After a cyber attack, Colonial said it was moving toward a partial reopening of its pipeline system -- the largest fuel network between Texas and New York AFP 44 MINUTES AGO MAY 15, 2021 Russia-based cyber-extortionist Darkside appeared out of business Friday after unknown actors shut down the servers of the group, which had forced the closure of a large US oil pipeline in a multi-million dollar ransomware scam. Various groups, including Darkside before it was shut down, posted fresh information on companies whose data had been hacked and was being held for payments that can run into the millions of dollars. https://www.theaustralian.com.au/ne...m/news-story/ef0edabca87350416e8da205d8886054
Well, sure. They got their money. Why bother continuing to spend money on an operation that has outlived it's useful value. I think it was Jason Bourne-esque types.
Interesting tidbit: "The hack only affected payment processing. The pipeline was closed because the company didn't want to deal with manual billing." Thanks Colonial...
They definitely did not get paid a penny in this case. Most likely has the NSA or other US agency shown its might and shut them down.
Multiple people on Reddit mentioned it. Kinda interesting the major news sources "forgot" to mention it. It would put the blame on Colonial, not on the hackers. Paying the ransom also wasn't really advertised: "Colonial Pipeline paid the hackers who shut down some of its networks nearly $5 million in ransom, a U.S. official familiar with the matter said Thursday. News of the payment was first reported by Bloomberg. The U.S. official did not say how or when the company paid." I think they paid on Thursday with crypto obviously, although my guess is it wasn't bitcoin.
"There is some speculation by other actors that this could be an exit scam," noted Kimberly Goody at Mandiant Threat Intelligence, part of the FireEye security group. On internet you never know what is real and what is fake.
For those that don't know, 'exit scam' meaning, Hackers got paid, but hackers must act as though they were counter-hacked, shut down (regarding this particular hack), and not paid.
They probably got paid: Elliptic, a specialist in crypto currency business and blockchain systems, said it had tracked down the bitcoin wallet used by Darkside to receive some payments. Elliptic said the wallet had received a payment of 75 bitcoin ($3.8 million) from Colonial on May 8. It said the wallet, active since March 4, had received a total of 57 bitcoin payments worth $17.5 million.