae illegal.

    6. rassalas

      Why be baffled? Just admit you’re a Fanboi…

    7. ClifraJones

      Blaming this on MS is not the answer. Blame the companies with the lax security! That is who is really to blame for this.
      Proper security is always seen as 1. Too expensive, 2. Too intrusive to the end users.

      As an It professional I can tell you many times after implementing some form a IT security that impacted end users I have been told to “pull it back” because the users complained. The other problem is access, many companies have individuals who have way more access than they need. How does your entire operation get compromised when 1 individual gets compromised. As one of the senior network engineers/administrators I can tell you I DO NOT have access to our company financial data. My personal network logon DOES NOT have access to our backups!

      This is not some exotic, complicated, voodoo science you need to implement to secure your network. 99.99999% of these incidents occurred because someone at the targeted company “let the bad guys in the front door!” Mostly through a targeted email or a web link. Both of which can be stopped.

      These bad actors are not geniuses! What they do know is that your average computer user is a moron! Morons who will click links in email with abandon and want to spend 5-% of their day on Social Media sites on YOUR network!

      If you leave your front door unlocked and advertise you just went on vacation on Facebook and some crook steals your stuff, the crook is still a criminal, and your still an idiot!

  5. NobodySAIDboo

    do not worry they are all safe ,happy and rich now in Israel,they will be on Isralie tv soon to tell how they did it,same as the 911 murderers.

    1. Mr E

      Are you kidding? Your baseless hate for Israel disappoints me.

    2. Paul Dodd

      So 9/11 perpetrators were on Israeli TV? Comments leaking in from another universe.

  6. the.raw

    Is this for real? There’s a code of conduct for ransomware deployments? Seriously?

    I prefer to authenticate this story, but such that it is, i must say I am disappointed. Apparently, the only way to stop a bad guy on a computer is another bad guy supplying the software.

  7. Notaserialkiller

    What are the CIA, NSA, FBI etc doing all day? Too busy making WOKE recrtuiting videos

  8. Stephan B Feibish

    If committed by a nation state it would be called an act of sabotage or an act of war.

  9. mealy

    Question – Why do Trump fools make things up, do they believe it helps them win credibility somehow lol?
    Go eat a baby in a pizza parlor already.

  10. Lindy

    I’ll believe they closed the day I win the Powerball lottery.
    They can say what ever they want but it doesn’t mean anything… they are criminals after all.
    Thanks for trying to cheer me up Brian.

    1. Paul Dodd

      Got a good publicity department, probably decided to take a long holiday with the proceeds. Good luck with the lottery.

  11. Lucius Quinctius

    There still need to be real repercussions for these and the other ransonware operators.

    It should be open season on these guys and not stop still it’s done.

    This may or may not be a ploy by them to distract attention. I hope it doesn’t distract us. I also hope that we get enforcement people with cojones whether from a state or licensed by one to hunt.

    1. Paul Dodd

      A problem is that there’s a lack of international cooperation between China, Russia, Nigeria and the U.S. re investigation, extradition & prosecution. These attacks damage trade and trust. There needs to be a treaty, something like “International Convention on Cybercrime”. Obviously North Korea won’t sign, unless China leans on Kim.

  12. Cindi Carter

    I can’t help but think about the security team at Colonial Pipeline. As if the day-to-day of a security practitioner isn’t stressful enough, I can only imagine the pressure cooker the Colonial Pipeline teams have been experiencing, and they deserve our support. I don’t think this “exit” from DarkSide is any promise of relief.

    1. Eric Nesbit

      Colonial Pipeline didn’t deserve to be attacked but the company was notoriously bad at cybersecurity. Google Robert F. Smallwood for an audit done on the company three….yes three….years ago.

      It was a badly run company that continued to fail but managed to keep going because it could produce a product cheeply. Even during the attack, they had the ability to continue sending oil but chose to shut down because they didn’t know any alternative way of billing customers.

      On top of that, they paid the ranson because their secure systems’ backups would have taken too long to decrypt and deploy. It was fast to just pay the ransom. And that’s insane given their incompetence level as demonstrated means that had they not been attacked by cyber criminals who could return their systems to normal, and had they suffered a system failure forother reasons, they likely would have the capability to bring themselves back to full production for a considerably long period of time.

      They are fly-by-nighters whk got caught with their pants down and who’s leadership are too incompetent to be able to learn from it. Raising prices on their product to pay for better IT staff, policies, and practices is something that likely won’t happen for them. And it will cost the east coast again and again until their execs are prosecuted for criminal negligence, found guilty, and sent to prison for it.

      And yes, it is THAT bad.

  13. Paliku

    Unless our own NSA stole the loot – which would be GREAT, I would guess it is a ploy that will benefit Putin. We will probably never know. I fully support our cyberwarfare personnel hunting and screwing with these hackers in perpetuity. Or a projectile or space trash hitting their HQ “Act of God” scenarios – lol. Never mind the politics – groups like this hurt us all regardless of where you come from.

  14. Dixie

    Anyone think Bitcoin wallet being hacked is a bigger story? I do.

    1. Treed

      That’s a good point. Why is it every time I hear about a wallet it has been hacked? Can you not 2fa those things?

    2. rassalas

      Yes, that is the elephant in this room.

    3. JamminJ

      I think the conclusion of this article suggests that it was not a hack, or even an exit scam.
      Rather a false flag in an attempt to get the heat off them.

      If the public and the US media think that someone has already retaliated against them and they lost money, then maybe they can quietly slip away.

      Remember their MO. They don’t want to attract any attention, and this colonial pipeline attack was way bigger than they thought it would be.

  15. Art K

    Possible solution to ransomware – remove the incentive!

    I hope I am not showing too much ignorance here but aren’t all Bitcoin (cryptocurrency), transactions publicly recorded, trackable and verified via wallet to wallet blockchains? If so, why not blacklist any and all ransomware receiving wallets rendering them worthless?

    The blacklisted wallet identifiers could be distributed by the same mechanism as the blockchains themselves. There might have to be some vetting process to prevent bad faith blacklisting. However, any legitimate wallet holder could appeal such a designation to reverse the blacklisting. Would have to create some sort of appellant mechanism that would protect anonymity as well as validate the rulings but is should be doable.

    In essence, the true ransomeware criminals would have to identify themselves and admit their guilt to get a reversal which they would not do nor would their blacklisting be reversed.

    1. JamminJ

      That indeed could be created as a new type of cryptocurrency.
      Of course, one of the main reasons why Bitcoin and other popular cryptocurrencies are so popular, is they’re not managed by any government or authority that could implement such a blacklist.

      Several cryptocurrencies have been created that do have other features and some are even managed by corporations.
      Those will never likely be popular at scale.

      If you create a better cryptocurrency than bitcoin, but with a feature that makes it hard for criminals, then criminals simply won’t use that coin, but use what’s already available.

      Criminals will simply use the next best option.

      1. Art K

        You have to think outside of the box. I didn’t think I had to spell it out explicitly. Instead of immediately arguing why it wouldn’t work, try thinking of possible ways to make it work.

        I didn’t say government or corporate entity but implied some sort of community process. Simply publishing a suspect/criminal wallet ID wouldn’t be sufficient as that would quickly be abused hence the appellant requirement. There must be some way for this to be implemented without involving government or corporate control. I hesitate to suggest a community voting/vetting process as that for sure would be unwieldy.

        Regarding to running to an alternate currency: If all legitimate cryptocurencies implemented such a mechanism, (including current ones), then it is irrelevant if criminals use it. Whatever is left would be non-spendable – i.e., worthless. Yes, criminals would revert to other ways to continue their activities but they would be forced into more trackable/traceable media – hopefully making it more likely that they be caught.

        1. mapwench

          A plug in, patch, add on… exactly! A custom crypto filter/firewall with built in extinguisher! (programmingly speaking) Virtual ink bomb on the coin! Brilliant!

  16. David Wishengrad

    It’s bad to do this to hospitals and the such because those organizations are faced with saving lives, right?

    It’s about saving life. Right?

    Now which is really a greater evil?
    To needlessly harm life and freely admit that you are doing that or to replace to dismiss the only truthful reason to care about life in the first place, “Life is Most Important in Life” while simultaneously claiming to represent life’s truthful interests?

    You see, there is truth that goes like this: “Life is Most Important in Life is The Most Important Truth in Life” or like this: “The Most Important Truth in Life is Life is Most Important in Life”.

    Once a person has been shared this truth if they then speak on behalf of life again and dismiss this truth as always being true they are in fact a person doing the most wicked evil of all.

    Needless and preventable suffering and death only occur AFTER the truth “”Life is Most Important in Life” is dismissed as always being true. In fact, that person is dismissing the very cure and prevention of all needless and preventable suffering and death while simultaneously claiming to represent life’s truthful interests.

    That is an evil so wicked that it cannot be forgiven. All people able to comment on the internet cam easily understand this truth if they choose to. Any claim of not understanding is a bot or a lie by a person using life to argue the that this truth is always true and as such contradicting any point that life may not be truthfully most important.

    So, if you want to prove to us all that you have no soul, just speak speak for life and dismiss this truth that was freely shared with you all.

    This goes for the staff here too. Do you all agree this truth is correct and the reason you work on security or is there another more important reason and what is that reason?

    Thank you. You are all Truthfully Most Important. That’s non-negotiable. It’s always true.

    1. David Wishengrad

      That was my first comment here. I forget to stop and fix typos and fix some grammar.

      I was just saying people, I do appreciate knowing about security flaws and what is going on. It protects life. I don’t appreciate it when people use life causes to promote something that is wrong. It happens. We all make mistakes.

      Our lives are moved into a completely new place once we are told the truth “Life is Most Important in Life”.

      No one can honestly say they were not told, that were.
      No one can present a higher truth or equal truth that is shared in common that contradicts this truth.

      So, they can’t honestly say they know or understand better. Where is that ‘other’ truth? Show me it without using life in contradiction.

      So, no, they did not have better. Again, any claim by a person to not understand is a lie.

      You have all been freely handed the cure for all needless and preventable suffering and death today on a public security board. And you have been forced to choose to loose or keep.your soul in regard to life. To do the soulless action or the responsible action. You can’t ever get kut of getting told better. This really it is and it’s completely real and some religious nonsense.

      All you have to do is affirm this truth in a responsible public fashion going forward. Any person claiming to represent life’s truthful interests who dismisses it looses their very soul on the spot.

      Let’s get those who are really out to do evil out in the open. Let them publicly throw themselves against this truth in full witness of their peers and show us all again and again that they have no soul. That will make life much better for all of us and will enable much better electronic security to protect life. It’s free and easy. The instructions for use are the very words themselves. It’s not at all complicated, but if you like complexity, there is also enough there to keep you real busy with discovery.

      Perfect Equality Among Celestial Entities

      1. David Wishengrad

        Sigh, I tried. It’s hard for an older guy on a cell.

        To do the soulless action or the responsible action. You can’t ever get OUT of getting told better. This really is it and it’s completely real and NOT some religious nonsense.

        Thank you for your understanding.

    2. Paul Dodd

      Sorry, no. “important” and “evil” are words without absolute meaning, especially in the way that you are using them. What you do with the life you are given is something to consider. According to your script you will never achieve death. Anyone can be forgiven.

    3. rassalas

      Sorry, Hospitals are only involved in the business of making money, unfortunately they have to experiment on real humans in order to do so. It took a pandemic to highlight how little the doctors actually do to earn their mcmansions and drive around in their Bugatti’s.

  17. Michael P. O'Hara

    About time the feds took the gloves off. Which I have no issue with.

    They will hopefully start to go Beast Mode and start attacking cybercriminals as soon as their servers are detected online. Your corporate taxes help fund all federal orgs – including the pretty damned good offensive teams at the NSA, CIA, etc.

    Hunting down and destroying these rings should become the de facto policy of US security orgs… ransomware is only the newest weapon cybercrime’s using against orgs/companies. What’s next? And why give them the chance to blast another agency/company?

    Pres. Biden – I voted for you. Drop the sledgehammer on these clowns. The arms race needs to be won. Now.

    1. Paul Dodd

      Still need to act within the law/constitution. Cybercriminals usually are in another country: the FBI has no jurisdiction, except AFTER an attack. Perhaps companies with critical infrastructure could be fined for not having good security. This would not be that difficult for the FBI to test. A “great firewall” as in China could also help, but it’s probably politically a no-go.

  18. V. Black

    There are so many pieces missing from this puzzle.

    If they were shut down by an official actor, then why has no one taken credit? “Hit us and we’ll take you out if business” is surely the greatest deterrent there is?

    The thought that sends shivers down my back is what if this was done by an other cybercriminal group that was getting fed up with ransomware generating so much publicity, and thereby awareness of cybersecurity issues?
    People have a tendency to think that if all is quiet, then all is well, which surely plays right into the hands of groups like Hafnium and such.

    “All is quiet on the west front.”

  19. Matt

    We need a strong leader in office, like previous administration, that would go after these ransomware gangs bigly. No one trusts clueless China Biden to do the right thing.
    I believe this group packed up and just lying low.

    1. BlackH20

      Biden asked if he knew the company paid the ransom looked like a dear in the headlights. Then after a dementia long pause stated “no comment”. Meanwhile, Microsoft’s leader was hanging with Epstein and taking rides on a plane set up for sex with sex slave minors in the sky. Maxwell, will she ever get a chance to tell on all the corrupt leaders? Doubt it!

  20. Craven moorehead

    The no brainer for president was trump and his lawlessness, his whole cabinet should be locked up starting with Bill barr!!

  21. Randy

    Uhmm, President Trump lost the popular vote by 3 million!

  22. Michael Wiseman

    And the comments quickly devolve into a political rant, as expected. Why people don’t keep on topic is beyond me.

    Evidently, there is no honor amongst thieves and one of their own wiped them out. Kind of like when my ex’s 2nd husband stole my money from her.

    If we want to punish Russia, just cut them off from the internet

    1. JamminJ

      Yeah. Just call up the CEO of the Internet.

  23. John

    Blockchain miners are scammers as well ! They got $3000 if my money ! They keep telling me to make this last payment to get my profit .so I make a payment for the fees and they come up with more fees never to pay me my profit!! They mined $500 and have now charged $2500 in fees never to pay me!

  24. MikeW

    It seems the Russians know how to, and are willing to with fervor, deal with extortionists within their country. When will we get the will and the capability?

  25. MikeW

    Will any of the seized Bitcoin and other assets by returned to Colonial to offset their $5 million extortion payment so that their stock holders don’t have to eat it?

  26. J.D.

    They are a European group from many countries from what I read.

  27. Henry the eighth

    Aww, that’s a shame

    Play stupid games, win stupid prizes

Comments are closed.