U.S. government denies disrupting Russian ransomware ring that hacked Colonial Pipeline – By Ellen Nakashima (The Washington Post) / May 19 2021
The U.S. government was not behind the disruption last week of a Russian hacker ring’s computer network in the wake of the devastating cyber attack on a major U.S. fuel pipeline, four U.S. officials said, while experts said the group’s disappearance could be a ploy.
© Francois Picard/AFP/Getty Images A sign at the Colonial Pipeline Houston Station facility in Pasadena, Texas, warns against trespassing.
The shuttering of DarkSide’s operation last Thursday also has led to grousing by hackers affiliated with the group who claim they have not been paid by the ringleaders, according to cyber experts tracking the group. It is not clear if these affiliates were involved with the cyber attack on Colonial Pipeline on May 7, which led the company to shut down its pipeline for days, creating fuel shortages and panic buying in the southeastern United States.
Last Thursday, DarkSide announced that it had lost access to its servers, which it used to house and display data stolen from victims and to store ransoms it had collected for unlocking computer networks or refraining from releasing victims’ data online.
“In addition,” the group stated in a blog post, “funds from the payment server (belonging to us and our clients) were withdrawn to an unknown account.”