Colonial Cybercriminal Group’s DarkNet Website No Longer Accessible
The dark web page belonging to the DarkSide hacking group is down, as Bloomberg states. The Russian ransomware group is accused of attacking Colonial Pipeline.
DarkSide was identified by the FBI and cybersecurity experts as the group responsible for the Colonial attack, that forced the company to shut down operations, causing fuel shortages in parts of the United States. DarkSide’s operations have been linked to Russia and other Eastern European countries.
So far, it is not entirely clear, whether the site is down due to a technical issue, which is common on the dark web, or an action by law enforcement. The possibility also exists that the group itself shut down the website.
Ransomware is a specific type of malware that encrypts the files of a victim. The bad actors then demand an amount of money as ransom from the victim in exchange for restoring access to the stolen data.
At least 8 domains or websites are maintained by DarkSide on the dark web. One of these is a public-facing website used by DarkSide and its hackers to name and shame the victims of ransom requests ignored or denied by the group. The group uses the other seven sites to host the data it has stolen.
More than half of DarkSide’s websites are down
Four of these seven websites are unavailable. Three of them are loading blank pages and the other one simply reads Darkside CDN.
Dark web researchers speculated that the breakdown could be the effort of DarkSide to duck the police when faced with the attack turmoil.
According to Mark Turnage, co-founder of DarkOwl, a dark web and cyber research firm, “DarkSide is likely going to go quiet and rebrand itself, as we’ve observed with other darknet ransomware operators in the past when they became targets of law enforcement”.
The group said that a partner could be guilty of Colonial’s attacks in a message. Like other criminal ransomware groups, DarkSide offers to sell its malware to others as a service (RaaS).
According to the message, “We are apolitical. We do not participate in geopolitics,”
“Our goal is to make money and not creating problems for society. From today, we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.”