The group 'DarkSide' that attacked the oil pipeline using ransomware declares 'store closed'

The cybercriminal group 'DarkSide', which launched a ransomware attack on America's largest oil pipeline, declared the store closed, saying that 'someone has transferred the virtual currency it owned to an unknown account.'

DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized – Krebs on Security

According to the information, DarkSide will not be able to access the blog that published the data stolen from the company that refused to pay the ransom, the server used for receiving the ransom and transferring money within the group, the DOS server, etc. A few hours later, the virtual currency he owned was sent to an unknown account.

In response to this situation, Dark Side declared 'the store is closed'. It has announced that it will provide decryption tools to all victims who have been attacked by ransomware but have not yet paid their ransom and whose data remains encrypted.

The 'Store Close' declaration is also believed to be due to the fact that Russia's cybercrime forums are beginning to shy away from ransomware-related topics as 'becoming hype,'dangerous and harmful'.' ..

However, cyber intelligence company Intel 471 points out that this is just a store as Dark Side, and it may be renamed.

The moral underground? Ransomware operators retreat… |

In that case, BitMix, a virtual currency 'money laundering' service used by cybercriminal groups such as DarkSide, stopped operating in early May 2021, so it is necessary to find a new money laundering service. It is about.

in Security, Posted by logc_nt