Hacker group DarkSide have allegedly shut down their operations. They became notorious when they recently hacked the Colonial Pipeline, which runs from Texas to New Jersey. As operations were stopped, gas prices increased, long lines were seen at petrol pumps and there was alleged hoarding of gas. Federal agencies were asked to investigate the group of hackers who were said to be based in Russia. It pointed the ransom attack to DarkSide. An official, on the condition of anonymity, said that Colonial Pipeline had paid a ransom in Bitcoin.
DarkSide operated as a company that offered “ransomware as a service.” It offered tools that it sold to cyber criminals who used them to hack into company and hold them at ransom. DarkSide received a cut from the proceeds. Payments were made on Bitcoins.
Bitcoins or cryptocurrencies are a favorite of criminals because.
- they are difficult to trace.
- have a certain amount of anonymity.
- can be converted to normal currency.
- can be used to buy certain goods.
However, with a lot of research, blockchain companies can trace cryptocurrency wallets. On Friday, London based firm Elliptic said that it has found the wallet that was used by the DarkSide hackers. On Tuesday, the blockchain analytic company said that the hackers and its affiliates had collected at least $90 million as ransom. They obtained ransoms from over 47 companies around the world in less than a year’s time. The firm said that average payout could have been $1.9 million.
Elliptic also said that the digital wallet belonging to DarkSide had $5.3 million in digital currency before it was drained. It is speculated that the U.S. government may have drained DarkSide’s wallet.
On Wednesday, after the Colonial Pipeline was attacked by ransomware, President Biden, in a bid to strengthen cyberspace, signed an executive order that would help to fortify the nation’s cyber security defenses.
The cybercrime network was shut down last week according to Intel471, who are security researchers The gang at DarkSide said that it had lost access to its servers. It also said that its cryptocurrency wallets had been emptied. The hackers also blamed the U.S. for putting pressure, according to a note obtained by Intel471.