Darkside—the ransomware group that disrupted gasoline distribution throughout a large swath of the US this week—has gone darkish, leaving it unclear if the group is ceasing, suspending, or altering its operations or is solely orchestrating an exit rip-off.
On Thursday, all eight of the darkish websites Darkside used to speak with the general public went down, they usually stay down as of publication time. In a single day, a put up attributed to Darkside claimed, with out offering any proof, that the group’s web site and content material distribution infrastructure had been seized by regulation enforcement, together with the cryptocurrency it had obtained from victims.
The canine ate our funds
“In the meanwhile, these servers can’t be accessed by way of SSH, and the internet hosting panels have been blocked,” the put up said, in line with a translation of the Russian-language put up published Friday by safety agency Intel471. “The internet hosting assist service would not present any data besides ‘on the request of regulation enforcement authorities.’ As well as, a few hours after the seizure, funds from the cost server (belonging to us and our purchasers) had been withdrawn to an unknown account.”
Biz & IT – Ars Technica