This is interesting because security experts have posited that many of DarkSide’s core members are closely tied to the REvil gang. The DarkSide message includes passages apparently penned by a leader of the REvil ransomware-as-a-service platform. “After that, you will be free to communicate with them wherever you want in any way you want,” the instructions read. “Also, a few hours after the withdrawal, funds from the payment server (ours and clients’) were withdrawn to an unknown address.”ĭarkSide organizers also said they were releasing decryption tools for all of the companies that have been ransomed but which haven’t yet paid. “Hosting support, apart from information ‘at the request of law enforcement agencies,’ does not provide any other information,” the DarkSide admin says. “A few hours ago, we lost access to the public part of our infrastructure,” the message continues, explaining the outage affected its victim shaming blog where stolen data is published from victims who refuse to pay a ransom. “Servers were seized (country not named), money of advertisers and founders was transferred to an unknown account,” reads a message from a cybercrime forum reposted to the Russian OSINT Telegram channel. The crime gang announced it was closing up shop after its servers were seized and someone drained the cryptocurrency from an account the group uses to pay affiliates. The DarkSide ransomware affiliate program responsible for the six-day outage at Colonial Pipeline this week that led to fuel shortages and price spikes across the country is running for the hills.
0 kommentar(er)
