DarkSide Ransomware Servers Reportedly Seized, Operation Shuts Down

After the cyberattack on the Colonial pipeline, the operation shuts down due to ransomware servers reportedly allegedly seized.

The group lets third parties use its ransomware to get from victims and receive a share in return. The attackers looking around for administrator accounts throughout the network and then infects the servers and machines. After the seizure, they receive payment which goes to an unknown account. Darkside takes responsibility for all these attacks. The colonial pipeline is also affected by these attacks. Bloomberg reported that they agree to the ransom of 75 Bitcoin, which is $5 million. 

The news of the Darkside ransomware shut down was share by a threat actor UNKN, the public representative of the ransomware gang REvil.  REvil is a crime group that comes in 2019. After all, this, when the news comes to President Biden, said at the White House that the countries hosting ransomware must take a step to shuts them down. Biden also added that I emphasized we do not believe that the Russian government was involved in the attack. But the reason to believe that the criminals who committed attacks live in Russia. 

We have been in direct communication with Moscow’s authoritative that responsible countries take serious action against ransomware. The security researchers and journalists do not find Darkside’s data; it was no longer on the breach site, and it was a wonder that police had seized the server. The Bleeping computer confirmed that the Darkside payment service still operational as of this writing. If the policy seized the server, they might be running to allow victims to access its decryptors. 

In the blog post on the Darkside closure, cyber intelligence firm Intel 471 said it believe all these activities can be tie up straight the reaction related to the ransomware high profile attacks cover by media this week. The BitMix, a cryptocurrency mixing service used by Avaddo, Darkside, and REvil, has allegedly stopped operation. This point wrote by Intel 471; in addition, they said several apparent customers of the service reported that they were at a loss to approach BitMix.

The attacks were not only held in one state. Giant Brenntag, the German chemical distribution, paid $4.4 million when the ransomware attacks its IT network in North America. Many of the companies were affected by the attack of Darkside. The Babuk ransomware group attacks the Metropolitan Police Department located in the District of Columbia. Different names with groups attacks all over the world. The attacks are not yet identified; the federal government cybersecurity is improving the online security channels. 

Reference: https://www.bleepingcomputer.com/news/security/darkside-ransomware-servers-reportedly-seized-operation-shuts-down/