DarkSide, the group responsible for the Colonial Pipeline cyber attack that caused fuel shortages and price increases across the US, is reportedly shutting down due to "pressure" from the US government.
The group's name-and-shame blog, ransom collection website and content delivery network, or CDN, were seized while funds from their cryptocurrency wallets were transferred to unknown accounts by unidentified entities, DarkSide said in a message shared on several cyber crime forums and hacking websites.
“We lost access to the public part of our infrastructure, in particular to the blog, payment server, CDN servers … these servers cannot be accessed and the hosting panels have been blocked,” DarkSide said.
“A couple of hours after the seizure, funds from the payment server [belonging to DarkSide and its clients] were withdrawn to an unknown account.”
DarkSide, which made its first appearance in August, is a relatively new group behind ransomware attacks. It also ran an affiliate programme to help other hacker groups in their infiltration attempts.
The group said it issued decryption software to all its partners and affiliates to retrieve the encrypted data.
“In view of the above [account seizures] and due to the pressure from the US, the affiliate programme is closed,” DarkSide said.
“You will be given decryption tools for all the companies that have not paid yet … you will be free to communicate with them wherever you want in any way you want.”
DarkSide follows the ransomware-as-a-service model, meaning it sells or leases ransomware to others to carry out attacks.
The group also has a help desk to arrange negotiations with victims and to collect information about their targets.
Industry experts said this could be an attempt by DarkSide to avoid public attention and negative publicity.
“We have not independently validated these claims and there is some speculation by other actors that this could be an exit scam,” said Kimberly Goody, senior manager of financial crime analysis at Mandiant, a subsidiary of FireEye.
DarkSide is a typical case of criminal groups involved in “big game hunting”, said Vladimir Kuskov, head of threat exploration at Moscow-based Kaspersky.
“It looks like they did not expect such consequences and attention after the latest attack on Colonial Pipeline and now they are planning to introduce some sort of moderation to avoid such situations in the future,” he said.
DarkSide’s statement came after US President Joe Biden said the authorities would go after those responsible for the Colonial Pipeline attack.
“We have been in direct communication with Moscow about the imperative for responsible countries to take decisive action against these ransomware networks,” Mr Biden said on Thursday.
The attack established the need to improve the cyber defence capabilities of the US, he said.
Mr Biden outlined plans to spend $4 trillion on infrastructure, social welfare and education programmes.
Colonial paid about $5 million to hackers on Friday to regain control of its systems, according to Bloomberg. In earlier reports, the company had insisted that it did not plan to pay the ransom.
The largest pipeline in the US - in pictures:
COMPANY%20PROFILE
%3Cp%3E%0D%3Cbr%3E%3Cstrong%3ECompany%20name%3A%20%3C%2Fstrong%3EClara%0D%3Cbr%3E%3Cstrong%3EStarted%3A%20%3C%2Fstrong%3E2019%0D%3Cbr%3E%3Cstrong%3EFounders%3A%20%3C%2Fstrong%3EPatrick%20Rogers%2C%20Lee%20McMahon%2C%20Arthur%20Guest%2C%20Ahmed%20Arif%0D%3Cbr%3E%3Cstrong%3EBased%3A%20%3C%2Fstrong%3EDubai%0D%3Cbr%3E%3Cstrong%3EIndustry%3A%20%3C%2Fstrong%3ELegalTech%0D%3Cbr%3E%3Cstrong%3EFunding%20size%3A%3C%2Fstrong%3E%20%244%20million%20of%20seed%20financing%0D%3Cbr%3E%3Cstrong%3EInvestors%3A%20%3C%2Fstrong%3EWamda%20Capital%2C%20Shorooq%20Partners%2C%20Techstars%2C%20500%20Global%2C%20OTF%2C%20Venture%20Souq%2C%20Knuru%20Capital%2C%20Plug%20and%20Play%20and%20The%20LegalTech%20Fund%3C%2Fp%3E%0A
Jebel Ali card
1.45pm: Maiden Dh75,000 1,400m
2.15pm: Handicap Dh90,000 1,400m
2.45pm: Maiden Dh75,000 1,000m
3.15pm: Handicap Dh105,000 1,200m
3.45pm: Maiden Dh75,000 1,600m
4.15pm: Handicap Dh105,000 1,600m
4.45pm: Handicap Dh80,000 1,800m
The National selections
1.45pm: Cosmic Glow
2.15pm: Karaginsky
2.45pm: Welcome Surprise
3.15pm: Taamol
3.45pm: Rayig
4.15pm: Chiefdom
4.45pm: California Jumbo
Engine: 80 kWh four-wheel-drive
Transmission: eight-speed automatic
Power: 402bhp
Torque: 760Nm
Price: From Dh280,000
French business
France has organised a delegation of leading businesses to travel to Syria. The group was led by French shipping giant CMA CGM, which struck a 30-year contract in May with the Syrian government to develop and run Latakia port. Also present were water and waste management company Suez, defence multinational Thales, and Ellipse Group, which is currently looking into rehabilitating Syrian hospitals.
Drishyam 2
Directed by: Jeethu Joseph
Starring: Mohanlal, Meena, Ansiba, Murali Gopy
Rating: 4 stars
Islamophobia definition
A widely accepted definition was made by the All Party Parliamentary Group on British Muslims in 2019: “Islamophobia is rooted in racism and is a type of racism that targets expressions of Muslimness or perceived Muslimness.” It further defines it as “inciting hatred or violence against Muslims”.
Guardians%20of%20the%20Galaxy%20Vol%203
%3Cp%3E%3Cstrong%3EDirector%3A%20%3C%2Fstrong%3EJames%20Gunn%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EStars%3A%3C%2Fstrong%3E%20Chris%20Pratt%2C%20Zoe%20Saldana%2C%20Dave%20Bautista%2C%20Vin%20Diesel%2C%20Bradley%20Cooper%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3ERating%3A%3C%2Fstrong%3E%204%2F5%3C%2Fp%3E%0A
Benefits of first-time home buyers' scheme
- Priority access to new homes from participating developers
- Discounts on sales price of off-plan units
- Flexible payment plans from developers
- Mortgages with better interest rates, faster approval times and reduced fees
- DLD registration fee can be paid through banks or credit cards at zero interest rates
Killing of Qassem Suleimani
Ultra processed foods
- Carbonated drinks, sweet or savoury packaged snacks, confectionery, mass-produced packaged breads and buns
- margarines and spreads; cookies, biscuits, pastries, cakes, and cake mixes, breakfast cereals, cereal and energy bars;
- energy drinks, milk drinks, fruit yoghurts and fruit drinks, cocoa drinks, meat and chicken extracts and instant sauces
- infant formulas and follow-on milks, health and slimming products such as powdered or fortified meal and dish substitutes,
- many ready-to-heat products including pre-prepared pies and pasta and pizza dishes, poultry and fish nuggets and sticks, sausages, burgers, hot dogs, and other reconstituted meat products, powdered and packaged instant soups, noodles and desserts.
MATCH INFO
RB Leipzig 2 (Klostermann 24', Schick 68')
Hertha Berlin 2 (Grujic 9', Piatek 82' pen)
Man of the match Matheus Cunha (Hertha Berlin
Tax authority targets shisha levy evasion
The Federal Tax Authority will track shisha imports with electronic markers to protect customers and ensure levies have been paid.
Khalid Ali Al Bustani, director of the tax authority, on Sunday said the move is to "prevent tax evasion and support the authority’s tax collection efforts".
The scheme’s first phase, which came into effect on 1st January, 2019, covers all types of imported and domestically produced and distributed cigarettes. As of May 1, importing any type of cigarettes without the digital marks will be prohibited.
He said the latest phase will see imported and locally produced shisha tobacco tracked by the final quarter of this year.
"The FTA also maintains ongoing communication with concerned companies, to help them adapt their systems to meet our requirements and coordinate between all parties involved," he said.
As with cigarettes, shisha was hit with a 100 per cent tax in October 2017, though manufacturers and cafes absorbed some of the costs to prevent prices doubling.
MOTHER%20OF%20STRANGERS
%3Cp%3EAuthor%3A%20Suad%20Amiry%3Cbr%3EPublisher%3A%20Pantheon%3C%2Fp%3E%0A%3Cp%3EPages%3A%20304%3Cbr%3EAvailable%3A%20Now%3C%2Fp%3E%0A
